deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

resolved two content conflicts

Browse Source
This commit is contained in:
LauraKellerGitHub 2020-01-13 15:19:48 -08:00
commit 3126413c90
351 changed files with 5592 additions and 4843 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
.openpublishing.redirection.json
View File

@ -45,6 +45,16 @@
"redirect_url": "https://docs.microsoft.com/hololens/hololens1-clicker#restart-or-recover-the-clicker",
"redirect_document_id": false
},
{
"source_path": "devices/hololens/hololens-find-and-save-files.md",
"redirect_url": "https://docs.microsoft.com/hololens/holographic-data",
"redirect_document_id": false
},
{
"source_path": "devices/hololens/hololens-management-overview.md",
"redirect_url": "https://docs.microsoft.com/hololens",
"redirect_document_id": false
},
{
"source_path": "devices/surface/manage-surface-pro-3-firmware-updates.md",
"redirect_url": "https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates",
@ -956,6 +966,11 @@
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-atp/overview-hunting-windows-defender-advanced-threat-protection.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/overview-hunting.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview",
"redirect_document_id": false
@ -966,6 +981,51 @@
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-filecreationevents-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-imageloadevents-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-logonevents-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machineinfo-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-miscevents-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-networkcommunicationevents-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-processcreationevents-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-registryevents-table.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table",
"redirect_document_id": true
},
{
"source_path": "windows/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection",
"redirect_document_id": true
@ -1657,11 +1717,6 @@
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-atp/overview-hunting-windows-defender-advanced-threat-protection.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-atp/overview-secure-score-windows-defender-advanced-threat-protection.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score",
"redirect_document_id": true

12
browsers/edge/group-policies/index.yml
View File

@ -2,19 +2,19 @@
documentType: LandingData
title: Microsoft Edge group policies
title: Microsoft Edge Legacy group policies
metadata:
document_id:
title: Microsoft Edge group policies
title: Microsoft Edge Legacy group policies
description: Learn how to configure group policies in Microsoft Edge on Windows 10.
description: Learn how to configure group policies in Microsoft Edge Legacy on Windows 10.
text: Some of the features in Microsoft Edge gives you the ability to set a custom URL for the New Tab page or Home button. Another new feature allows you to hide or show the Favorites bar, giving you more control over the favorites bar.
text: Some of the features in Microsoft Edge Legacy gives you the ability to set a custom URL for the New Tab page or Home button. Another new feature allows you to hide or show the Favorites bar, giving you more control over the favorites bar. (To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).)
keywords: Microsoft Edge, Windows 10, Windows 10 Mobile
keywords: Microsoft Edge Legacy, Windows 10, Windows 10 Mobile
ms.localizationpriority: medium
@ -36,7 +36,7 @@ sections:
- type: markdown
text: Microsoft Edge works with Group Policy and Microsoft Intune to help you manage your organization's computer settings. Group Policy objects (GPOs) can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences.
text: (Note - You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).) Microsoft Edge Legacy works with Group Policy and Microsoft Intune to help you manage your organization's computer settings. Group Policy objects (GPOs) can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences.
- items:

10
browsers/edge/index.yml
View File

@ -2,19 +2,19 @@
documentType: LandingData
title: Microsoft Edge Group Policy configuration options
title: Microsoft Edge Legacy Group Policy configuration options
metadata:
document_id:
title: Microsoft Edge Group Policy configuration options
title: Microsoft Edge Group Legacy Policy configuration options
description:
text: Learn how to deploy and configure group policies in Microsoft Edge on Windows 10. Some of the features coming to Microsoft Edge gives you the ability to set a custom URL for the New Tab page or Home button. Another new feature allows you to hide or show the Favorites bar, giving you more control over the favorites bar.
text: (Note - You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).) Learn how to deploy and configure group policies in Microsoft Edge Legacy on Windows 10. Some of the features coming to Microsoft Edge Legacy gives you the ability to set a custom URL for the New Tab page or Home button. Another new feature allows you to hide or show the Favorites bar, giving you more control over the favorites bar.
keywords: Microsoft Edge, Windows 10
keywords: Microsoft Edge Legacy, Windows 10
ms.localizationpriority: medium
@ -36,7 +36,7 @@ sections:
- type: markdown
text: Learn about interoperability goals and enterprise guidance along with system requirements, language support and frequently asked questions.
text: (Note - You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).) Learn about interoperability goals and enterprise guidance along with system requirements, language support and frequently asked questions.
- items:

6
devices/hololens/TOC.md
View File

@ -28,10 +28,11 @@
# Navigating Windows Holographic
## [Start menu and mixed reality home](holographic-home.md)
## [Use your voice with HoloLens](hololens-cortana.md)
## [Find and save files](hololens-find-and-save-files.md)
## [Find and save files](holographic-data.md)
## [Create, share, and view photos and video](holographic-photos-and-videos.md)
# User management and access management
## [Accounts on HoloLens](hololens-identity.md)
## [Share your HoloLens with multiple people](hololens-multiple-users.md)
## [Set up HoloLens as a kiosk (single application access)](hololens-kiosk.md)
## [Set up limited application access](hololens-kiosk.md)
@ -53,15 +54,14 @@
## [Spatial mapping on HoloLens](hololens-spaces.md)
# Update, troubleshoot, or recover HoloLens
## [Update, troubleshoot, or recover HoloLens](hololens-management-overview.md)
## [Update HoloLens](hololens-update-hololens.md)
## [Restart, reset, or recover](hololens-recovery.md)
## [Troubleshoot HoloLens](hololens-troubleshooting.md)
## [Known issues](hololens-known-issues.md)
## [Frequently asked questions](hololens-faq.md)
## [Hololens services status](hololens-status.md)
# [Release Notes](hololens-release-notes.md)
# [Hololens status](hololens-status.md)
# [Give us feedback](hololens-feedback.md)
# [Join the Windows Insider program](hololens-insider.md)
# [Change history for Microsoft HoloLens documentation](change-history-hololens.md)

100
devices/hololens/holographic-data.md Normal file
View File

@ -0,0 +1,100 @@
---
title: Find and save files on HoloLens
description: Use File Explorer on HoloLens to view and manage files on your device
keywords: how-to, file picker, files, photos, videos, pictures, OneDrive, storage, file explorer
ms.assetid: 77d2e357-f65f-43c8-b62f-6cd9bf37070a
author: mattzmsft
ms.author: mazeller
manager: v-miegge
ms.reviewer: jarrettrenshaw
ms.date: 12/30/2019
keywords: hololens
ms.prod: hololens
ms.sitesec: library
ms.topic: article
audience: ITPro
ms.localizationpriority: medium
appliesto:
- HoloLens (1st gen)
- HoloLens 2
---
# Find, open, and save files on HoloLens
Files you create on HoloLens, including photos and videos, are saved directly to your HoloLens device. View and manage them in the same way you would manage files on Windows 10:
- Using the File Explorer app to access local folders.
- Within an app's storage.
- In a special folder (such as the video or music library).
- Using a storage service that includes an app and file picker (such as OneDrive).
- Using a desktop PC connected to your HoloLens by using a USB cable, using MTP (Media Transfer Protocol) support.
## View files on HoloLens using File Explorer
> Applies to all HoloLens 2 devices and HoloLens (1st gen) as of the [Windows 10 April 2018 Update (RS4) for HoloLens](https://docs.microsoft.com/windows/mixed-reality/release-notes-april-2018).
Use File Explorer on HoloLens to view and manage files on your device, including 3D objects, documents, and pictures. Go to **Start** > **All apps** > **File Explorer** to get started.
> [!TIP]
> If there are no files listed in File Explorer, select **This Device** in the top left pane.
If you dont see any files in File Explorer, the "Recent" filter may be active (clock icon is highlighted in left pane). To fix this, select the **This Device** document icon in the left pane (beneath the clock icon), or open the menu and select **This Device**.
## Find and view your photos and videos
[Mixed reality capture](holographic-photos-and-videos.md) lets you take mixed reality photos and videos on HoloLens. These photos and videos are saved to the device's Camera Roll folder.
You can access photos and videos taken with HoloLens by:
- accessing the Camera Roll directly through the [Photos app](holographic-photos-and-videos.md).
- uploading photos and videos to cloud storage by syncing your photos and videos to OneDrive.
- using the Mixed Reality Capture page of the [Windows Device Portal](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal#mixed-reality-capture).
### Photos app
The Photos app is one of the default apps on the **Start** menu, and comes built-in with HoloLens. Learn more about [using the Photos app to view content](holographic-photos-and-videos.md).
You can also install the [OneDrive app](https://www.microsoft.com/p/onedrive/9wzdncrfj1p3) from the Microsoft Store to sync photos to other devices.
### OneDrive app
[OneDrive](https://onedrive.live.com/) lets you access, manage, and share your photos and videos with any device and with any user. To access the photos and videos captured on HoloLens, download the [OneDrive app](https://www.microsoft.com/p/onedrive/9wzdncrfj1p3) from the Microsoft Store on your HoloLens. Once downloaded, open the OneDrive app and select **Settings** > **Camera upload**, and turn on **Camera upload**.
### Connect to a PC
If your HoloLens is running the [Windows 10 April 2018 update](https://docs.microsoft.com/windows/mixed-reality/release-notes-april-2018) or later, you can connect your HoloLens to a Windows 10 PC by using a USB cable to browse photos and videos on the device by using MTP (media transfer protocol). You'll need to make sure the device is unlocked to browse files if you have a PIN or password set up on your device.
If you have enabled the [Windows Device Portal](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal), you can use it to browse, retrieve, and manage the photos and videos stored on your device.
## Access files within an app
If an application saves files on your device, you can use that application to access them.
### Requesting files from another app
An application can request to save a file or open a file from another app by using [file pickers](https://docs.microsoft.com/windows/mixed-reality/app-model#file-pickers).
### Known folders
HoloLens supports a number of [known folders](https://docs.microsoft.com/windows/mixed-reality/app-model#known-folders) that apps can request permission to access.
## View HoloLens files on your PC
Similar to other mobile devices, connect HoloLens to your desktop PC using MTP (Media Transfer Protocol) and open File Explorer on the PC to access your HoloLens libraries for easy transfer.
To see your HoloLens files in File Explorer on your PC:
1. Sign in to HoloLens, then plug it into the PC using the USB cable that came with the HoloLens.
1. Select **Open Device to view files with File Explorer**, or open File Explorer on the PC and navigate to the device.
To see info about your HoloLens, right-click the device name in File Explorer on your PC, then select **Properties**.
> [!NOTE]
> HoloLens (1st gen) does not support connecting to external hard drives or SD cards.
## Sync to the cloud
To sync photos and other files from your HoloLens to the cloud, install and set up OneDrive on HoloLens. To get OneDrive, search for it in the Microsoft Store on your HoloLens.
HoloLens doesn't back up app files and data, so it's a good idea to save your important stuff to OneDrive. That way, if you reset your device or uninstall an app, your info will be backed up.

2
devices/hololens/hololens-FAQ.md
View File

@ -137,7 +137,7 @@ Try walking around and looking at the area where you're placing the app so HoloL
Free up some storage space by doing one or more of the following:
- Remove some of the holograms you've placed, or remove some saved data from within apps. [How do I find my data?](hololens-find-and-save-files.md)
- Remove some of the holograms you've placed, or remove some saved data from within apps. [How do I find my data?](holographic-data.md)
- Delete some pictures and videos in the Photos app.
- Uninstall some apps from your HoloLens. In the All apps list, tap and hold the app you want to uninstall, then select **Uninstall**. (This will also delete any of the app's data stored on the device.)

3
devices/hololens/hololens-cortana.md
View File

@ -36,6 +36,9 @@ Get around HoloLens faster with these basic commands. In order to use these you
Use these commands throughout Windows Mixed Reality to get around faster. Some commands use the gaze cursor, which you bring up by saying “select.”
>[!NOTE]
>Hand rays are not supported on HoloLens (1st Gen).
| Say this | To do this |
| - | - |
| "Select" | Say "select" to bring up the gaze cursor. Then, turn your head to position the cursor on the thing you want to select, and say “select” again. |

66
devices/hololens/hololens-find-and-save-files.md
View File

@ -1,66 +0,0 @@
---
title: Find and save files on HoloLens
description: Use File Explorer on HoloLens to view and manage files on your device
ms.assetid: 77d2e357-f65f-43c8-b62f-6cd9bf37070a
ms.reviewer: jarrettrenshaw
ms.date: 07/01/2019
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
appliesto:
- HoloLens (1st gen)
- HoloLens 2
---
# Find and save files on HoloLens
Add content from [Find and save files](https://docs.microsoft.com/windows/mixed-reality/saving-and-finding-your-files)
Files you create on HoloLens, including Office documents, photos, and videos, are saved to your HoloLens. To view and manage them, you can use the File Explorer app on HoloLens or File Explorer on your PC. To sync photos and other files to the cloud, use the OneDrive app on HoloLens.
## View files on HoloLens
Use File Explorer on HoloLens to view and manage files on your device, including 3D objects, documents, and pictures. Go to Start > All apps > File Explorer on HoloLens to get started.
>[!TIP]
>If there are no files listed in File Explorer, select **This Device** in the top left pane.
## View HoloLens files on your PC
To see your HoloLens files in File Explorer on your PC:
1. Sign in to HoloLens, then plug it into the PC using the USB cable that came with the HoloLens.
1. Select **Open Device to view files with File Explorer**, or open File Explorer on the PC and navigate to the device.
>[!TIP]
>To see info about your HoloLens, right-click the device name in File Explorer on your PC, then select **Properties**.
## View HoloLens files on Windows Device Portal
>[!NOTE]
>To use Device Portal you must enable [Developer Mode](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal#setting-up-hololens-to-use-windows-device-portal).
1. Enable Developer Mode and Device Portal on your HoloLens. (See note above if not enabled.)
1. Navigate to the Device Portal page on your PC.
1. To connect to a HoloLens connected to your PC type in 127.0.0.1:10080/ in your browser.
1. To connect to a HoloLens wirelessly instead navigate to your IP address.
>[!TIP]
>You may need to install a certificate, OR you may see more details and navigate to the website anyways. (Path per web broswer will differ.)
1. Once succesfully connected, on the left side of the windw you can navigate to the [File Explorer](https://docs.microsoft.com/windows/mixed-reality/using-the-windows-device-portal#file-explorer) workspace.
## Sync to the cloud
To sync photos and other files from your HoloLens to the cloud, install and set up OneDrive on HoloLens. To get OneDrive, search for it in the Microsoft Store on your HoloLens.
>[!TIP]
>HoloLens doesn't back up app files and data, so it's a good idea to save your important stuff to OneDrive. That way, if you reset your device or uninstall an app, your info will be backed up.

111
devices/hololens/hololens-identity.md Normal file
View File

@ -0,0 +1,111 @@
---
title: Managing user identity and login on HoloLens
description: Manage user identity, security, and login on HoloLens.
keywords: HoloLens, user, account, aad, adfs, microsoft account, msa, credentials, reference
ms.assetid: 728cfff2-81ce-4eb8-9aaa-0a3c3304660e
author: scooley
ms.author: scooley
ms.date: 1/6/2019
ms.prod: hololens
ms.topic: article
ms.sitesec: library
ms.topic: article
ms.localizationpriority: medium
audience: ITPro
manager: jarrettr
appliesto:
- HoloLens (1st gen)
- HoloLens 2
---
# User identity and signin
> [!NOTE]
> This article is a technical reference for IT Pros and tech enthusiasts. If you're looking for HoloLens set up instructions, read "[Setting up your HoloLens (1st gen)](hololens1-start.md)" or "[Setting up your HoloLens 2](hololens2-start.md)".
Like other Windows devices, HoloLens always operates under a user context. There is always a user identity. HoloLens treats identity in almost the same manner as other Windows 10 devices do. This article is a deep-dive reference for identity on HoloLens, and focuses on how HoloLens differs from other Windows 10 devices.
HoloLens supports several kinds of user identities. You can use one or more user accounts to sign in. Here's an overview of the identity types and authentication options on HoloLens:
| Identity type | Accounts per device | Authentication options |
| --- | --- | --- |
| [Azure Active Directory (AAD)](https://docs.microsoft.com/azure/active-directory/) | 32 (see details) | <ul><li>Azure web credential provider</li><li>Azure Authenticator App</li><li>Biometric (Iris) &ndash; HoloLens 2 only</li><li>PIN &ndash; Optional for HoloLens (1st gen), required for HoloLens 2</li><li>Password</li></ul> |
| [Microsoft Account (MSA)](https://docs.microsoft.com/windows/security/identity-protection/access-control/microsoft-accounts) | 1 | <ul><li>Biometric (Iris) &ndash; HoloLens 2 only</li><li>PIN &ndash; Optional for HoloLens (1st gen), required for HoloLens 2</li><li>Password</li></ul> |
| [Local account](https://docs.microsoft.com/windows/security/identity-protection/access-control/local-accounts) | 1 | Password |
Cloud-connected accounts (AAD and MSA) offer more features because they can use Azure services.
## Setting up users
The most common way to set up a new user is during the HoloLens out-of-box experience (OOBE). During setup, HoloLens prompts for a user to sign in by using the account that they want to use on the device. This account can be a consumer Microsoft account or an enterprise account that has been configured in Azure. See Setting up your [HoloLens (1st gen)](hololens1-start.md) or [HoloLens 2](hololens2-start.md).
Like Windows on other devices, signing in during setup creates a user profile on the device. The user profile stores apps and data. The same account also provides Single Sign-on for apps such as Edge or Skype by using the Windows Account Manager APIs.
If you use an enterprise or organizational account to sign in to HoloLens, HoloLens enrolls in the organization's IT infrastructure. This enrollment allows your IT Admin to configure Mobile Device Management (MDM) to send group policies to your HoloLens.
By default, as for other Windows 10 devices, you'll have to sign in again when HoloLens restarts or resumes from standby. You can use the Settings app to change this behavior, or the behavior can be controlled by group policy.
### Linked accounts
As in the Desktop version of Windows, you can link additional web account credentials to your HoloLens account. Such linking makes it easier to access resources across or within apps (such as the Store) or to combine access to personal and work resources. After you connect an account to the device, you can grant permission to use the device to apps so that you don't have to sign in to each app individually.
Linking accounts does not separate the user data created on the device, such as images or downloads.
### Setting up multi-user support (AAD only)
> [!NOTE]
> **HoloLens (1st gen)** began supporting multiple AAD users in the [Windows 10 April 2018 Update](https://docs.microsoft.com/windows/mixed-reality/release-notes-april-2018) as part of [Windows Holographic for Business](hololens-upgrade-enterprise.md).
HoloLens supports multiple users from the same AAD tenant. To use this feature, you must use an account that belongs to your organization to set up the device. Subsequently, other users from the same tenant can sign in to the device from the sign-in screen or by tapping the user tile on the Start panel. Only one user can be signed in at a time. When a user signs in, HoloLens signs out the previous user.
All users can use the apps installed on the device. However, each user has their own app data and preferences. Removing an app from the device removes it for all users.
## Removing users
You can remove a user from the device by going to **Settings** > **Accounts** > **Other people**. This action also reclaims space by removing all of that user's app data from the device.
## Using single sign-on within an app
As an app developer, you can take advantage of linked identities on HoloLens by using the [Windows Account Manager APIs](https://docs.microsoft.com/uwp/api/Windows.Security.Authentication.Web.Core), just as you would on other Windows devices. Some code samples for these APIs are available [here](https://go.microsoft.com/fwlink/p/?LinkId=620621).
Any account interrupts that might occur, such as requesting user consent for account information, two-factor authentication, and so forth, must be handled when the app requests an authentication token.
If your app requires a specific account type that hasn't been linked previously, your app can ask the system to prompt the user to add one. This request triggers the account settings pane to launch as a modal child of your app. For 2D apps, this window renders directly over the center of your app. For Unity apps, this request briefly takes the user out of your holographic app to render the child window. For information about customizing the commands and actions on this pane, see [WebAccountCommand Class](https://docs.microsoft.com/uwp/api/Windows.UI.ApplicationSettings.WebAccountCommand).
## Enterprise and other authentication
If your app uses other types of authentication, such as NTLM, Basic, or Kerberos, you can use [Windows Credential UI](https://docs.microsoft.com/uwp/api/Windows.Security.Credentials.UI) to collect, process, and store the user's credentials. The user experience for collecting these credentials is very similar to other cloud-driven account interrupts, and appears as a child app on top of your 2D app or briefly suspends a Unity app to show the UI.
## Deprecated APIs
One way in which developing for HoloLens differs from developing for Desktop is that the [OnlineIDAuthenticator](https://docs.microsoft.com/uwp/api/Windows.Security.Authentication.OnlineId.OnlineIdAuthenticator) API is not fully supported. Although the API returns a token if the primary account is in good-standing, interrupts such as those described in this article do not display any UI for the user and fail to correctly authenticate the account.
## Frequently asked questions
### Is Windows Hello for Business supported on HoloLens?
Windows Hello for Business (which supports using a PIN to sign in) is supported for HoloLens. To allow Windows Hello for Business PIN sign-in on HoloLens:
1. The HoloLens device must be [managed by MDM](hololens-enroll-mdm.md).
1. You must enable Windows Hello for Business for the device. ([See instructions for Microsoft Intune.](https://docs.microsoft.com/intune/windows-hello))
1. On HoloLens, the user can then use **Settings** > **Sign-in Options** > **Add PIN** to set up a PIN.
> [!NOTE]
> Users who sign in by using a Microsoft account can also set up a PIN in **Settings** > **Sign-in Options** > **Add PIN**. This PIN is associated with [Windows Hello](https://support.microsoft.com/help/17215/windows-10-what-is-hello), rather than [Windows Hello for Business](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-overview).
#### Does the type of account change the sign-in behavior?
Yes, the behavior for the type of account affects the sign-in behavior. If you apply policies for sign-in, the policy is always respected. If no policy for sign-in is applied, these are the default behaviors for each account type:
- **Microsoft account**: signs in automatically
- **Local account**: always asks for password, not configurable in **Settings**
- **Azure AD**: asks for password by default, and configurable by **Settings** to no longer ask for password.
> [!NOTE]
> Inactivity timers are currently not supported, which means that the **AllowIdleReturnWithoutPassword** policy is only respected when the device goes into StandBy.
## Additional resources
Read much more about user identity protection and authentication on [the Windows 10 security and identity documentation](https://docs.microsoft.com/windows/security/identity-protection/).
Learn more about setting up hybrid identity infrastructure thorough the [Azure Hybrid identity documentation](https://docs.microsoft.com/azure/active-directory/hybrid/).

30
devices/hololens/hololens-insider.md
View File

@ -3,11 +3,12 @@ title: Insider preview for Microsoft HoloLens (HoloLens)
description: Its simple to get started with Insider builds and to provide valuable feedback for our next major operating system update for HoloLens.
ms.prod: hololens
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: scooley
ms.author: scooley
ms.topic: article
ms.localizationpriority: medium
ms.date: 10/23/2018
audience: ITPro
ms.date: 1/6/2020
ms.reviewer:
manager: dansimp
appliesto:
@ -19,36 +20,35 @@ appliesto:
Welcome to the latest Insider Preview builds for HoloLens! Its simple to get started and provide valuable feedback for our next major operating system update for HoloLens.
## How do I install the Insider builds?
## Start receiving Insider builds
On a device running the Windows 10 April 2018 Update, go to <strong>Settings -&gt; Update &amp; Security -&gt; Windows Insider Program</strong> and select <strong>Get started</strong>. Link the account you used to register as a Windows Insider.
On a device running the Windows 10 April 2018 Update, go to **Settings** -> **Update & Security** -> **Windows Insider Program** and select **Get started**. Link the account you used to register as a Windows Insider.
Then, select **Active development of Windows**, choose whether youd like to receive **Fast** or **Slow** builds, and review the program terms.
Select **Confirm -> Restart Now** to finish up. After your device has rebooted, go to **Settings -> Update & Security -> Check for updates** to get the latest build.
## How do I stop receiving Insider builds?
## Stop receiving Insider builds
If you no longer want to receive Insider builds of Windows Holographic, you can opt out when your HoloLens is running a production build, or you can [recover your device](https://docs.microsoft.com/windows/mixed-reality/reset-or-recover-your-hololens#perform-a-full-device-recovery) using the Windows Device Recovery Tool to recover your device to a non-Insider version of Windows Holographic.
If you no longer want to receive Insider builds of Windows Holographic, you can opt out when your HoloLens is running a production build, or you can [recover your device](hololens-recovery.md) using the Windows Device Recovery Tool to recover your device to a non-Insider version of Windows Holographic.
To verify that your HoloLens is running a production build:
- Go to **Settings > System > About**, and find the build number.
- If the build number is 10.0.17763.1, your HoloLens is running a production build. [See the list of production build numbers.](https://www.microsoft.com/itpro/windows-10/release-information)
- [See the release notes for production build numbers.](hololens-release-notes.md)
To opt out of Insider builds:
- On a HoloLens running a production build, go to **Settings > Update & Security > Windows Insider Program**, and select **Stop Insider builds**.
- Follow the instructions to opt out your device.
## Note for developers
You are welcome and encouraged to try developing your applications using Insider builds of HoloLens. Check out the [HoloLens Developer Documentation](https://developer.microsoft.com/windows/mixed-reality/development) to get started. Those same instructions work with Insider builds of HoloLens. You can use the same builds of Unity and Visual Studio that you're already using for HoloLens development.
## Provide feedback and report issues
Please use [the Feedback Hub app](https://docs.microsoft.com/windows/mixed-reality/give-us-feedback) on your HoloLens or Windows 10 PC to provide feedback and report issues. Using Feedback Hub ensures that all necessary diagnostics information is included to help our engineers quickly debug and resolve the problem. Issues with the Chinese and Japanese version of HoloLens should be reported the same way.
Please use [the Feedback Hub app](hololens-feedback.md) on your HoloLens to provide feedback and report issues. Using Feedback Hub ensures that all necessary diagnostics information is included to help our engineers quickly debug and resolve the problem. Issues with the Chinese and Japanese version of HoloLens should be reported the same way.
>[!NOTE]
>Be sure to accept the prompt that asks whether youd like Feedback Hub to access your Documents folder (select **Yes** when prompted).
## Note for developers
You are welcome and encouraged to try developing your applications using Insider builds of HoloLens. Check out the [HoloLens Developer Documentation](https://developer.microsoft.com/windows/mixed-reality/development) to get started. Those same instructions work with Insider builds of HoloLens. You can use the same builds of Unity and Visual Studio that you're already using for HoloLens development.

32
devices/hololens/hololens-management-overview.md
View File

@ -1,32 +0,0 @@
---
title: Update, troubleshoot, or recover HoloLens
description:
author: Teresa-Motiv
ms.author: v-tea
ms.date: 11/27/2019
ms.prod: hololens
ms.topic: article
ms.custom: CSSTroubleshooting
audience: ITPro
keywords: issues, bug, troubleshoot, fix, help, support, HoloLens
manager: jarrettr
ms.localizationpriority: medium
appliesto:
- HoloLens (1st gen)
- HoloLens 2
---
# Update, troubleshoot, or recover HoloLens
The articles in this section help you keep your HoloLens up-to-date and help you resolve any issues that you encounter.
**In this section**
| Article | Description |
| --- | --- |
| [Update HoloLens](hololens-update-hololens.md) | Describes how to identify the build number of your device, and how to update your device manually. |
| [Manage updates on many HoloLens](hololens-updates.md) | Describes how to use policies to manage device updates. |
| [Restart, reset, or recover](hololens-recovery.md) | Describes how to restart, reset, or recover a HoloLens device |
| [Troubleshoot HoloLens](hololens-troubleshooting.md) | Describes solutions to common HoloLens problems. |
| [Known issues](hololens-known-issues.md) | Describes known HoloLens issues. |
| [Frequently asked questions](hololens-faq.md) | Provides answers to common questions about HoloLens.|

4
devices/hololens/hololens-release-notes.md
View File

@ -22,6 +22,10 @@ appliesto:
> [!Note]
> HoloLens Emulator Release Notes can be found [here](https://docs.microsoft.com/windows/mixed-reality/hololens-emulator-archive).
### January Update - build 18362.1043
- Stability improvements for exclusive apps when working with the HoloLens 2 emulator.
### December Update - build 18362.1042
- Introduces LSR (Last Stage Reproduction) fixes. Improves visual rendering of holograms to appear more stable and crisp by more accurately accounting for their depth. This will be more noticeable if apps do not set the depth of holograms correctly, after this update.

28
devices/hololens/hololens-troubleshooting.md
View File

@ -33,24 +33,26 @@ If your HoloLens becomes frozen or unresponsive:
If these steps don't work, you can try [recovering your device](hololens-recovery.md).
## Holograms don't look good or are moving around
## Holograms don't look good
If your holograms are unstable, jumpy, or dont look right, try one of these fixes:
If your holograms are unstable, jumpy, or dont look right, try:
- Clean your device visor and make sure that nothing is obstructing the sensors.
- Make sure that theres enough light in your room.
- Try walking around and looking at your surroundings so that HoloLens can scan them more completely.
- Try running the Calibration app. It calibrates your HoloLens to work best for your eyes. Go to **Settings** > **System** > **Utilities**. Under **Calibration**, select **Open Calibration**.
- Cleaning your device visor and sensor bar on the front of your HoloLens.
- Increasing the light in your room.
- Walking around and looking at your surroundings so that HoloLens can scan them more completely.
- Calibrating your HoloLens for your eyes. Go to **Settings** > **System** > **Utilities**. Under **Calibration**, select **Open Calibration**.
## HoloLens doesnt respond to my gestures
## HoloLens doesnt respond to gestures
To make sure that HoloLens can see your gestures, keep your hand in the gesture frame. The gesture frame extends a couple of feet on either side of you. When HoloLens can see your hand, the cursor changes from a dot to a ring. Learn more about [using gestures](hololens1-basic-usage.md#use-hololens-with-your-hands).
To make sure that HoloLens can see your gestures. Keep your hand in the gesture frame - when HoloLens can see your hand, the cursor changes from a dot to a ring.
Learn more about using gestures on [HoloLens (1st gen)](hololens1-basic-usage.md#use-hololens-with-your-hands) or [HoloLens 2](hololens2-basic-usage.md#the-hand-tracking-frame).
If your environment is too dark, HoloLens might not see your hand, so make sure that theres enough light.
If your visor has fingerprints or smudges, use the microfiber cleaning cloth that came with the HoloLens to clean your visor gently.
## HoloLens doesnt respond to my voice commands.
## HoloLens doesnt respond to my voice commands
If Cortana isnt responding to your voice commands, make sure Cortana is turned on. On the All apps list, select **Cortana** > **Menu** > **Notebook** > **Settings** to make changes. To learn more about what you can say, see [Use your voice with HoloLens](hololens-cortana.md).
@ -64,10 +66,6 @@ If HoloLens cant map or load your space, it enters Limited mode and you won
- To see if the correct space is active, or to manually load a space, go to **Settings** > **System** > **Spaces**.
- If the correct space is loaded and youre still having problems, the space may be corrupt. To fix this issue, select the space, then select **Remove**. After you remove the space, HoloLens starts to map your surroundings and create a new space.
## My HoloLens frequently enters Limited mode or shows a “Tracking lost” message
If your device often shows a "Limited mode" or "Tracking lost" message, try the suggestions listed in [My Holograms don't look good or are moving around](#holograms-dont-look-good-or-are-moving-around).
## My HoloLens cant tell what space Im in
If your HoloLens cant identify and load the space youre in automatically, check the following factors:
@ -90,3 +88,7 @@ Youll need to free up some storage space by doing one or more of the followin
## My HoloLens cant create a new space
The most likely problem is that youre running low on storage space. Try one of the [previous tips](#im-getting-a-low-disk-space-error) to free up some disk space.
## The HoloLens emulators isn't working
Information about the HoloLens emulator is located in our developer documentation. Read more about [troubleshooting the HoloLens emulator](https://docs.microsoft.com/windows/mixed-reality/using-the-hololens-emulator#troubleshooting).

2
devices/surface-hub/surface-hub-2s-account.md
View File

@ -47,7 +47,7 @@ Create the account using the Microsoft 365 admin center or by using PowerShell.
- **Skype for Business:** For Skype for Business only (on-premises or online), you can enable the Skype for Business object by running **Enable-CsMeetingRoom** to enable features such as Meeting room prompt for audio and Lobby hold.
- **Calendar:** Set **Calendar Auto processing** for this account.
- **Microsoft Teams and Skype for Business Calendar:** Set [**Calendar Auto processing**](https://docs.microsoft.com/surface-hub/surface-hub-2s-account?source=docs#set-calendar-auto-processing) for this account.
## Create account using PowerShell
Instead of using the Microsoft Admin Center portal, you can create the account using PowerShell.

59
devices/surface-hub/surface-hub-2s-recover-reset.md
View File

@ -15,46 +15,55 @@ ms.localizationpriority: Medium
# Reset and recovery for Surface Hub 2S
If you encounter problems with Surface Hub 2S, you can reset the device to factory settings or recover using a USB drive.
If you encounter problems with Surface Hub 2S, you can reset the device to factory settings or restore by using a USB drive.
To begin, sign into Surface Hub 2S with admin credentials, open the **Settings** app, select **Update & security**, and then select **Recovery**.
To begin, sign in to Surface Hub 2S with admin credentials, open the **Settings** app, select **Update & security**, and then select **Recovery**.
## Reset device
## Reset the device
1. To reset, select **Get Started**.
2. When the **Ready to reset this device** window appears, select **Reset**. Surface Hub 2S reinstalls the operating system from the recovery partition and may take up to one hour to complete.
3. Run **the first time Setup program** to reconfigure the device.
4. If you manage the device using Intune or other mobile device manager (MDM) solution, retire and delete the previous record and re-enroll the new device. For more information, see [Remove devices by using wipe, retire, or manually unenrolling the device](https://docs.microsoft.com/intune/devices-wipe).
1. To reset the device, select **Get Started**.
2. When the **Ready to reset this device** window appears, select **Reset**.
>[!NOTE]
>Surface Hub 2S reinstalls the operating system from the recovery partition. This may take up to one hour to complete.
3. To reconfigure the device, run the first-time Setup program.
4. If you manage the device using Microsoft Intune or another mobile device management solution, retire and delete the previous record, and then re-enroll the new device. For more information, see [Remove devices by using wipe, retire, or manually unenrolling the device](https://docs.microsoft.com/intune/devices-wipe).
![*Reset and recovery for Surface Hub 2S*](images/sh2-reset.png)<br>
*Figure 1. Reset and recovery for Surface Hub 2S.*
*Figure 1. Reset and recovery for Surface Hub 2S*
## Recover Surface Hub 2S using USB recovery drive
## Recover Surface Hub 2S by using a USB recovery drive
New in Surface Hub 2S, you can now reinstall the device using a recovery image.
New in Surface Hub 2S, you can now reinstall the device by using a recovery image.
### Recover from USB drive
### Recovery from a USB drive
Surface Hub 2S lets you reinstall the device using a recovery image, which allows you to reinstall the device to factory settings if you lost the Bitlocker key or no longer have admin credentials to the Settings app.
Using Surface Hub 2S, you can reinstall the device by using a recovery image. By doing this, you can reinstall the device to the factory settings if you lost the BitLocker key, or if you no longer have admin credentials to the Settings app.
1. Begin with a USB 3.0 drive with 8 GB or 16 GB of storage, formatted as FAT32.
2. From a separate PC, download the .zip file recovery image from the [Surface Recovery website](https://support.microsoft.com/surfacerecoveryimage?devicetype=surfacehub2s) and then return to these instructions.
3. Unzip the downloaded file onto the root of the USB drive.
4. Connect the USB drive to any USB-C or USB-A port on Surface Hub 2S.
5. Turn off the device. While holding down the Volume down button, press the Power button. Keep holding both buttons until you see the Windows logo. Release the Power button but continue to hold the Volume until the Install UI begins.
>[!NOTE]
>Use a USB 3.0 drive with 8 GB or 16 GB of storage, formatted as FAT32.
![*Use Volume down and power buttons to initiate recovery*](images/sh2-keypad.png) <br>
1. From a separate PC, download the .zip file recovery image from the [Surface Recovery website](https://support.microsoft.com/surfacerecoveryimage?devicetype=surfacehub2s) and then return to these instructions.
1. Unzip the downloaded file onto the root of the USB drive.
1. Connect the USB drive to any USB-C or USB-A port on Surface Hub 2S.
1. Turn off the device:
1. While holding down the Volume down button, press the Power button.
1. Keep holding both buttons until you see the Windows logo.
1. Release the Power button but continue to hold the Volume until the Install UI begins.
6. In the language selection screen, select the display language for your Surface Hub 2S.
7. Choose **Recover from a drive** and **Fully clean the drive** and then select **Recover**. If prompted for a BitLocker key, select **Skip this drive**. Surface Hub 2S reboots several times and takes approximately 30 minutes to complete the recovery process.
Remove the USB drive when the first time setup screen appears.
![*Use Volume down and power buttons to initiate recovery*](images/sh2-keypad.png) <br>
**Figure 2. Volume and Power buttons**
1. On the language selection screen, select the display language for your Surface Hub 2S.
1. Select **Recover from a drive** and **Fully clean the drive**, and then select **Recover**. If you're prompted for a BitLocker key, select **Skip this drive**. Surface Hub 2S reboots several times and takes approximately 30 minutes to complete the recovery process.
When the first-time setup screen appears,remove the USB drive.
## Recover a locked Surface Hub
On rare occasions, Surface Hub 2S may encounter an error during cleanup of user and app data at the end of a session. If this occurs, the device will automatically reboot and resume data cleanup. But if this operation fails repeatedly, the device will be automatically locked to protect user data.
At the end of a session, Surface Hub 2S may occasionally encounter an error during the cleanup of user and app data at the end of a session. If this occurs, the device automatically reboots and resumes the data cleanup. However, if this operation repeatedly fails, the device automatically locks to protect user data.
**To unlock Surface Hub 2S:** <br>
Reset or recover the device from Windows Recovery Environment (Windows RE). For more information, see [What is Windows RE?](https://technet.microsoft.com/library/cc765966.aspx)
**To unlock a Surface Hub 2S:** <br>
- Reset or recover the device from the Windows Recovery Environment. For more information, see [What is Windows RE?](https://technet.microsoft.com/library/cc765966.aspx)
> [!NOTE]
> To enter recovery mode, you need to physically unplug and replug the power cord three times.
> To enter recovery mode, unplug the power cord and plug it in again three times.

25
devices/surface-hub/surface-hub-site-readiness-guide.md
View File

@ -1,12 +1,12 @@
---
title: Surface Hub Site Readiness Guide
ms.reviewer:
manager: dansimp
manager: laurawi
description: Use this Site Readiness Guide to help plan your Surface Hub installation.
ms.prod: surface-hub
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: greg-lindsay
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
---
@ -28,7 +28,7 @@ The room needs to be large enough to provide good viewing angles, but small enou
- The screen is not in direct sunlight, which could affect viewing or damage the screen.
- Ventilation openings are not blocked.
- Microphones are not affected by noise sources, such as fans or vents.
You can find more details in the [55” Microsoft Surface Hub technical information](surface-hub-technical-55.md) or [84” Microsoft Surface Hub technical information](surface-hub-technical-84.md) sections. For cleaning, care, and safety information, see the mounting guides and user guide at http://www.microsoft.com/surface/support/surface-hub.
You can find more details in the [55” Microsoft Surface Hub technical information](surface-hub-technical-55.md) or [84” Microsoft Surface Hub technical information](surface-hub-technical-84.md) sections. For cleaning, care, and safety information, see the mounting guides and user guide at https://www.microsoft.com/surface/support/surface-hub.
### Hardware considerations
@ -47,7 +47,7 @@ For details about cable ports, see the [55” Microsoft Surface Hub technical in
Microsoft Surface Hub has an internal PC and does not require an external computer system.
For power recommendations, see [55” Microsoft Surface Hub technical information](surface-hub-technical-55.md) or [84” Microsoft Surface Hub technical information](surface-hub-technical-84.md). For power cable safety warnings, see the mounting guides at http://www.microsoft.com/surface/support/surface-hub.
For power recommendations, see [55” Microsoft Surface Hub technical information](surface-hub-technical-55.md) or [84” Microsoft Surface Hub technical information](surface-hub-technical-84.md). For power cable safety warnings, see the mounting guides at https://www.microsoft.com/surface/support/surface-hub.
### Data and other connections
@ -77,7 +77,7 @@ Before you move Surface Hub, make sure that all the doorways, thresholds, hallwa
### Unpacking Surface Hub
For unpacking information, refer to the unpacking guide included in the shipping container. You can open the unpacking instructions before you open the shipping container. These instructions can also be found here: http://www.microsoft.com/surface/support/surface-hub
For unpacking information, refer to the unpacking guide included in the shipping container. You can open the unpacking instructions before you open the shipping container. These instructions can also be found here: https://www.microsoft.com/surface/support/surface-hub
>[!IMPORTANT]
>Retain and store all Surface Hub shipping materials—including the pallet, container, and screws—in case you need to ship Surface Hub to a new location or send it
@ -85,17 +85,17 @@ for repairs. For the 84” Surface Hub, retain the lifting handles.
### Lifting Surface Hub
The 55” Surface Hub requires two people to safely lift and mount. The 84” Surface Hub requires four people to safely lift and mount. Those assisting must be able to lift 70 pounds to waist height. Review the unpacking and mounting guide for details on lifting Surface Hub. You can find it at http://www.microsoft.com/surface/support/surface-hub.
The 55” Surface Hub requires two people to safely lift and mount. The 84” Surface Hub requires four people to safely lift and mount. Those assisting must be able to lift 70 pounds to waist height. Review the unpacking and mounting guide for details on lifting Surface Hub. You can find it at https://www.microsoft.com/surface/support/surface-hub.
## Mounting and setup
See your mounting guide at http://www.microsoft.com/surface/support/surface-hub for detailed instructions.
See your mounting guide at https://www.microsoft.com/surface/support/surface-hub for detailed instructions.
There are three ways to mount your Surface Hub:
- **Wall mount**: Lets you permanently hang Surface Hub on a conference space wall.
- **Floor support mount**: Supports Surface Hub on the floor while it is permanently anchored to a conference space wall.
- **Rolling stand**: Supports Surface Hub and lets you move it to other conference locations. For links to guides that provide details about each mounting method, including building requirements, see http://www.microsoft.com/surface/support/surface-hub.
- **Rolling stand**: Supports Surface Hub and lets you move it to other conference locations. For links to guides that provide details about each mounting method, including building requirements, see https://www.microsoft.com/surface/support/surface-hub.
For specifications on available mounts for the original Surface Hub, see the following:
@ -129,13 +129,10 @@ For example, to provide audio, video, and touchback capability to all three vide
When you create your wired connect cable bundles, check the [55” Microsoft Surface Hub technical information](surface-hub-technical-55.md) or [84” Microsoft Surface Hub technical information](surface-hub-technical-84.md) sections for specific technical and physical details and port locations for each type of Surface Hub. Make the cables long enough to reach from Surface Hub to where the presenter will sit or stand.
For details on Touchback and Inkback, see the user guide at http://www.microsoft.com/surface/support/surface-hub.
For details on Touchback and Inkback, see the user guide at https://www.microsoft.com/surface/support/surface-hub.
## See also
[Watch the video (opens in a pop-up media player)](http://compass.xbox.com/assets/27/aa/27aa7dd7-7cb7-40ea-9bd6-c7de0795f68c.mov?n=04.07.16_installation_video_01_site_readiness.mov)
[Watch the video (opens in a pop-up media player)](https://compass.xbox.com/assets/27/aa/27aa7dd7-7cb7-40ea-9bd6-c7de0795f68c.mov?n=04.07.16_installation_video_01_site_readiness.mov)

4
devices/surface-hub/surface-hub-start-menu.md
View File

@ -182,7 +182,3 @@ This example shows a link to a website and a link to a .pdf file. The secondary
>[!NOTE]
>The default value for `ForegroundText` is light; you don't need to include `ForegroundText` in your XML unless you're changing the value to dark.
## More information
- [Blog post: Changing Surface Hubs Start Menu](https://blogs.technet.microsoft.com/y0av/2018/02/13/47/)

14
devices/surface-hub/surface-hub-update-history.md
View File

@ -442,7 +442,7 @@ This update brings the Windows 10 Team Anniversary Update to Surface Hub and inc
* General
* Enabled Audio Device Selection (for Surface Hubs attached using external audio devices)
* Enabled support for HDCP on DisplayPort output connector
* System UI changes to settings for usability optimization (refer to [User and Admin Guides](http://www.microsoft.com/surface/support/surface-hub) for additional details)
* System UI changes to settings for usability optimization (refer to [User and Admin Guides](https://www.microsoft.com/surface/support/surface-hub) for additional details)
* Bug fixes and performance optimizations to speed up the Azure Active Directory sign-in flow
* Significantly improved time needed to reset and restore Surface Hub
* Windows Defender UI has been added within settings
@ -520,9 +520,9 @@ This update to the Surface Hub includes quality improvements and security fixes.
## Related topics
* [Windows 10 feature road map](http://go.microsoft.com/fwlink/p/?LinkId=785967)
* [Windows 10 release information](http://go.microsoft.com/fwlink/p/?LinkId=724328)
* [Windows 10 November update: FAQ](http://windows.microsoft.com/windows-10/windows-update-faq)
* [Microsoft Surface update history](http://go.microsoft.com/fwlink/p/?LinkId=724327)
* [Microsoft Lumia update history](http://go.microsoft.com/fwlink/p/?LinkId=785968)
* [Get Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=616447)
* [Windows 10 feature roadmap](https://go.microsoft.com/fwlink/p/?LinkId=785967)
* [Windows 10 release information](https://go.microsoft.com/fwlink/p/?LinkId=724328)
* [Windows 10 November update: FAQ](https://windows.microsoft.com/windows-10/windows-update-faq)
* [Microsoft Surface update history](https://go.microsoft.com/fwlink/p/?LinkId=724327)
* [Microsoft Lumia update history](https://go.microsoft.com/fwlink/p/?LinkId=785968)
* [Get Windows 10](https://go.microsoft.com/fwlink/p/?LinkId=616447)

3
devices/surface/surface-dock-firmware-update.md
View File

@ -50,9 +50,6 @@ You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firm
> [!NOTE]
> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]"
> [!NOTE]
> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]"
For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation.
> [!IMPORTANT]

22
devices/surface/wake-on-lan-for-surface-devices.md
View File

@ -10,7 +10,7 @@ ms.localizationpriority: medium
author: dansimp
ms.author: dansimp
ms.topic: article
ms.date: 10/10/2019
ms.date: 12/30/2019
ms.reviewer: scottmca
manager: dansimp
ms.audience: itpro
@ -44,6 +44,8 @@ The following devices are supported for WOL:
* Surface Go
* Surface Go with LTE Advanced
* Surface Studio 2 (see Surface Studio 2 instructions below)
* Surface Pro 7
* Surface Laptop 3
## WOL driver
@ -66,15 +68,15 @@ To enable WOL on Surface Studio 2, you must use the following procedure
1. Create the following registry keys:
```
; Set CONNECTIVITYINSTANDBY to 1:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\PowerSettings\F15576E8-98B7-4186-B944-EAFA664402D9]
"Attributes"=dword:00000001
; Set EnforceDisconnectedStandby to 0 and AllowSystemRequiredPowerRequests to 1:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power]
"EnforceDisconnectedStandby"=dword:00000000
"AllowSystemRequiredPowerRequests"=dword:00000001
```
```console
; Set CONNECTIVITYINSTANDBY to 1:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\PowerSettings\F15576E8-98B7-4186-B944-EAFA664402D9]
"Attributes"=dword:00000001
; Set EnforceDisconnectedStandby to 0 and AllowSystemRequiredPowerRequests to 1:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power]
"EnforceDisconnectedStandby"=dword:00000000
"AllowSystemRequiredPowerRequests"=dword:00000001
```
2. Run the following command

24
devices/surface/windows-autopilot-and-surface-devices.md
View File

@ -1,5 +1,5 @@
---
title: Windows Autopilot and Surface Devices
title: Windows Autopilot and Surface devices
ms.reviewer:
manager: dansimp
description: Find out about Windows Autopilot deployment options for Surface devices.
@ -18,21 +18,27 @@ ms.date: 11/26/2019
# Windows Autopilot and Surface devices
Windows Autopilot is a cloud-based deployment technology available in Windows 10. Using Windows Autopilot, you can remotely deploy and configure devices in a zero-touch process right out of the box. Windows Autopilot registered devices are identified over the internet at first boot using a unique device signature, known as a hardware hash, and automatically enrolled and configured using modern management solutions such as Azure Active Directory (AAD) and Mobile Device Management (MDM).
Windows Autopilot is a cloud-based deployment technology in Windows 10. You can use Windows Autopilot to remotely deploy and configure devices in a zero-touch process right out of the box.
With Surface devices, you can choose to register your devices at the time of purchase when purchasing from a Surface partner enabled for Windows Autopilot. New devices can be shipped directly to your end-users and will be automatically enrolled and configured when the units are unboxed and turned on for the first time. This process eliminates need to reimage your devices as part of your deployment process, reducing the work required of your deployment staff and opening up new, agile methods for device management and distribution.
Windows Autopilot-registered devices are identified over the Internet at first startup through a unique device signature that's called a *hardware hash*. They're automatically enrolled and configured by using modern management solutions such as Azure Active Directory (Azure AD) and mobile device management.
You can register Surface devices at the time of purchase from a Surface partner that's enabled for Windows Autopilot. These partners can ship new devices directly to your users. The devices will be automatically enrolled and configured when they are first turned on. This process eliminates reimaging during deployment, which lets you implement new, agile methods of device management and distribution.
## Modern management
Autopilot is the recommended deployment option for Surface devices including Surface Pro 7, Surface Laptop 3, and Surface Pro X, which is specifically designed to be deployed with Autopilot.
Autopilot is the recommended deployment option for Surface devices, including Surface Pro 7, Surface Laptop 3, and Surface Pro X, which is specifically designed for deployment through Autopilot.
For the best experience, enroll your Surface devices with the assistance of a Microsoft Cloud Solution Provider. Doing so enables you to manage UEFI firmware settings on Surface devices directly from Intune, eliminating the need to physically touch devices for certificate management. For more information, see [Intune management of Surface UEFI settings](surface-manage-dfci-guide.md).
It's best to enroll your Surface devices with the help of a Microsoft Cloud Solution Provider. This step allows you to manage UEFI firmware settings on Surface directly from Intune. It eliminates the need to physically touch devices for certificate management. See [Intune management of Surface UEFI settings](surface-manage-dfci-guide.md) for details.
## Windows version considerations
Support for broad deployments of Surface devices using Windows Autopilot, including enrollment performed by Surface partners at the time of purchase, requires devices manufactured with or otherwise installed with Windows 10 Version 1709 (Fall Creators Update) or later. These versions support a 4000-byte (4k) hash value to uniquely identify devices for Windows Autopilot that is necessary for deployments at scale. All new Surface devices including Surface Pro 7, Surface Pro X, and Surface Laptop 3 ship with Windows 10 Version 1903 or above.
Broad deployment of Surface devices through Windows Autopilot, including enrollment by Surface partners at the time of purchase, requires Windows 10 Version 1709 (Fall Creators Update) or later.
These Windows versions support a 4,000-byte (4k) hash value that uniquely identifies devices for Windows Autopilot, which is necessary for deployments at scale. All new Surface devices, including Surface Pro 7, Surface Pro X, and Surface Laptop 3, ship with Windows 10 Version 1903 or later.
## Surface partners enabled for Windows Autopilot
Enrolling Surface devices in Windows Autopilot at the time of purchase is performed by select Surface partners that enroll devices on an organizations behalf. Devices can then be shipped directly to users and configured entirely through the zero-touch process of Windows Autopilot, Azure Active Directory, and Mobile Device Management.
Surface partners enabled for Windows Autopilot include:
Select Surface partners can enroll Surface devices in Windows Autopilot for you at the time of purchase. They can also ship enrolled devices directly to your users. The devices can be configured entirely through a zero-touch process by using Windows Autopilot, Azure AD, and mobile device management.
Surface partners that are enabled for Windows Autopilot include:
- [ALSO](https://www.also.com/ec/cms5/de_1010/1010_anbieter/microsoft/windows-autopilot/index.jsp)
- [Atea](https://www.atea.com/)
@ -47,6 +53,6 @@ Surface partners enabled for Windows Autopilot include:
- [Techdata](https://www.techdata.com/)
## Learn more
For more information about Windows Autopilot, refer to:
For more information about Windows Autopilot, see:
- [Overview of Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-10-autopilot)
- [Windows Autopilot requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements)

2
mdop/mbam-v25/upgrade-mbam2.5-sp1.md
View File

@ -12,7 +12,7 @@ ms.localizationpriority: Normal
# Upgrade from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update
This article provides step-by-step instructions to upgrade Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 to MBAM 2.5 Service Pack 1 (SP1) together with the Microsoft Desktop Optimization Pack (MDOP) July 2018 servicing update in a standalone configuration.
This article provides step-by-step instructions to upgrade Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 to MBAM 2.5 Service Pack 1 (SP1) together with the [Microsoft Desktop Optimization Pack (MDOP) May 2019 servicing update](https://support.microsoft.com/help/4505175/may-2019-servicing-release-for-microsoft-desktop-optimization-pack) in a standalone configuration.
In this guide, we will use a two-server configuration. One server will be a database server that's running Microsoft SQL Server 2016. This server will host the MBAM databases and reports. The other server will be a Windows Server 2012 R2 web server. This server will host "Administration and Monitoring" and "Self-Service Portal."

1
windows/client-management/TOC.md
View File

@ -31,5 +31,6 @@
#### [Advanced troubleshooting for Windows-based computer freeze](troubleshoot-windows-freeze.md)
#### [Advanced troubleshooting for stop error or blue screen error](troubleshoot-stop-errors.md)
#### [Advanced troubleshooting for stop error 7B or Inaccessible_Boot_Device](troubleshoot-inaccessible-boot-device.md)
#### [Advanced troubleshooting for Event ID 41 "The system has rebooted without cleanly shutting down first"](troubleshoot-event-id-41-restart.md)
## [Mobile device management for solution providers](mdm/index.md)
## [Change history for Client management](change-history-for-client-management.md)

4
windows/client-management/advanced-troubleshooting-boot-problems.md
View File

@ -220,7 +220,6 @@ If Windows cannot load the system registry hive into memory, you must restore th
If the problem persists, you may want to restore the system state backup to an alternative location, and then retrieve the registry hives to be replaced.
## Kernel Phase
If the system gets stuck during the kernel phase, you experience multiple symptoms or receive multiple error messages. These include, but are not limited to, the following:
@ -229,7 +228,8 @@ If the system gets stuck during the kernel phase, you experience multiple sympto
- Specific error code is displayed.
For example, "0x00000C2" , "0x0000007B" , "inaccessible boot device" and so on.
[Advanced troubleshooting for Stop error 7B or Inaccessible_Boot_Device](https://docs.microsoft.com/windows/client-management/troubleshoot-inaccessible-boot-device)
- [Advanced troubleshooting for Stop error 7B or Inaccessible_Boot_Device](https://docs.microsoft.com/windows/client-management/troubleshoot-inaccessible-boot-device)
- [Advanced troubleshooting for Event ID 41 "The system has rebooted without cleanly shutting down first"](troubleshoot-event-id-41-restart.md)
- The screen is stuck at the "spinning wheel" (rolling dots) "system busy" icon.

3
windows/client-management/change-history-for-client-management.md
View File

@ -9,7 +9,7 @@ ms.pagetype: security
ms.localizationpriority: medium
author: dansimp
ms.author: dansimp
ms.date: 12/13/2019
ms.date: 12/27/2019
ms.reviewer:
manager: dansimp
ms.topic: article
@ -24,6 +24,7 @@ This topic lists new and updated topics in the [Client management](index.md) doc
New or changed topic | Description
--- | ---
[Change in default removal policy for external storage media in Windows 10, version 1809](change-default-removal-policy-external-storage-media.md) | New
[Advanced troubleshooting for Event ID 41 "The system has rebooted without cleanly shutting down first"](troubleshoot-event-id-41-restart.md) | New
## December 2018

2
windows/client-management/mdm/accounts-csp.md
View File

@ -1,6 +1,6 @@
---
title: Accounts CSP
description: The Accounts configuration service provider (CSP) is used by the enterprise (1) to rename a device, (2) to create a new local Windows account and joint it to a local user group.
description: The Accounts configuration service provider (CSP) is used by the enterprise to rename devices, as well as create local Windows accounts & joint them to a group.
ms.author: dansimp
ms.topic: article
ms.prod: w10

2
windows/client-management/mdm/device-update-management.md
View File

@ -1,6 +1,6 @@
---
title: Mobile device management MDM for device updates
description: In the current device landscape of PC, tablets, phones, and IoT devices, the Mobile Device Management (MDM) solutions are becoming prevalent as a lightweight device management technology.
description: Windows 10 provides several APIs to help mobile device management (MDM) solutions manage updates. Learn how to use these APIs to implement update management.
ms.assetid: C27BAEE7-2890-4FB7-9549-A6EACC790777
ms.reviewer:
manager: dansimp

4
windows/client-management/mdm/diagnose-mdm-failures-in-windows-10.md
View File

@ -1,6 +1,6 @@
---
title: Diagnose MDM failures in Windows 10
description: To help diagnose enrollment or device management issues in Windows 10 devices managed by an MDM server, you can examine the MDM logs collected from the desktop or mobile device. The following sections describe the procedures for collecting MDM logs.
description: Learn how to collect MDM logs. Examining these logs can help diagnose enrollment or device management issues in Windows 10 devices managed by an MDM server.
ms.assetid: 12D8263B-D839-4B19-9346-31E0CDD0CBF9
ms.reviewer:
manager: dansimp
@ -118,7 +118,7 @@ Since there is no Event Viewer in Windows 10 Mobile, you can use the [Field Medi
**To collect logs manually**
1. Download and install the [Field Medic]( http://go.microsoft.com/fwlink/p/?LinkId=718232) app from the store.
1. Download and install the [Field Medic]( https://go.microsoft.com/fwlink/p/?LinkId=718232) app from the store.
2. Open the Field Medic app and then click on **Advanced**.
![field medic screenshot](images/diagnose-mdm-failures2.png)

4
windows/client-management/mdm/enterprisedataprotection-csp.md
View File

@ -1,6 +1,6 @@
---
title: EnterpriseDataProtection CSP
description: The EnterpriseDataProtection configuration service provider (CSP) is used to configure Windows Information Protection (WIP) (formerly known as Enterprise Data Protection) specific settings.
description: The EnterpriseDataProtection configuration service provider (CSP) configures Windows Information Protection (formerly, Enterprise Data Protection) settings.
ms.assetid: E2D4467F-A154-4C00-9208-7798EF3E25B3
ms.reviewer:
manager: dansimp
@ -249,7 +249,7 @@ typedef enum _PUBLIC_KEY_SOURCE_TAG {
<p style="margin-left: 20px">Added in Windows 10, version 1703. This policy controls whether to revoke the WIP keys when a device upgrades from MAM to MDM. If set to 0 (Don&#39;t revoke keys), the keys will not be revoked and the user will continue to have access to protected files after upgrade. This is recommended if the MDM service is configured with the same WIP EnterpriseID as the MAM service.
- 0 - Don't revoke keys
- 1 (dafault) - Revoke keys
- 1 (default) - Revoke keys
<p style="margin-left: 20px">Supported operations are Add, Get, Replace and Delete. Value type is integer.

2
windows/client-management/mdm/enterprisedesktopappmanagement-csp.md
View File

@ -1,6 +1,6 @@
---
title: EnterpriseDesktopAppManagement CSP
description: The EnterpriseDesktopAppManagement configuration service provider is used to handle enterprise desktop application management tasks, such as querying installed enterprise applications, installing applications, or removing applications.
description: The EnterpriseDesktopAppManagement CSP handles enterprise desktop application management tasks, such as installing or removing applications.
ms.assetid: 2BFF7491-BB01-41BA-9A22-AB209EE59FC5
ms.reviewer:
manager: dansimp

2
windows/client-management/mdm/index.md
View File

@ -1,6 +1,6 @@
---
title: Mobile device management
description: Windows 10 provides an enterprise management solution to help IT pros manage company security policies and business applications, while avoiding compromise of the users privacy on their personal devices.
description: Windows 10 provides an enterprise-level solution to mobile management, to help IT pros comply with security policies while avoiding compromise of user's privacy
MS-HAID:
- 'p\_phDeviceMgmt.provisioning\_and\_device\_management'
- 'p\_phDeviceMgmt.mobile\_device\_management\_windows\_mdm'

2
windows/client-management/mdm/networkqospolicy-ddf.md
View File

@ -1,6 +1,6 @@
---
title: NetworkQoSPolicy DDF
description: This topic shows the OMA DM device description framework (DDF) for the NetworkQoSPolicy configuration service provider. DDF files are used only with OMA DM provisioning XML.
description: View the OMA DM device description framework (DDF) for the NetworkQoSPolicy configuration service provider. DDF files are used only with OMA DM provisioning XML
ms.assetid:
ms.reviewer:
manager: dansimp

9
windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
View File

@ -1,6 +1,6 @@
---
title: What's new in MDM enrollment and management
description: This topic provides information about what's new and breaking changes in Windows 10 mobile device management (MDM) enrollment and management experience across all Windows 10 devices.
description: Discover what's new and breaking changes in Windows 10 mobile device management (MDM) enrollment and management experience across all Windows 10 devices.
MS-HAID:
- 'p\_phdevicemgmt.mdm\_enrollment\_and\_management\_overview'
- 'p\_phDeviceMgmt.new\_in\_windows\_mdm\_enrollment\_management'
@ -58,6 +58,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
- [What is dmwappushsvc?](#what-is-dmwappushsvc)
- **Change history in MDM documentation**
- [January 2020](#january-2020)
- [November 2019](#november-2019)
- [October 2019](#october-2019)
- [September 2019](#september-2019)
@ -1935,6 +1936,12 @@ How do I turn if off? | The service can be stopped from the "Services" console o
## Change history in MDM documentation
### January 2020
|New or updated topic | Description|
|--- | ---|
|[Policy CSP - Defender](policy-csp-defender.md)|Added descriptions for supported actions for Defender/ThreatSeverityDefaultAction.|
### November 2019
|New or updated topic | Description|

4
windows/client-management/mdm/passportforwork-csp.md
View File

@ -206,7 +206,7 @@ This node is deprecated. Use **Biometrics/UseBiometrics** node instead.
<a href="" id="biometrics--only-for---device-vendor-msft-"></a>**Biometrics** (only for ./Device/Vendor/MSFT)
Node for defining biometric settings. This node was added in Windows 10, version 1511.
*Not supported on Windows Holographic and Windows Holographic for Business prior to Windows 10 version 1903 (May 2019 Update).*
*Not supported on Windows Holographic and Windows Holographic for Business.*
<a href="" id="biometrics-usebiometrics--only-for---device-vendor-msft-"></a>**Biometrics/UseBiometrics** (only for ./Device/Vendor/MSFT)
Boolean value used to enable or disable the use of biometric gestures, such as face and fingerprint, as an alternative to the PIN gesture for Windows Hello for Business. Users must still configure a PIN if they configure biometric gestures to use in case of failures. This node was added in Windows 10, version 1511.
@ -217,7 +217,7 @@ Default value is true, enabling the biometric gestures for use with Windows Hell
Supported operations are Add, Get, Delete, and Replace.
*Not supported on Windows Holographic and Windows Holographic for Business.*
*Not supported on Windows Holographic and Windows Holographic for Business prior to Windows 10 version 1903 (May 2019 Update).*
<a href="" id="biometrics-facialfeaturesuseenhancedantispoofing--only-for---device-vendor-msft-"></a>**Biometrics/FacialFeaturesUseEnhancedAntiSpoofing** (only for ./Device/Vendor/MSFT)
Boolean value used to enable or disable enhanced anti-spoofing for facial feature recognition on Windows Hello face authentication. This node was added in Windows 10, version 1511.

2
windows/client-management/mdm/passportforwork-ddf.md
View File

@ -1,6 +1,6 @@
---
title: PassportForWork DDF
description: This topic shows the OMA DM device description framework (DDF) for the PassportForWork configuration service provider. DDF files are used only with OMA DM provisioning XML.
description: View the OMA DM device description framework (DDF) for the PassportForWork configuration service provider. DDF files are used only with OMA DM provisioning XML.
ms.assetid: A2182898-1577-4675-BAE5-2A3A9C2AAC9B
ms.reviewer:
manager: dansimp

6
windows/client-management/mdm/policy-csp-browser.md
View File

@ -14,10 +14,14 @@ ms.localizationpriority: medium
# Policy CSP - Browser
> [!NOTE]
> You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).
<hr/>
> [!NOTE]
> You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).
<!--Policies-->
## Browser policies

16
windows/client-management/mdm/policy-csp-defender.md
View File

@ -7,7 +7,7 @@ ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.localizationpriority: medium
ms.date: 09/27/2019
ms.date: 01/08/2020
ms.reviewer:
manager: dansimp
---
@ -3068,7 +3068,7 @@ The following list shows the supported values:
Allows an administrator to specify any valid threat severity levels and the corresponding default action ID to take.
This value is a list of threat severity level IDs and corresponding actions, separated by a<strong>|</strong> using the format "*threat level*=*action*|*threat level*=*action*". For example "1=6|2=2|4=10|5=3
This value is a list of threat severity level IDs and corresponding actions, separated by a <strong>|</strong> using the format "*threat level*=*action*|*threat level*=*action*". For example, "1=6|2=2|4=10|5=3".
The following list shows the supported values for threat severity levels:
@ -3079,12 +3079,12 @@ The following list shows the supported values for threat severity levels:
The following list shows the supported values for possible actions:
- 1 Clean
- 2 Quarantine
- 3 Remove
- 6 Allow
- 8 User defined
- 10 Block
- 1 Clean. Service tries to recover files and try to disinfect.
- 2 Quarantine. Moves files to quarantine.
- 3 Remove. Removes files from system.
- 6 Allow. Allows file/does none of the above actions.
- 8 User defined. Requires user to make a decision on which action to take.
- 10 Block. Blocks file execution.
<!--/Description-->
<!--ADMXMapped-->

16
windows/client-management/mdm/register-your-free-azure-active-directory-subscription.md
View File

@ -1,6 +1,6 @@
---
title: Register your free Azure Active Directory subscription
description: If you have paid subscriptions to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, you have a free subscription to Azure AD.
description: Paid subscribers to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, have a free subscription to Azure AD.
ms.assetid: 97DCD303-BB11-4AFF-84FE-B7F14CDF64F7
ms.reviewer:
manager: dansimp
@ -29,21 +29,11 @@ If you have paid subscriptions to Office 365, Microsoft Dynamics CRM Online, Ent
![register azuread](images/azure-ad-add-tenant11.png)
3. On the **Admin center** page, hover your mouse over the Admin tools icon on the left and then click **Azure AD**. This will take you to the Azure Active Directory sign-up page and brings up your existing Office 365 organization account information.
3. On the **Admin center** page, under Admin Centers on the left, click **Azure Active Directory**. This will take you to the Azure Active Directory portal.
![register azuread](images/azure-ad-add-tenant12.png)
![Azure-AD-updated](https://user-images.githubusercontent.com/41186174/71594506-e4845300-2b40-11ea-9a08-c21c824e12a4.png)
4. On the **Sign up** page, make sure to enter a valid phone number and then click **Sign up**.
![register azuread](images/azure-ad-add-tenant13.png)
5. It may take a few minutes to process the request.
![register azuread](images/azure-ad-add-tenant14.png)
6. You will see a welcome page when the process completes.
![register azuread](images/azure-ad-add-tenant15.png)
 

2
windows/client-management/mdm/reporting-ddf-file.md
View File

@ -1,6 +1,6 @@
---
title: Reporting DDF file
description: This topic shows the OMA DM device description framework (DDF) for the Reporting configuration service provider. This CSP was added in Windows 10, version 1511. Support for desktop security auditing was added for the desktop in Windows 10, version 1607.
description: View the OMA DM device description framework (DDF) for the Reporting configuration service provider.
ms.assetid: 7A5B79DB-9571-4F7C-ABED-D79CD08C1E35
ms.reviewer:
manager: dansimp

2
windows/client-management/mdm/secureassessment-ddf-file.md
View File

@ -1,6 +1,6 @@
---
title: SecureAssessment DDF file
description: This topic shows the OMA DM device description framework (DDF) for the SecureAssessment configuration service provider. DDF files are used only with OMA DM provisioning XML.
description: View the OMA DM device description framework (DDF) for the SecureAssessment configuration service provider. DDF files are used only with OMA DM provisioning XML
ms.assetid: 68D17F2A-FAEA-4608-8727-DBEC1D7BE48A
ms.reviewer:
manager: dansimp

2
windows/client-management/mdm/unifiedwritefilter-csp.md
View File

@ -1,6 +1,6 @@
---
title: UnifiedWriteFilter CSP
description: The UnifiedWriteFilter (UWF) configuration service provider enables the IT administrator to remotely manage the UWF to help protect physical storage media including any writable storage type.
description: The UnifiedWriteFilter (UWF) configuration service provider allows you to remotely manage the UWF. Understand how it helps protect physical storage media.
ms.assetid: F4716AC6-0AA5-4A67-AECE-E0F200BA95EB
ms.reviewer:
manager: dansimp

2
windows/client-management/mdm/windows-mdm-enterprise-settings.md
View File

@ -1,6 +1,6 @@
---
title: Enterprise settings, policies, and app management
description: The actual management interaction between the device and server is done via the DM client. The DM client communicates with the enterprise management server via DM v1.2 SyncML syntax.
description: The DM client manages the interaction between a device and a server. Learn more about the client-server management workflow.
MS-HAID:
- 'p\_phdevicemgmt.enterprise\_settings\_\_policies\_\_and\_app\_management'
- 'p\_phDeviceMgmt.windows\_mdm\_enterprise\_settings'

2
windows/client-management/mdm/windowssecurityauditing-ddf-file.md
View File

@ -1,6 +1,6 @@
---
title: WindowsSecurityAuditing DDF file
description: This topic shows the OMA DM device description framework (DDF) for the WindowsSecurityAuditing configuration service provider. This CSP was added in Windows 10, version 1511.
description: View the OMA DM device description framework (DDF) for the WindowsSecurityAuditing configuration service provider.
ms.assetid: B1F9A5FA-185B-48C6-A7F4-0F0F23B971F0
ms.reviewer:
manager: dansimp

121
windows/client-management/troubleshoot-event-id-41-restart.md Normal file
View File

@ -0,0 +1,121 @@
---
title: Advanced troubleshooting for Event ID 41 - "The system has rebooted without cleanly shutting down first"
description: Describes the circumstances that cause a computer to generate Event ID 41, and provides guidance for troubleshooting the issue
author: Teresa-Motiv
ms.author: v-tea
ms.date: 12/27/2019
ms.prod: w10
ms.topic: article
ms.custom:
- CI 111437
- CSSTroubleshooting
audience: ITPro
ms.localizationpriority: medium
keywords: event id 41, reboot, restart, stop error, bug check code
manager: kaushika
---
# Advanced troubleshooting for Event ID 41: "The system has rebooted without cleanly shutting down first"
> **Home users**
> This article is intended for use by support agents and IT professionals. If you're looking for more information about blue screen error messages, please visit [Troubleshoot blue screen errors](https://support.microsoft.com/help/14238/windows-10-troubleshoot-blue-screen-errors).
The preferred way to shut down Windows is to select **Start**, and then select an option to turn off or shut down the computer. When you use this standard method, the operating system closes all files and notifies the running services and applications so that they can write any unsaved data to disk and flush any active caches.
If your computer shuts down unexpectedly, Windows logs Event ID 41 the next time that the computer starts. The event text resembles the following:
> Event ID: 41
> Description: The system has rebooted without cleanly shutting down first.
This event indicates that some unexpected activity prevented Windows from shutting down correctly. Such a shutdown might be caused by an interruption in the power supply or by a Stop error. If feasible, Windows records any error codes as it shuts down. During the [kernel phase](advanced-troubleshooting-boot-problems.md#kernel-phase) of the next Windows startup, Windows checks for these codes and includes any existing codes in the event data of Event ID 41.
> EventData
> BugcheckCode 159
> BugcheckParameter1 0x3
> BugcheckParameter2 0xfffffa80029c5060
> BugcheckParameter3 0xfffff8000403d518
> BugcheckParameter4 0xfffffa800208c010
> SleepInProgress false
> PowerButtonTimestamp 0Converts to 0x9f (0x3, 0xfffffa80029c5060, 0xfffff8000403d518, 0xfffffa800208c010)
## How to use Event ID 41 when you troubleshoot an unexpected shutdown or restart
By itself, Event ID 41 might not contain sufficient information to explicitly define what occurred. Typically, you have to also consider what was occurring at the time of the unexpected shutdown (for example, the power supply failed). Use the information in this article to identify a troubleshooting approach that is appropriate for your circumstances:
- [Scenario 1](#scen1): The computer restarts because of a Stop error, and Event ID 41 contains a Stop error (bug check) code
- [Scenario 2](#scen2): The computer restarts because you pressed and held the power button
- [Scenario 3](#scen3): The computer is unresponsive or randomly restarts, and Event ID 41 is not logged or the Event ID 41 entry lists error code values of zero
### <a name="scen1"></a>Scenario 1: The computer restarts because of a Stop error, and Event ID 41 contains a Stop error (bug check) code
When a computer shuts down or restarts because of a Stop error, Windows includes the Stop error data in Event ID 41 as part of the additional event data. This information includes the Stop error code (also called a bug check code), as shown in the following example:
> EventData
> BugcheckCode 159
> BugcheckParameter1 0x3
> BugcheckParameter2 0xfffffa80029c5060
> BugcheckParameter3 0xfffff8000403d518
> BugcheckParameter4 0xfffffa800208c010
> [!NOTE]
> Event ID 41 includes the bug check code in decimal format. Most documentation that describes bug check codes refers to the codes as hexadecimal values instead of decimal values. To convert decimal to hexadecimal, follow these steps:
>
> 1. Select **Start**, type **calc** in the **Search** box, and then select **Calculator**.
> 1. In the **Calculator** window, select **View** > **Programmer**.
> 1. On the left side of calculator, verify that **Dec** is highlighted.
> 1. Use the keyboard to enter the decimal value of the bug check code.
> 1. On the left side of the calculator, select **Hex**.
> The value that the calculator displays is now the hexadecimal code.
>
> When you convert a bug check code to hexadecimal format, verify that the “0x” designation is followed by eight digits (that is, the part of the code after the “x” includes enough zeros to fill out eight digits). For example, 0x9F is typically documented as 0x0000009f, and 0xA is documented as 0x0000000A. In the case of the example event data in this article, "159" converts to 0x0000009f.
After you identify the hexadecimal value, use the following references to continue troubleshooting:
- [Advanced troubleshooting for Stop error or blue screen error issue](troubleshoot-stop-errors.md).
- [Bug Check Code Reference](https://docs.microsoft.com/windows-hardware/drivers/debugger/bug-check-code-reference2). This page lists links to documentation for different bug check codes.
- [How to Debug Kernel Mode Blue Screen Crashes (for beginners)](https://blogs.technet.microsoft.com/askcore/2008/10/31/how-to-debug-kernel-mode-blue-screen-crashes-for-beginners/).
### <a name="scen2"></a>Scenario 2: The computer restarts because you pressed and held the power button
Because this method of restarting the computer interferes with the Windows shutdown operation, we recommend that you use this method only if you have no alternative. For example, you might have to use this approach if your computer is not responding. When you restart the computer by pressing and holding the power button, the computer logs an Event ID 41 that includes a non-zero value for the **PowerButtonTimestamp** entry.
For help when troubleshooting an unresponsive computer, see [Windows Help](https://support.microsoft.com/hub/4338813/windows-help?os=windows-10). Consider searching for assistance by using keywords such as "hang," "responding," or "blank screen."
### <a name="scen3"></a>Scenario 3: The computer is unresponsive or randomly restarts, and Event ID 41 is not recorded or the Event ID 41 entry or lists error code values of zero
This scenario includes the following circumstances:
- You shut off power to an unresponsive computer, and then you restart the computer.
To verify that a computer is unresponsive, press the CAPS LOCK key on the keyboard. If the CAPS LOCK light on the keyboard does not change when you press the CAPS LOCK key, the computer might be completely unresponsive (also known as a *hard hang*).
- The computer restarts, but it does not generate Event ID 41.
- The computer restarts and generates Event ID 41, but the **BugcheckCode** and **PowerButtonTimestamp** values are zero.
In such cases, something prevents Windows from generating error codes or from writing error codes to disk. Something might block write access to the disk (as in the case of an unresponsive computer) or the computer might shut down too quickly to write the error codes or even detect an error.
The information in Event ID 41 provides some indication of where to start checking for problems:
- **Event ID 41 is not recorded or the bug check code is zero**. This behavior might indicate a power supply problem. If the power to a computer is interrupted, the computer might shut down without generating a Stop error. If it does generate a Stop error, it might not finish writing the error codes to disk. The next time the computer starts, it might not log Event ID 41. Or, if it does, the bug check code is zero. Conditions such as the following might be the cause:
- In the case of a portable computer, the battery was removed or completely drained.
- In the case of a desktop computer, the computer was unplugged or experienced a power outage.
- The power supply is underpowered or faulty.
- **The PowerButtonTimestamp value is zero**. This behavior might occur if you disconnected the power to a computer that was not responding to input. Conditions such as the following might be the cause:
- A Windows process blocked write access to the disk, and you shut down the computer by pressing and holding the power button for at least four seconds.
- You disconnected the power to an unresponsive computer.
Typically, the symptoms described in this scenario indicate a hardware problem. To help isolate the problem, do the following:
- **Disable overclocking**. If the computer has overclocking enabled, disable it. Verify that the issue occurs when the system runs at the correct speed.
- **Check the memory**. Use a memory checker to determine the memory health and configuration. Verify that all memory chips run at the same speed and that every chip is configured correctly in the system.
- **Check the power supply**. Verify that the power supply has enough wattage to appropriately handle the installed devices. If you added memory, installed a newer processor, installed additional drives, or added external devices, such devices can require more energy than the current power supply can provide consistently. If the computer logged Event ID 41 because the power to the computer was interrupted, consider obtaining an uninterruptible power supply (UPS) such as a battery backup power supply.
- **Check for overheating**. Examine the internal temperature of the hardware and check for any overheating components.
If you perform these checks and still cannot isolate the problem, set the system to its default configuration and verify whether the issue still occurs.
> [!NOTE]
> If you see a Stop error message that includes a bug check code, but Event ID 41 does not include that code, change the restart behavior for the computer. To do this, follow these steps:
>
> 1. Right-click **My Computer**, then select **Properties** > **Advanced system settings** > **Advanced**.
> 1. In the **Startup and Recovery** section, select **Settings**.
> 1. Clear the **Automatically restart** check box.

2
windows/configuration/cortana-at-work/cortana-at-work-crm.md
View File

@ -1,6 +1,6 @@
---
title: Set up and test Cortana with Microsoft Dynamics CRM (Preview feature) in your organization (Windows 10)
description: How to set up Cortana to help your salespeople get proactive insights on important CRM activities, including sales leads, accounts, and opportunities; presenting the most relevant info at any given time.
description: How to set up Cortana to give salespeople insights on important CRM activities, including sales leads, accounts, and opportunities.
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library

2
windows/configuration/cortana-at-work/cortana-at-work-o365.md
View File

@ -1,6 +1,6 @@
---
title: Set up and test Cortana with Office 365 in your organization (Windows 10)
description: How to connect Cortana to Office 365 so your employees are notified about regular meetings, unusual events, such as meetings over lunch or during a typical commute time, and about early meetings, even setting an alarm so the employee isnt late.
description: Learn how to connect Cortana to Office 365 so employees are notified about regular meetings and unusual events. You can even set an alarm for early meetings.
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library

2
windows/configuration/cortana-at-work/cortana-at-work-overview.md
View File

@ -2,7 +2,7 @@
title: Cortana integration in your business or enterprise (Windows 10)
ms.reviewer:
manager: dansimp
description: The worlds first personal digital assistant helps users get things done, even at work. Cortana includes powerful configuration options specifically to optimize for unique small to medium-sized business and enterprise environments.
description: Cortana includes powerful configuration options specifically to optimize for unique small to medium-sized business and enterprise environments.
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library

2
windows/configuration/stop-employees-from-using-microsoft-store.md
View File

@ -1,6 +1,6 @@
---
title: Configure access to Microsoft Store (Windows 10)
description: IT Pros can configure access to Microsoft Store for client computers in their organization. For some organizations, business policies require blocking access to Microsoft Store.
description: Learn how to configure access to Microsoft Store for client computers and mobile devices in your organization.
ms.assetid: 7AA60D3D-2A69-45E7-AAB0-B8AFC29C2E97
ms.reviewer:
manager: dansimp

5
windows/deployment/deploy-windows-mdt/configure-mdt-settings.md
View File

@ -1,6 +1,6 @@
---
title: Configure MDT settings (Windows 10)
description: One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities; there is virtually no limitation to what you can do in terms of customization.
description: One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities. Learn how to customize your environment.
ms.assetid: d3e1280c-3d1b-4fad-8ac4-b65dc711f122
ms.reviewer:
manager: laurawi
@ -11,7 +11,8 @@ ms.mktglfcycl: deploy
ms.localizationpriority: medium
ms.sitesec: library
ms.pagetype: mdt
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.topic: article
---

2
windows/deployment/deploy-windows-mdt/integrate-configuration-manager-with-mdt.md
View File

@ -1,6 +1,6 @@
---
title: Integrate Configuration Manager with MDT (Windows 10)
description: This topic will help you understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy a new or updated version of the Windows operating system.
description: Understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy Windows.
ms.assetid: 3bd1cf92-81e5-48dc-b874-0f5d9472e5a5
ms.reviewer:
manager: laurawi

2
windows/deployment/deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md
View File

@ -1,6 +1,6 @@
---
title: Prepare for deployment with MDT (Windows 10)
description: This topic will walk you through the steps necessary to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT).
description: Learn how to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT).
ms.assetid: 5103c418-0c61-414b-b93c-a8e8207d1226
ms.reviewer:
manager: laurawi

2
windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md
View File

@ -1,6 +1,6 @@
---
title: Replace a Windows 7 computer with a Windows 10 computer (Windows 10)
description: A computer replace scenario for Windows 10 is quite similar to a computer refresh for Windows 10; however, because you are replacing a machine, you cannot store the backup on the old computer.
description: Learn how to replace a Windows 7 device with a Windows 10 device. Although the process is similar to performing a refresh, you'll need to backup data externally
ms.assetid: acf091c9-f8f4-4131-9845-625691c09a2a
ms.reviewer:
manager: laurawi

5
windows/deployment/deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md
View File

@ -1,6 +1,6 @@
---
title: Create a custom Windows PE boot image with Configuration Manager (Windows 10)
description: In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features.
description: Microsoft System Center 2012 R2 Configuration Manager can create custom Windows Preinstallation Environment (Windows PE) boot images with extra features.
ms.assetid: b9e96974-324d-4fa4-b0ce-33cfc49c4809
ms.reviewer:
manager: laurawi
@ -10,7 +10,8 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: medium
ms.sitesec: library
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.topic: article
---

5
windows/deployment/planning/act-technical-reference.md
View File

@ -1,6 +1,6 @@
---
title: Application Compatibility Toolkit (ACT) Technical Reference (Windows 10)
description: The Microsoft® Application Compatibility Toolkit (ACT) helps you determine whether the applications, devices, and computers in your organization are compatible with versions of the Windows® operating system.
description: The Microsoft Application Compatibility Toolkit (ACT) helps you see if the apps and devices in your org are compatible with different versions of Windows.
ms.assetid: d90d38b2-2718-4481-90eb-4480719627ba
ms.reviewer:
manager: laurawi
@ -9,7 +9,8 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.pagetype: appcompat
ms.sitesec: library
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.topic: article
---

2
windows/deployment/planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md
View File

@ -1,6 +1,6 @@
---
title: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista (Windows 10)
description: You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions.
description: Find compatibility fixes for all Windows operating systems that have been released from Windows Vista through Windows 10.
ms.assetid: cd51c824-557f-462a-83bb-54b0771b7dff
ms.reviewer:
manager: laurawi

2
windows/deployment/planning/searching-for-fixed-applications-in-compatibility-administrator.md
View File

@ -1,6 +1,6 @@
---
title: Searching for Fixed Applications in Compatibility Administrator (Windows 10)
description: With the search functionality in Compatibility Administrator, you can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages.
description: Compatibility Administrator can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages.
ms.assetid: 1051a2dc-0362-43a4-8ae8-07dae39b1cb8
ms.reviewer:
manager: laurawi

5
windows/deployment/planning/sua-users-guide.md
View File

@ -1,6 +1,6 @@
---
title: SUA User's Guide (Windows 10)
description: You can use Standard User Analyzer (SUA) to test your applications and monitor API calls to detect compatibility issues related to the User Account Control (UAC) feature in Windows.
description: Standard User Analyzer (SUA) can test your apps and monitor API calls to detect compatibility issues related to Windows' User Account Control (UAC) feature.
ms.assetid: ea525c25-b557-4ed4-b042-3e4d0e543e10
ms.reviewer:
manager: laurawi
@ -9,7 +9,8 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.pagetype: appcompat
ms.sitesec: library
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.date: 04/19/2017
ms.topic: article
---

2
windows/deployment/planning/testing-your-application-mitigation-packages.md
View File

@ -1,6 +1,6 @@
---
title: Testing Your Application Mitigation Packages (Windows 10)
description: This topic provides details about testing your application-mitigation packages, including recommendations about how to report your information and how to resolve any outstanding issues.
description: Learn how to test your application-mitigation packages, including how to report your information and how to resolve any outstanding issues.
ms.assetid: ae946f27-d377-4db9-b179-e8875d454ccf
ms.reviewer:
manager: laurawi

5
windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md
View File

@ -1,6 +1,6 @@
---
title: Using the Sdbinst.exe Command-Line Tool (Windows 10)
description: You must deploy your customized database (.sdb) files to other computers in your organization before your compatibility fixes, compatibility modes, and AppHelp messages are applied.
description: Learn how to deploy customized database (.sdb) files using the Sdbinst.exe Command-Line Tool. Review a list of command line options.
ms.assetid: c1945425-3f8d-4de8-9d2d-59f801f07034
ms.reviewer:
manager: laurawi
@ -9,7 +9,8 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.pagetype: appcompat
ms.sitesec: library
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.date: 04/19/2017
ms.topic: article
---

5
windows/deployment/planning/using-the-sua-wizard.md
View File

@ -1,6 +1,6 @@
---
title: Using the SUA Wizard (Windows 10)
description: The Standard User Analyzer (SUA) Wizard works much like the SUA tool to evaluate User Account Control (UAC) issues. However, the SUA Wizard does not offer detailed analysis, and it cannot disable virtualization or elevate your permissions.
description: The Standard User Analyzer (SUA) Wizard, although it does not offer deep analysis, works much like the SUA tool to test for User Account Control (UAC) issues.
ms.assetid: 29d07074-3de7-4ace-9a54-678af7255d6c
ms.reviewer:
manager: laurawi
@ -9,7 +9,8 @@ ms.prod: w10
ms.mktglfcycl: plan
ms.pagetype: appcompat
ms.sitesec: library
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.date: 04/19/2017
ms.topic: article
---

2
windows/deployment/planning/viewing-the-events-screen-in-compatibility-administrator.md
View File

@ -1,6 +1,6 @@
---
title: Viewing the Events Screen in Compatibility Administrator (Windows 10)
description: The Events screen enables you to record and to view your activities in the Compatibility Administrator tool, provided that the screen is open while you perform the activities.
description: You can use the Events screen to record and view activities in the Compatibility Administrator tool.
ms.assetid: f2b2ada4-1b7b-4558-989d-5b52b40454b3
ms.reviewer:
manager: laurawi

2
windows/deployment/planning/windows-10-infrastructure-requirements.md
View File

@ -1,6 +1,6 @@
---
title: Windows 10 infrastructure requirements (Windows 10)
description: There are specific infrastructure requirements to deploy and manage Windows 10 that should be in place prior to significant Windows 10 deployments within your organization.
description: Review the specific infrastructure requirements to deploy and manage Windows 10, prior to significant Windows 10 deployments within your organization.
ms.assetid: B0FA27D9-A206-4E35-9AE6-74E70748BE64
ms.reviewer:
manager: laurawi

6
windows/deployment/planning/windows-to-go-overview.md
View File

@ -92,9 +92,9 @@ As of the date of publication, the following are the USB drives currently certif
> [!WARNING]
> Using a USB drive that has not been certified is not supported.
- IronKey Workspace W700 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w700.html](https://go.microsoft.com/fwlink/p/?LinkId=618714))
- IronKey Workspace W500 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w500.html](https://go.microsoft.com/fwlink/p/?LinkId=618717))
- IronKey Workspace W300 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w300.html](https://go.microsoft.com/fwlink/p/?LinkId=618718))
- IronKey Workspace W700 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w700.html](https://www.kingston.com/support/technical/products?model=dtws))
- IronKey Workspace W500 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w500.html](https://www.kingston.com/support/technical/products?model=dtws))
- IronKey Workspace W300 ([http://www.ironkey.com/windows-to-go-drives/ironkey-workspace-w300.html](https://www.kingston.com/support/technical/products?model=dtws))
- Kingston DataTraveler Workspace for Windows To Go ([http://www.kingston.com/wtg/](https://go.microsoft.com/fwlink/p/?LinkId=618719))
- Spyrus Portable Workplace ([http://www.spyruswtg.com/](https://go.microsoft.com/fwlink/p/?LinkId=618720))

10
windows/deployment/update/waas-configure-wufb.md
View File

@ -125,9 +125,9 @@ Starting with Windows 10, version 1703, using Settings to control the pause beha
## Configure when devices receive Quality Updates
Quality Updates are typically published on the first Tuesday of every month, although they can be released at any time. You can define if, and for how long, you would like to defer receiving Quality Updates following their availability. You can defer receiving these Quality Updates for a period of up to 35 days from their release by setting the **DeferQualityUpdatesPeriodinDays** value.
Quality updates are typically published on the first Tuesday of every month, although they can be released at any time. You can define if, and for how long, you would like to defer receiving Quality updates following their availability. You can defer receiving these quality updates for a period of up to 30 days from their release by setting the **DeferQualityUpdatesPeriodinDays** value.
You can set your system to receive updates for other Microsoft products—known as Microsoft Updates (such as Microsoft Office, Visual Studio)—along with Windows Updates by setting the **AllowMUUpdateService** policy. When you do this, these Microsoft Updates will follow the same deferral and pause rules as all other Quality Updates.
You can set your system to receive updates for other Microsoft products—known as Microsoft updates (such as Microsoft Office, Visual Studio)—along with Windows updates by setting the **AllowMUUpdateService** policy. When you do this, these Microsoft updates will follow the same deferral and pause rules as all other quality updates.
>[!IMPORTANT]
>This policy defers both Feature and Quality Updates on Windows 10 Mobile Enterprise.
@ -146,7 +146,7 @@ You can set your system to receive updates for other Microsoft products—known
## Pause quality updates
You can also pause a system from receiving Quality Updates for a period of up to 35 days from when the value is set. After 35 days has passed, the pause setting will automatically expire and the device will scan Windows Update for applicable quality Updates. Following this scan, you can then pause quality Updates for the device again.
You can also pause a system from receiving quality updates for a period of up to 35 days from when the value is set. After 35 days have passed, the pause setting will automatically expire and the device will scan Windows Update for applicable quality updates. Following this scan, you can then pause quality updates for the device again.
Starting with Windows 10, version 1703, when you configure a pause by using policy, you must set a start date for the pause to begin. The pause period is calculated by adding 35 days to this start date.
@ -201,9 +201,9 @@ The policy settings to **Select when Feature Updates are received** allows you t
* Group Policy: **Computer Configuration/Administrative Templates/Windows Components/Windows Update/ Windows Update for Business** - *Select when Preview Builds and Feature Updates are received*
* MDM: **Update/BranchReadinessLevel**
## Exclude drivers from Quality Updates
## Exclude drivers from quality updates
Starting with Windows 10, version 1607, you can selectively opt out of receiving driver update packages as part of your normal quality update cycle. This policy will not apply to updates to drivers provided with the operating system (which will be packaged within a security or critical update) or to Feature Updates, where drivers might be dynamically installed to ensure the Feature Update process can complete.
Starting with Windows 10, version 1607, you can selectively opt out of receiving driver update packages as part of your normal quality update cycle. This policy will not apply to updates to drivers provided with the operating system (which will be packaged within a security or critical update) or to feature updates, where drivers might be dynamically installed to ensure the feature update process can complete.
**Policy settings to exclude drivers**

4
windows/deployment/upgrade/log-files.md
View File

@ -35,7 +35,7 @@ The following table describes some log files and how to use them for troubleshoo
<br>
<table>
<tr><td BGCOLOR="#a0e4fa"><B>Log file</td><td BGCOLOR="#a0e4fa"><B>Phase: Location</td><td BGCOLOR="#a0e4fa"><B>Description</td><td BGCOLOR="#a0e4fa"><B>When to use</td>
<tr><td BGCOLOR="#a0e4fa"><font color="#000000"><B>Log file</td><td BGCOLOR="#a0e4fa"><font color="#000000"><B>Phase: Location</td><td BGCOLOR="#a0e4fa"><font color="#000000"><B>Description</td><td BGCOLOR="#a0e4fa"><font color="#000000"><B>When to use</td>
<tr><td rowspan="5">setupact.log</td><td>Down-Level:<br>$Windows.~BT\Sources\Panther</td><td>Contains information about setup actions during the downlevel phase. </td>
<td>All down-level failures and starting point for rollback investigations.<br> This is the most important log for diagnosing setup issues.</td>
<tr><td>OOBE:<br>$Windows.~BT\Sources\Panther\UnattendGC</td>
@ -52,7 +52,7 @@ setupapi.dev.log<br>
Event logs (*.evtx)</td>
<td>$Windows.~BT\Sources\Rollback<td>Additional logs collected during rollback.</td>
<td>
Setupmem.dmp: If OS bugchecks during upgrade, setup will attempt to extract a mini-dump.<br>
Setupmem.dmp: If OS bug checks during upgrade, setup will attempt to extract a mini-dump.<br>
Setupapi: Device install issues - 0x30018<br>
Event logs: Generic rollbacks (0xC1900101) or unexpected reboots.</td>
</table>

8
windows/deployment/upgrade/resolution-procedures.md
View File

@ -513,9 +513,9 @@ This error has more than one possible cause. Attempt [quick fixes](quick-fixes.m
<br /><table>
<tr>
<td BGCOLOR="#a0e4fa"><b>Error code</b></th>
<td BGCOLOR="#a0e4fa"><b>Cause</b></th>
<td BGCOLOR="#a0e4fa"><b>Mitigation</b></th>
<td BGCOLOR="#a0e4fa"><font color="#000000"><b>Error code</b></font></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><b>Cause</b></font></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><b>Mitigation</b></font></td>
</tr>
<tr>
@ -647,7 +647,7 @@ For detailed information on how to run these steps check out <a href="https://bl
<br><table>
<tr><td BGCOLOR="#a0e4fa">Error Codes<td BGCOLOR="#a0e4fa">Cause<td BGCOLOR="#a0e4fa">Mitigation</td></tr>
<tr><td BGCOLOR="#a0e4fa"><font color="#000000">Error Codes<td BGCOLOR="#a0e4fa"><font color="#000000">Cause<td BGCOLOR="#a0e4fa"><font color="#000000">Mitigation</td></tr>
<tr><td>0x80070003- 0x20007
<td>This is a failure during SafeOS phase driver installation.

4
windows/deployment/upgrade/upgrade-error-codes.md
View File

@ -91,7 +91,7 @@ The following tables provide the corresponding phase and operation for values of
<br>
<table cellspacing="0" cellpadding="0">
<tr><td colspan="2" align="center" valign="top" BGCOLOR="#a0e4fa"><b>Extend code: phase</b></td>
<tr><td colspan="2" align="center" valign="top" BGCOLOR="#a0e4fa"><font color="#000000"><b>Extend code: phase</b></td>
<tr><td style='padding:0in 4pt 0in 4pt'><b>Hex</b><td style='padding:0in 5.4pt 0in 5.4pt'><b>Phase</b>
<tr><td style='padding:0in 4pt 0in 4pt'>0<td style='padding:0in 4pt 0in 4pt'>SP_EXECUTION_UNKNOWN
<tr><td style='padding:0in 4pt 0in 4pt'>1<td style='padding:0in 4pt 0in 4pt'>SP_EXECUTION_DOWNLEVEL
@ -103,7 +103,7 @@ The following tables provide the corresponding phase and operation for values of
<table border="0" style='border-collapse:collapse;border:none'>
<tr><td colspan="2" align="center" valign="top" BGCOLOR="#a0e4fa"><B>Extend code: operation</B></td>
<tr><td colspan="2" align="center" valign="top" BGCOLOR="#a0e4fa"><font color="#000000"><B>Extend code: operation</B></td>
<tr><td align="left" valign="top" style='border:dotted #A6A6A6 1.0pt;'>
<table>
<tr><td style='padding:0in 4pt 0in 4pt'><b>Hex</b><td style='padding:0in 4pt 0in 4pt'><span style='padding:0in 5.4pt 0in 5.4pt;'><b>Operation</b>

5
windows/deployment/usmt/usmt-technical-reference.md
View File

@ -1,6 +1,6 @@
---
title: User State Migration Tool (USMT) Technical Reference (Windows 10)
description: The User State Migration Tool (USMT) is included with the Windows Assessment and Deployment Kit (Windows ADK) for Windows 10. USMT provides a highly customizable user-profile migration experience for IT professionals.
description: The User State Migration Tool (USMT) provides a highly customizable user-profile migration experience for IT professionals.
ms.assetid: f90bf58b-5529-4520-a9f8-b6cb4e4d3add
ms.reviewer:
manager: laurawi
@ -8,7 +8,8 @@ ms.author: greglin
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.date: 04/19/2017
ms.topic: article
---

5
windows/deployment/volume-activation/use-the-volume-activation-management-tool-client.md
View File

@ -1,6 +1,6 @@
---
title: Use the Volume Activation Management Tool (Windows 10)
description: The Volume Activation Management Tool (VAMT) provides several useful features, including the ability to perform VAMT proxy activation and to track and monitor several types of product keys.
description: The Volume Activation Management Tool (VAMT) provides several useful features, including the ability to track and monitor several types of product keys.
ms.assetid: b11f0aee-7b60-44d1-be40-c960fc6c4c47
ms.reviewer:
manager: laurawi
@ -10,7 +10,8 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: activation
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.localizationpriority: medium
ms.date: 07/27/2017
ms.topic: article

32
windows/deployment/volume-activation/vamt-known-issues.md
View File

@ -20,39 +20,33 @@ ms.custom:
# VAMT known issues
The following list and the section that follows contain the current known issues regarding the Volume Activation Management Tool (VAMT), versions 3.0. and 3.1.
The current known issues with the Volume Activation Management Tool (VAMT), versions 3.0. and 3.1, include:
- VAMT Windows Management Infrastructure (WMI) remote operations might take longer to execute if the target computer is in a sleep or standby state.
- When opening a Computer Information List (CIL file) that was saved by using a previous version of VAMT, the edition information is not shown for each product in the center pane. Users must update the product status again to obtain the edition information.
- The remaining activation count can only be retrieved for MAKs.
- When you open a Computer Information List (CIL) file that was saved by using a previous version of VAMT, the edition information is not shown for each product in the center pane. You must update the product status again to obtain the edition information.
- The remaining activation count can only be retrieved for Multiple Activation Key (MAKs).
## Can't add CSVLKs for Windows 10 activation to VAMT 3.1
## Workarounds for adding CSVLKs for Windows 10 activation to VAMT 3.1
When you try to add a Windows 10 Key Management Service (KMS) Host key (CSVLK) or a Windows Server 2012 R2 for Windows 10 CSVLK into VAMT 3.1 (version 10.0.10240.0), you receive the following error message:
> The specified product key is invalid, or is unsupported by this version of VAMT. An update to support additional products may be available online.
Another known issue is that when you try to add a Windows 10 Key Management Service (KMS) Host key (CSVLK) or a Windows Server 2012 R2 for Windows 10 CSVLK into VAMT 3.1 (version 10.0.10240.0), you receive the error message shown here.
![VAMT error message](./images/vamt-known-issue-message.png)
This issue occurs because VAMT 3.1 does not contain the correct Pkconfig files to recognize this kind of key.
This issue occurs because VAMT 3.1 does not contain the correct Pkconfig files to recognize this kind of key. To work around this issue, use one of the following methods.
### Workaround
### Method 1
To work around this issue, use one of the following methods.
Do not add the CSVLK to the VAMT 3.1 tool. Instead, use the **slmgr.vbs /ipk \<*CSVLK*>** command to install a CSVLK on a KMS host. In this command, \<*CSVLK*> represents the specific key that you want to install. For more information about how to use the Slmgr.vbs tool, see [Slmgr.vbs options for obtaining volume activation information](https://docs.microsoft.com/windows-server/get-started/activation-slmgr-vbs-options).
**Method 1**
### Method 2
Do not add the CSVLK to the VAMT 3.1 tool. Instead, use the **slmgr.vbs /ipk \<*CSVLK*>** command-line tool to install a CSVLK on a KMS host. In this command, \<*CSVLK*> represents the specific key that you want to install. For more information about how to use the Slmgr.vbs tool, see [Slmgr.vbs options for obtaining volume activation information](https://docs.microsoft.com/windows-server/get-started/activation-slmgr-vbs-options).
**Method 2**
On the KMS host computer, follow these steps:
On the KMS host computer, perform the following steps:
1. Download the hotfix from [July 2016 update rollup for Windows 8.1 and Windows Server 2012 R2](https://support.microsoft.com/help/3172614/).
1. In Windows Explorer, right-click **485392_intl_x64_zip**, and then extract the hotfix to **C:\KB3058168**.
1. In Windows Explorer, right-click **485392_intl_x64_zip** and extract the hotfix to C:\KB3058168.
1. To extract the contents of the update, open a Command Prompt window and run the following command:
1. To extract the contents of the update, run the following command:
```cmd
expand c:\KB3058168\Windows8.1-KB3058168-x64.msu -f:* C:\KB3058168\
@ -64,6 +58,6 @@ On the KMS host computer, follow these steps:
expand c:\KB3058168\Windows8.1-KB3058168-x64.cab -f:pkeyconfig-csvlk.xrm-ms c:\KB3058168
```
1. In the "C:\KB3058168\x86_microsoft-windows-s..nent-sku-csvlk-pack_31bf3856ad364e35_6.3.9600.17815_none_bd26b4f34d049716\" folder, copy the **pkeyconfig-csvlk.xrm-ms** file. Paste this file to the "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\VAMT3\pkconfig" folder.
1. In the C:\KB3058168\x86_microsoft-windows-s..nent-sku-csvlk-pack_31bf3856ad364e35_6.3.9600.17815_none_bd26b4f34d049716 folder, copy the pkeyconfig-csvlk.xrm-ms file. Paste this file into the C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\VAMT3\pkconfig folder.
1. Restart VAMT.

7
windows/deployment/volume-activation/volume-activation-management-tool.md
View File

@ -1,6 +1,6 @@
---
title: Volume Activation Management Tool (VAMT) Technical Reference (Windows 10)
description: The Volume Activation Management Tool (VAMT) enables network administrators and other IT professionals to automate and centrally manage the Windows®, Microsoft® Office, and select other Microsoft products volume and retail-activation process.
description: The Volume Activation Management Tool (VAMT) enables network administrators to automate and centrally manage volume activation and retail activation.
ms.assetid: 1df0f795-f41c-473b-850c-e98af1ad2f2a
ms.reviewer:
manager: laurawi
@ -9,7 +9,8 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: activation
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.date: 04/25/2017
ms.topic: article
---
@ -23,7 +24,7 @@ VAMT can manage volume activation using Multiple Activation Keys (MAKs) or the W
**Important**  
VAMT is designed to manage volume activation for: Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 (or obove), Microsoft Office 2010 (or above).
VAMT is designed to manage volume activation for: Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 (or later), Microsoft Office 2010 (or above).
VAMT is only available in an EN-US (x86) package.

2
windows/deployment/volume-activation/volume-activation-windows-10.md
View File

@ -1,6 +1,6 @@
---
title: Volume Activation for Windows 10
description: This guide is designed to help organizations that are planning to use volume activation to deploy and activate Windows 10, including organizations that have used volume activation for earlier versions of Windows.
description: Learn how to use volume activation to deploy & activate Windows 10. Includes details for orgs that have used volume activation for earlier versions of Windows.
ms.assetid: 6e8cffae-7322-4fd3-882a-cde68187aef2
ms.reviewer:
manager: laurawi

8
windows/deployment/windows-10-deployment-scenarios.md
View File

@ -1,17 +1,19 @@
---
title: Windows 10 deployment scenarios (Windows 10)
description: To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider.
description: Understand the different ways Windows 10 operating system can be deployed in your organization. Explore several Windows 10 deployment scenarios.
ms.assetid: 7A29D546-52CC-482C-8870-8123C7DC04B5
ms.reviewer:
manager: laurawi
ms.audience: itpro author: greg-lindsay
ms.audience: itpro
author: greg-lindsay
keywords: upgrade, in-place, configuration, deploy
ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: medium
ms.sitesec: library
ms.date: 11/06/2018
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.topic: article
---

59
windows/deployment/windows-10-poc.md
View File

@ -2,7 +2,8 @@
title: Configure a test lab to deploy Windows 10
ms.reviewer:
manager: laurawi
ms.audience: itpro author: greg-lindsay
ms.audience: itpro
author: greg-lindsay
description: Concepts and procedures for deploying Windows 10 in a proof of concept lab environment.
ms.prod: w10
ms.mktglfcycl: deploy
@ -10,7 +11,8 @@ ms.sitesec: library
ms.pagetype: deploy
keywords: deployment, automate, tools, configure, mdt, sccm
ms.localizationpriority: medium
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.topic: article
---
@ -50,7 +52,7 @@ Topics and procedures in this guide are summarized in the following table. An es
<div style='font-size:9.0pt'>
<table border="1" cellspacing="0" cellpadding="0">
<tr><TD BGCOLOR="#a0e4fa"><B>Topic</B></td><TD BGCOLOR="#a0e4fa"><B>Description</B></td><TD BGCOLOR="#a0e4fa"><B>Time</B></td></tr>
<tr><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Topic</B></font></td><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Description</B></font></td><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Time</B></font></td></tr>
<tr><td><a href="#hardware-and-software-requirements" data-raw-source="[Hardware and software requirements](#hardware-and-software-requirements)">Hardware and software requirements</a><td>Prerequisites to complete this guide.<td>Informational
<tr><td><a href="#lab-setup" data-raw-source="[Lab setup](#lab-setup)">Lab setup</a><td>A description and diagram of the PoC environment.<td>Informational
<tr><td><a href="#configure-the-poc-environment" data-raw-source="[Configure the PoC environment](#configure-the-poc-environment)">Configure the PoC environment</a><td>Parent topic for procedures.<td>Informational
@ -73,59 +75,59 @@ One computer that meets the hardware and software specifications below is requir
- **Computer 1**: the computer you will use to run Hyper-V and host virtual machines. This computer should have 16 GB or more of installed RAM and a multi-core processor.
- **Computer 2**: a client computer from your corporate network. It is shadow-copied to create a VM that can be added to the PoC environment, enabling you to test a mirror image of a computer on your network. If you do not have a computer to use for this simulation, you can download an evaluation VHD and use it to represent this computer. Subsequent guides use this computer to simulate Windows 10 replace and refresh scenarios, so the VM is required even if you cannot create this VM using computer 2.
Harware requirements are displayed below:
Hardware requirements are displayed below:
<div style='font-size:9.0pt'>
<table border="1" cellspacing="0" cellpadding="0">
<tr>
<td></td>
<td BGCOLOR="#a0e4fa"><strong>Computer 1</strong> (required)</td>
<td BGCOLOR="#a0e4fa"><strong>Computer 2</strong> (recommended)</td>
<td BGCOLOR="#a0e4fa"><strong><font color="#000000">Computer 1</strong> (required)</font></td>
<td BGCOLOR="#a0e4fa"><strong><font color="#000000">Computer 2</strong> (recommended)</font></td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>Role</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Role</strong></font></td>
<td>Hyper-V host</td>
<td>Client computer</td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>Description</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Description</strong></font></td>
<td>This computer will run Hyper-V, the Hyper-V management tools, and the Hyper-V Windows PowerShell module.</td>
<td>This computer is a Windows 7 or Windows 8/8.1 client on your corporate network that will be converted to a VM to demonstrate the upgrade process.</td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>OS</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>OS</strong></font></td>
<td>Windows 8.1/10 or Windows Server 2012/2012 R2/2016<b>*</b></td>
<td>Windows 7 or a later</td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>Edition</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Edition</strong></font></td>
<td>Enterprise, Professional, or Education</td>
<td>Any</td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>Architecture</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Architecture</strong></font></td>
<td>64-bit</td>
<td>Any<BR><I>Note: Retaining applications and settings requires that architecture (32 or 64-bit) is the same before and after the upgrade.</I></td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>RAM</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>RAM</strong></font></td>
<td>8 GB RAM (16 GB recommended) to test Windows 10 deployment with MDT.
<BR>16 GB RAM to test Windows 10 deployment with System Center Configuration Manager.</td>
<td>Any</td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>Disk</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Disk</strong></font></td>
<td>200 GB available hard disk space, any format.</td>
<td>Any size, MBR formatted.</td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>CPU</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>CPU</strong></font></td>
<td>SLAT-Capable CPU</td>
<td>Any</td>
</tr>
<tr>
<td BGCOLOR="#a0e4fa"><strong>Network</strong></td>
<td BGCOLOR="#a0e4fa"><font color="#000000"><strong>Network</strong></font></td>
<td>Internet connection</td>
<td>Any</td>
</tr>
@ -631,7 +633,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
Dismount-VHD -Path c:\vhd\d.vhd
</pre>
Next, create the PC1 VM with two attached VHDs, and boot to DVD ($maxram must be defined previously using the same Windows PowerShell promt):
Next, create the PC1 VM with two attached VHDs, and boot to DVD ($maxram must be defined previously using the same Windows PowerShell prompt):
<pre style="overflow-y: visible">
New-VM -Name "PC1" -VHDPath c:\vhd\w7.vhd -SwitchName poc-internal
@ -821,7 +823,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
17. Open an elevated Windows PowerShell prompt on PC1 and verify that the client VM has received a DHCP lease and can communicate with the consoto.com domain controller.
To open Windows PowerShell on Windows 7, click **Start**, and search for "**power**." Right-click **Windows PowerShell** and then click **Pin to Taskbar** so that it is simpler to use Windows Powershell during this lab. Click **Windows PowerShell** on the taskbar, and then type **ipconfig** at the prompt to see the client's current IP address. Also type **ping dc1.contoso.com** and **nltest /dsgetdc:contoso.com** to verify that it can reach the domain controller. See the following examples of a successful network connection:
To open Windows PowerShell on Windows 7, click **Start**, and search for "**power**." Right-click **Windows PowerShell** and then click **Pin to Taskbar** so that it is simpler to use Windows PowerShell during this lab. Click **Windows PowerShell** on the taskbar, and then type **ipconfig** at the prompt to see the client's current IP address. Also type **ping dc1.contoso.com** and **nltest /dsgetdc:contoso.com** to verify that it can reach the domain controller. See the following examples of a successful network connection:
```
ipconfig
@ -964,7 +966,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
cmd /c netsh routing ip nat add interface name="Internal" mode=PRIVATE
</pre>
32. The DNS service on SRV1 also needs to resolve hosts in the contoso.com domain. This can be accomplished with a conditional forwarder. Open an elevated Windows PowerShell prompt on SRV1 and type the following command:
32. The DNS service on SRV1 also needs to resolve hosts in the `contoso.com` domain. This can be accomplished with a conditional forwarder. Open an elevated Windows PowerShell prompt on SRV1 and type the following command:
<pre style="overflow-y: visible">
Add-DnsServerConditionalForwarderZone -Name contoso.com -MasterServers 192.168.0.1
@ -976,7 +978,7 @@ The second Windows Server 2012 R2 VHD needs to be expanded in size from 40GB to
ping www.microsoft.com
</pre>
If you see "Ping request could not find host www.microsoft.com" on PC1 and DC1, but not on SRV1, then you will need to configure a server-level DNS forwarder on SRV1. To do this, open an elevated Windows PowerShell prompt on SRV1 and type the following command.
If you see "Ping request could not find host `www.microsoft.com`" on PC1 and DC1, but not on SRV1, then you will need to configure a server-level DNS forwarder on SRV1. To do this, open an elevated Windows PowerShell prompt on SRV1 and type the following command.
**Note**: This command also assumes that "Ethernet 2" is the external-facing network adapter on SRV1. If the external adapter has a different name, replace "Ethernet 2" in the command below with that name:
@ -1032,10 +1034,10 @@ Use the following procedures to verify that the PoC environment is configured pr
**DCDiag** displays "passed test" for all tests.<BR>
**Get-DnsServerResourceRecord** displays the correct DNS address records for DC1, SRV1, and the computername of PC1. Additional address records for the zone apex (@), DomainDnsZones, and ForestDnsZones will also be registered.<BR>
**Get-DnsServerForwarder** displays a single forwarder of 192.168.0.2.<BR>
**Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
**Get-DhcpServerInDC** displays 192.168.0.1, dc1.contoso.com.<BR>
**Resolve-DnsName** displays public IP address results for `www.microsoft.com`.<BR>
**Get-DhcpServerInDC** displays 192.168.0.1, `dc1.contoso.com`.<BR>
**Get-DhcpServerv4Statistics** displays 1 scope with 2 addresses in use (these belong to PC1 and the Hyper-V host).<BR>
**ipconfig** displays a primary DNS suffix and suffix search list of contoso.com, IP address of 192.168.0.1, subnet mask of 255.255.255.0, default gateway of 192.168.0.2, and DNS server addresses of 192.168.0.1 and 192.168.0.2.
**ipconfig** displays a primary DNS suffix and suffix search list of `contoso.com`, IP address of 192.168.0.1, subnet mask of 255.255.255.0, default gateway of 192.168.0.2, and DNS server addresses of 192.168.0.1 and 192.168.0.2.
2. On SRV1, open an elevated Windows PowerShell prompt and type the following commands:
@ -1049,8 +1051,8 @@ Use the following procedures to verify that the PoC environment is configured pr
**Get-Service** displays a status of "Running" for both services.<BR>
**Get-DnsServerForwarder** either displays no forwarders, or displays a list of forwarders you are required to use so that SRV1 can resolve Internet names.<BR>
**Resolve-DnsName** displays public IP address results for www.microsoft.com.<BR>
**ipconfig** displays a primary DNS suffix of contoso.com. The suffix search list contains contoso.com and your corporate domain. Two ethernet adapters are shown: Ethernet adapter "Ethernet" has an IP addresses of 192.168.0.2, subnet mask of 255.255.255.0, no default gateway, and DNS server addresses of 192.168.0.1 and 192.168.0.2. Ethernet adapter "Ethernet 2" has an IP address, subnet mask, and default gateway configured by DHCP on your corporate network.<BR>
**Resolve-DnsName** displays public IP address results for `www.microsoft.com`.<BR>
**ipconfig** displays a primary DNS suffix of `contoso.com`. The suffix search list contains `contoso.com` and your corporate domain. Two ethernet adapters are shown: Ethernet adapter "Ethernet" has an IP addresses of 192.168.0.2, subnet mask of 255.255.255.0, no default gateway, and DNS server addresses of 192.168.0.1 and 192.168.0.2. Ethernet adapter "Ethernet 2" has an IP address, subnet mask, and default gateway configured by DHCP on your corporate network.<BR>
**netsh** displays three interfaces on the computer: interface "Ethernet 2" with DHCP enabled = Yes and IP address assigned by your corporate network, interface "Ethernet" with DHCP enabled = No and IP address of 192.168.0.2, and interface "Loopback Pseudo-Interface 1" with IP address of 127.0.0.1.
3. On PC1, open an elevated Windows PowerShell prompt and type the following commands:
@ -1065,9 +1067,9 @@ Use the following procedures to verify that the PoC environment is configured pr
**whoami** displays the current user context, for example in an elevated Windows PowerShell prompt, contoso\administrator is displayed.<BR>
**hostname** displays the name of the local computer, for example W7PC-001.<BR>
**nslookup** displays the DNS server used for the query, and the results of the query. For example, server dc1.contoso.com, address 192.168.0.1, Name e2847.dspb.akamaiedge.net.<BR>
**ping** displays if the source can resolve the target name, and whether or not the target responds to ICMP. If it cannot be resolved, "..could not find host" will be diplayed and if the target is found and also responds to ICMP, you will see "Reply from" and the IP address of the target.<BR>
**tracert** displays the path to reach the destination, for example srv1.contoso.com [192.168.0.2] followed by a list of hosts and IP addresses corresponding to subsequent routing nodes between the source and the destination.
**nslookup** displays the DNS server used for the query, and the results of the query. For example, server `dc1.contoso.com`, address 192.168.0.1, Name `e2847.dspb.akamaiedge.net`.<BR>
**ping** displays if the source can resolve the target name, and whether or not the target responds to ICMP. If it cannot be resolved, "..could not find host" will be displayed and if the target is found and also responds to ICMP, you will see "Reply from" and the IP address of the target.<BR>
**tracert** displays the path to reach the destination, for example `srv1.contoso.com` [192.168.0.2] followed by a list of hosts and IP addresses corresponding to subsequent routing nodes between the source and the destination.
## Appendix B: Terminology used in this guide
@ -1077,7 +1079,8 @@ Use the following procedures to verify that the PoC environment is configured pr
<div style='font-size:9.0pt'>
<table border="1" cellspacing="0" cellpadding="0">
<tr><TD BGCOLOR="#a0e4fa"><B>Term</B><TD BGCOLOR="#a0e4fa"><B>Definition</B>
<tr><TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Term</B></font>
<TD BGCOLOR="#a0e4fa"><font color="#000000"><B>Definition</B></font>
<tr><td>GPT<td>GUID partition table (GPT) is an updated hard-disk formatting scheme that enables the use of newer hardware. GPT is one of the partition formats that can be chosen when first initializing a hard drive, prior to creating and formatting partitions.
<tr><td>Hyper-V<td>Hyper-V is a server role introduced with Windows Server 2008 that lets you create a virtualized computing environment. Hyper-V can also be installed as a Windows feature on Windows client operating systems, starting with Windows 8.
<tr><td>Hyper-V host<td>The computer where Hyper-V is installed.

13
windows/deployment/windows-autopilot/add-devices.md
View File

@ -63,6 +63,9 @@ Note that the hardware hash also contains details about when it was generated, s
Starting with System Center Configuration Manager current branch version 1802, the hardware hashes for existing Windows 10 version 1703 and higher devices are automatically collected by Configuration Manager. See the [Whats new in version 1802](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802#report-on-windows-autopilot-device-information) documentation for more details. The hash information can be extracted from Configuration Manager into a CSV file.
> [!Note]
> Before uploading the CSV file on Intune, please make sure that the first row contains the device serial number, Windows product ID, hardware hash, group tag, and assigned user. If there is header information on the top of CSV file, please delete that header information. See details at [Enroll Windows devices in Intune](https://docs.microsoft.com/intune/enrollment/enrollment-autopilot).
### Collecting the hardware ID from existing devices using PowerShell
The hardware ID, or hardware hash, for an existing device is available through Windows Management Instrumentation (WMI), as long as that device is running Windows 10 version 1703 or later. To help gather this information, as well as the serial number of the device (useful to see at a glance the machine to which it belongs), a PowerShell script called [Get-WindowsAutoPilotInfo.ps1 has been published to the PowerShell Gallery website](https://www.powershellgallery.com/packages/Get-WindowsAutoPilotInfo).
@ -101,13 +104,13 @@ Once the hardware IDs have been captured from existing devices, they can be uplo
- [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles). You might already be using MSfB to manage your apps and settings.
A summary of each platform's capabilities is provided below.
<br>
<table>
<tr>
<td BGCOLOR="#a0e4fa"><B>Platform/Portal</th>
<td BGCOLOR="#a0e4fa"><B>Register devices?</th>
<td BGCOLOR="#a0e4fa"><B>Create/Assign profile</th>
<td BGCOLOR="#a0e4fa"><B>Acceptable DeviceID</th>
<td BGCOLOR="#a0e4fa"><B><font color="#000000">Platform/Portal</font></td>
<td BGCOLOR="#a0e4fa"><B><font color="#000000">Register devices?</font></td>
<td BGCOLOR="#a0e4fa"><B><font color="#000000">Create/Assign profile</font></td>
<td BGCOLOR="#a0e4fa"><B><font color="#000000">Acceptable DeviceID</font></td>
</tr>
<tr>

7
windows/deployment/windows-autopilot/existing-devices.md
View File

@ -68,15 +68,16 @@ See the following examples.
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module AzureAD -Force
Install-Module WindowsAutopilotIntune -Force
Install-Module Microsoft.Graph.Intune -Force
```
3. Enter the following lines and provide Intune administrative credentials
- In the following command, replace the example user principal name for Azure authentication (admin@M365x373186.onmicrosoft.com) with your user account. Be sure that the user account you specify has sufficient administrative rights.
- Be sure that the user account you specify has sufficient administrative rights.
```powershell
Connect-AutopilotIntune -user admin@M365x373186.onmicrosoft.com
Connect-MSGraph
```
The password for your account will be requested using a standard Azure AD form. Type your password and then click **Sign in**.
The user and password for your account will be requested using a standard Azure AD form. Type your username and password and then click **Sign in**.
<br>See the following example:
![Azure AD authentication](images/pwd.png)

2
windows/deployment/windows-deployment-scenarios-and-tools.md
View File

@ -1,6 +1,6 @@
---
title: Windows 10 deployment scenarios and tools
description: To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process.
description: Learn about the tools you can use to deploy Windows 10 and related applications to your organization. Explore deployment scenarios.
ms.assetid: 0d6cee1f-14c4-4b69-b29a-43b0b327b877
ms.reviewer:
manager: laurawi

2
windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
View File

@ -1,6 +1,6 @@
---
title: Manage connections from Windows 10 operating system components to Microsoft services
description: If you want to minimize connections from Windows to Microsoft services, or configure particular privacy settings, this article covers the settings that you could consider.
description: Learn how to minimize connections from Windows to Microsoft services, and configure particular privacy settings related to these connections.
ms.assetid: ACCEB0DD-BC6F-41B1-B359-140B242183D9
ms.reviewer:
keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016

10
windows/security/identity-protection/access-control/security-identifiers.md
View File

@ -289,6 +289,16 @@ Capability Security Identifiers (SIDs) are used to uniquely and immutably identi
All Capability SIDs that the operating system is aware of are stored in the Windows Registry in the path `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities'. Any Capability SID added to Windows by first or third-party applications will be added to this location.
## Examples of registry keys taken from Windows 10, version 1909, 64-bit Enterprise edition
You may see the following registry keys under AllCachedCapabilities:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities\capabilityClass_DevUnlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities\capabilityClass_DevUnlock_Internal
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities\capabilityClass_Enterprise
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities\capabilityClass_General
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities\capabilityClass_Restricted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\CapabilityClasses\AllCachedCapabilities\capabilityClass_Windows
All Capability SIDs are prefixed by S-1-15-3
## See also

2
windows/security/identity-protection/configure-s-mime.md
View File

@ -1,6 +1,6 @@
---
title: Configure S/MIME for Windows 10 and Windows 10 Mobile (Windows 10)
description: In Windows 10, S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients who have a digital identification (ID), also known as a certificate, can read them.
description: S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients with a digital ID, aka a certificate, can read them.
ms.assetid: 7F9C2A99-42EB-4BCC-BB53-41C04FBBBF05
ms.reviewer:
keywords: encrypt, digital signature

2
windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md
View File

@ -1,6 +1,6 @@
---
title: How Windows Defender Credential Guard works
description: Using virtualization-based security, Windows Defender Credential Guard features a new component called the isolated LSA process, which stores and protects secrets, isolating them from the rest of the operating system, so that only privileged system software can access them.
description: Learn how Windows Defender Credential Guard uses virtualization to protect secrets, so that only privileged system software can access them.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/identity-protection/credential-guard/credential-guard-manage.md
View File

@ -1,6 +1,6 @@
---
title: Manage Windows Defender Credential Guard (Windows 10)
description: Deploying and managing Windows Defender Credential Guard using Group Policy, the registry, or the Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool.
description: Learn how to deploy and manage Windows Defender Credential Guard using Group Policy, the registry, or hardware readiness tools.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/identity-protection/credential-guard/credential-guard-requirements.md
View File

@ -1,6 +1,6 @@
---
title: Windows Defender Credential Guard Requirements (Windows 10)
description: Windows Defender Credential Guard baseline hardware, firmware, and software requirements, and additional protections for improved security associated with available hardware and firmware options.
description: Windows Defender Credential Guard baseline hardware, firmware, and software requirements, and additional protections for improved security.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

4
windows/security/identity-protection/credential-guard/credential-guard.md
View File

@ -1,6 +1,6 @@
---
title: Protect derived domain credentials with Windows Defender Credential Guard (Windows 10)
description: Introduced in Windows 10 Enterprise, Windows Defender Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them.
description: Windows Defender Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them.
ms.assetid: 4F1FE390-A166-4A24-8530-EA3369FEB4B1
ms.reviewer:
ms.prod: w10
@ -35,7 +35,7 @@ By enabling Windows Defender Credential Guard, the following features and soluti
## Related topics
- [Isolated User Mode in Windows 10 with Dave Probert (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-in-Windows-10-with-Dave-Probert)
- [Isolated User Mode Processes and Features in Windows 10 with Logan Gabriel (Channel 9)](http://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-Processes-and-Features-in-Windows-10-with-Logan-Gabriel)
- [Isolated User Mode Processes and Features in Windows 10 with Logan Gabriel (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Isolated-User-Mode-Processes-and-Features-in-Windows-10-with-Logan-Gabriel)
- [More on Processes and Features in Windows 10 Isolated User Mode with Dave Probert (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/More-on-Processes-and-Features-in-Windows-10-Isolated-User-Mode-with-Dave-Probert)
- [Mitigating Credential Theft using the Windows 10 Isolated User Mode (Channel 9)](https://channel9.msdn.com/Blogs/Seth-Juarez/Mitigating-Credential-Theft-using-the-Windows-10-Isolated-User-Mode)
- [Protecting network passwords with Windows Defender Credential Guard](https://www.microsoft.com/itshowcase/Article/Content/831/Protecting-network-passwords-with-Windows-10-Credential-Guard)

2
windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md
View File

@ -1,6 +1,6 @@
---
title: Windows Hello biometrics in the enterprise (Windows 10)
description: Windows Hello is the biometric authentication feature that helps strengthen authentication and helps to guard against potential spoofing through fingerprint matching and facial recognition.
description: Windows Hello uses biometrics to authenticate users and guard against potential spoofing, through fingerprint matching and facial recognition.
ms.assetid: d3f27d94-2226-4547-86c0-65c84d6df8Bc
ms.reviewer:
keywords: Windows Hello, enterprise biometrics

2
windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md
View File

@ -1,6 +1,6 @@
---
title: Smart Card Technical Reference (Windows 10)
description: This technical reference for the IT professional and smart card developer describes the Windows smart card infrastructure for physical smart cards and how smart card-related components work in Windows.
description: Learn about the Windows smart card infrastructure for physical smart cards, and how smart card-related components work in Windows.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

2
windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md
View File

@ -1,6 +1,6 @@
---
title: Understanding and Evaluating Virtual Smart Cards (Windows 10)
description: This topic for IT professional provides information about how smart card technology can fit into your authentication design, and provides links to additional topics about virtual smart cards.
description: Learn how smart card technology can fit into your authentication design. Find links to additional topics about virtual smart cards.
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

2
windows/security/identity-protection/vpn/vpn-profile-options.md
View File

@ -1,6 +1,6 @@
---
title: VPN profile options (Windows 10)
description: Virtual private networks (VPN) let you give your users secure remote access to your company network. Windows 10 adds useful new VPN profile options to help you manage how users connect.
description: Windows 10 adds Virtual Private Network (VPN) profile options to help manage how users connect. VPNs give users secure remote access to the company network.
ms.assetid: E3F99DF9-863D-4E28-BAED-5C1B1B913523
ms.reviewer:
manager: dansimp

2
windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
View File

@ -1,6 +1,6 @@
---
title: BitLocker Upgrading FAQ (Windows 10)
description: Learn more about upgrading systems that have BitLocker enabled.
description: Learn more about upgrading systems that have BitLocker enabled. Find frequently asked questions, such as, "Can I upgrade to Windows 10 with BitLocker enabled?"
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/information-protection/windows-information-protection/app-behavior-with-wip.md
View File

@ -1,6 +1,6 @@
---
title: Unenlightened and enlightened app behavior while using Windows Information Protection (WIP) (Windows 10)
description: How unenlightened and enlightened apps might behave, based on Windows Information Protection (WIP) networking policies, app configuration, and potentially whether the app connects to network resources directly by using IP addresses or by using hostnames.
description: Learn how unenlightened and enlightened apps might behave, based on Windows Information Protection (WIP) network policies, app configuration, and other criteria
keywords: WIP, Enterprise Data Protection, EDP, Windows Information Protection, unenlightened apps, enlightened apps
ms.prod: w10
ms.mktglfcycl: explore

2
windows/security/information-protection/windows-information-protection/collect-wip-audit-event-logs.md
View File

@ -1,6 +1,6 @@
---
title: How to collect Windows Information Protection (WIP) audit event logs (Windows 10)
description: How to collect and understand your Windows Information Protection audit event logs by using the Reporting configuration service provider (CSP) or the Windows Event Forwarding (for Windows desktop domain-joined devices only).
description: How to collect & understand Windows Information Protection audit event logs via the Reporting configuration service provider (CSP) or Windows Event Forwarding.
ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library

2
windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md
View File

@ -1,6 +1,6 @@
---
title: List of enlightened Microsoft apps for use with Windows Information Protection (WIP) (Windows 10)
description: Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your allowed apps list.
description: Learn the difference between enlightened and unenlightened apps. Find out which enlightened apps are provided by Microsoft. Learn how to allow-list them.
ms.assetid: 17c85ea3-9b66-4b80-b511-8f277cb4345f
ms.reviewer:
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection

2
windows/security/information-protection/windows-information-protection/guidance-and-best-practices-wip.md
View File

@ -1,6 +1,6 @@
---
title: General guidance and best practices for Windows Information Protection (WIP) (Windows 10)
description: This section includes info about the enlightened Microsoft apps, including how to add them to your Protected Apps list in Microsoft Intune. It also includes some testing scenarios that we recommend running through with Windows Information Protection (WIP).
description: Find resources about apps that can work with Windows Information Protection (WIP) to protect data. Enlightened apps can tell corporate and personal data apart.
ms.assetid: aa94e733-53be-49a7-938d-1660deaf52b0
ms.reviewer:
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection

122
windows/security/threat-protection/TOC.md
View File

@ -42,6 +42,7 @@
#### [Network firewall](windows-firewall/windows-firewall-with-advanced-security.md)
### [Next generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
#### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md)
### [Endpoint detection and response]()
#### [Endpoint detection and response overview](microsoft-defender-atp/overview-endpoint-detection-response.md)
@ -114,21 +115,21 @@
#### [Advanced hunting schema reference]()
##### [Understand the schema](microsoft-defender-atp/advanced-hunting-schema-reference.md)
##### [AlertEvents](microsoft-defender-atp/advanced-hunting-alertevents-table.md)
##### [FileCreationEvents](microsoft-defender-atp/advanced-hunting-filecreationevents-table.md)
##### [ImageLoadEvents](microsoft-defender-atp/advanced-hunting-imageloadevents-table.md)
##### [LogonEvents](microsoft-defender-atp/advanced-hunting-logonevents-table.md)
##### [MachineInfo](microsoft-defender-atp/advanced-hunting-machineinfo-table.md)
##### [MachineNetworkInfo](microsoft-defender-atp/advanced-hunting-machinenetworkinfo-table.md)
##### [MiscEvents](microsoft-defender-atp/advanced-hunting-miscevents-table.md)
##### [NetworkCommunicationEvents](microsoft-defender-atp/advanced-hunting-networkcommunicationevents-table.md)
##### [ProcessCreationEvents](microsoft-defender-atp/advanced-hunting-processcreationevents-table.md)
##### [RegistryEvents](microsoft-defender-atp/advanced-hunting-registryevents-table.md)
##### [DeviceFileEvents](microsoft-defender-atp/advanced-hunting-devicefileevents-table.md)
##### [DeviceImageLoadEvents](microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md)
##### [DeviceLogonEvents](microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md)
##### [DeviceInfo](microsoft-defender-atp/advanced-hunting-deviceinfo-table.md)
##### [DeviceNetworkInfo](microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md)
##### [DeviceEvents](microsoft-defender-atp/advanced-hunting-deviceevents-table.md)
##### [DeviceNetworkEvents](microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md)
##### [DeviceProcessEvents](microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md)
##### [DeviceRegistryEvents](microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md)
##### [DeviceTvmSoftwareInventoryVulnerabilities](microsoft-defender-atp/advanced-hunting-tvm-softwareinventory-table.md)
##### [DeviceTvmSoftwareVulnerabilitiesKB](microsoft-defender-atp/advanced-hunting-tvm-softwarevulnerability-table.md)
##### [DeviceTvmSecureConfigurationAssessment](microsoft-defender-atp/advanced-hunting-tvm-configassessment-table.md)
##### [DeviceTvmSecureConfigurationAssessmentKB](microsoft-defender-atp/advanced-hunting-tvm-secureconfigkb-table.md)
#### [Apply query best practices](microsoft-defender-atp/advanced-hunting-best-practices.md)
#### [Stream Advanced hunting events to Azure Event Hubs](microsoft-defender-atp/raw-data-export-event-hub.md)
#### [Custom detections]()
##### [Understand custom detection rules](microsoft-defender-atp/overview-custom-detections.md)
@ -136,8 +137,6 @@
### [Management and APIs]()
#### [Overview of management and APIs](microsoft-defender-atp/management-apis.md)
#### [Understand threat intelligence concepts](microsoft-defender-atp/threat-indicator-concepts.md)
#### [Managed security service provider support](microsoft-defender-atp/mssp-support.md)
### [Integrations]()
#### [Microsoft Defender ATP integrations](microsoft-defender-atp/threat-protection-integration.md)
@ -361,14 +360,15 @@
###### [Troubleshoot subscription and portal access issues](microsoft-defender-atp/troubleshoot-onboarding-error-messages.md)
#### [Microsoft Defender ATP API]()
##### [Microsoft Defender ATP API license and terms](microsoft-defender-atp/api-terms-of-use.md)
##### [Get started with Microsoft Defender ATP APIs]()
###### [Introduction](microsoft-defender-atp/apis-intro.md)
###### [Microsoft Defender ATP API license and terms](microsoft-defender-atp/api-terms-of-use.md)
###### [Access the Microsoft Defender ATP APIs](microsoft-defender-atp/apis-intro.md)
###### [Hello World](microsoft-defender-atp/api-hello-world.md)
###### [Get access with application context](microsoft-defender-atp/exposed-apis-create-app-webapp.md)
###### [Get access with user context](microsoft-defender-atp/exposed-apis-create-app-nativeapp.md)
###### [Get partner application access](microsoft-defender-atp/exposed-apis-create-app-partners.md)
##### [APIs]()
##### [Microsoft Defender ATP APIs Schema]()
###### [Supported Microsoft Defender ATP APIs](microsoft-defender-atp/exposed-apis-list.md)
###### [Advanced Hunting](microsoft-defender-atp/run-advanced-query-api.md)
@ -406,7 +406,12 @@
####### [Run antivirus scan](microsoft-defender-atp/run-av-scan.md)
####### [Offboard machine](microsoft-defender-atp/offboard-machine-api.md)
####### [Stop and quarantine file](microsoft-defender-atp/stop-and-quarantine-file.md)
####### [Initiate investigation (preview)](microsoft-defender-atp/initiate-autoir-investigation.md)
###### [Automated Investigation]()
####### [Investigation methods and properties](microsoft-defender-atp/investigation.md)
####### [List Investigation](microsoft-defender-atp/get-investigation-collection.md)
####### [Get Investigation](microsoft-defender-atp/get-investigation-object.md)
####### [Start Investigation](microsoft-defender-atp/initiate-autoir-investigation.md)
###### [Indicators]()
####### [Indicators methods and properties](microsoft-defender-atp/ti-indicator.md)
@ -442,14 +447,14 @@
###### [Advanced Hunting using PowerShell](microsoft-defender-atp/run-advanced-query-sample-powershell.md)
###### [Using OData Queries](microsoft-defender-atp/exposed-apis-odata-samples.md)
#### [Windows updates (KB) info]()
##### [Get KbInfo collection](microsoft-defender-atp/get-kbinfo-collection.md)
#### [Common Vulnerabilities and Exposures (CVE) to KB map]()
##### [Get CVE-KB map](microsoft-defender-atp/get-cvekbmap-collection.md)
#### [Raw data streaming API]()
##### [Raw data streaming (preview)](microsoft-defender-atp/raw-data-export.md)
##### [Stream advanced hunting events to Azure Events hub](microsoft-defender-atp/raw-data-export-event-hub.md)
##### [Stream advanced hunting events to your storage account](microsoft-defender-atp/raw-data-export-storage.md)
#### [Pull detections to your SIEM tools]()
#### [SIEM integration]()
##### [Understand threat intelligence concepts](microsoft-defender-atp/threat-indicator-concepts.md)
##### [Learn about different ways to pull detections](microsoft-defender-atp/configure-siem.md)
##### [Enable SIEM integration](microsoft-defender-atp/enable-siem-integration.md)
##### [Configure Splunk to pull detections](microsoft-defender-atp/configure-splunk.md)
@ -458,6 +463,7 @@
##### [Pull detections using SIEM REST API](microsoft-defender-atp/pull-alerts-using-rest-api.md)
##### [Troubleshoot SIEM tool integration issues](microsoft-defender-atp/troubleshoot-siem.md)
#### [Reporting]()
##### [Power BI - How to use API - Samples](microsoft-defender-atp/api-power-bi.md)
##### [Create and build Power BI reports using Microsoft Defender ATP data connectors (deprecated)](microsoft-defender-atp/powerbi-reports.md)
@ -484,45 +490,55 @@
###### [Using machine groups](microsoft-defender-atp/machine-groups.md)
###### [Create and manage machine tags](microsoft-defender-atp/machine-tags.md)
#### [Configure managed security service provider (MSSP) support](microsoft-defender-atp/configure-mssp-support.md)
#### [Configure managed security service provider (MSSP) integration](microsoft-defender-atp/configure-mssp-support.md)
## [Partner integration scenarios]()
### [Technical partner opportunities](microsoft-defender-atp/partner-integration.md)
### [Managed security service provider opportunity](microsoft-defender-atp/mssp-support.md)
### [Become a Microsoft Defender ATP partner](microsoft-defender-atp/get-started-partner-integration.md)
### [Configure Microsoft threat protection integration]()
#### [Configure conditional access](microsoft-defender-atp/configure-conditional-access.md)
#### [Configure Microsoft Cloud App Security integration](microsoft-defender-atp/microsoft-cloud-app-security-config.md)
#### [Configure information protection in Windows](microsoft-defender-atp/information-protection-in-windows-config.md)
## [Configure Microsoft threat protection integration]()
### [Configure conditional access](microsoft-defender-atp/configure-conditional-access.md)
### [Configure Microsoft Cloud App Security integration](microsoft-defender-atp/microsoft-cloud-app-security-config.md)
### [Configure information protection in Windows](microsoft-defender-atp/information-protection-in-windows-config.md)
### [Configure portal settings]()
#### [Set up preferences](microsoft-defender-atp/preferences-setup.md)
#### [General]()
##### [Update data retention settings](microsoft-defender-atp/data-retention-settings.md)
##### [Configure alert notifications](microsoft-defender-atp/configure-email-notifications.md)
##### [Enable and create Power BI reports using Windows Defender Security center data](microsoft-defender-atp/powerbi-reports.md)
##### [Enable Secure score security controls](microsoft-defender-atp/enable-secure-score.md)
##### [Configure advanced features](microsoft-defender-atp/advanced-features.md)
## [Configure portal settings]()
### [Set up preferences](microsoft-defender-atp/preferences-setup.md)
### [General]()
#### [Update data retention settings](microsoft-defender-atp/data-retention-settings.md)
#### [Configure alert notifications](microsoft-defender-atp/configure-email-notifications.md)
#### [Enable and create Power BI reports using Windows Defender Security center data](microsoft-defender-atp/powerbi-reports.md)
#### [Enable Secure score security controls](microsoft-defender-atp/enable-secure-score.md)
#### [Configure advanced features](microsoft-defender-atp/advanced-features.md)
### [Permissions]()
#### [Use basic permissions to access the portal](microsoft-defender-atp/basic-permissions.md)
#### [Manage portal access using RBAC](microsoft-defender-atp/rbac.md)
##### [Create and manage roles](microsoft-defender-atp/user-roles.md)
##### [Create and manage machine groups](microsoft-defender-atp/machine-groups.md)
###### [Create and manage machine tags](microsoft-defender-atp/machine-tags.md)
### [APIs]()
#### [Enable Threat intel (Deprecated)](microsoft-defender-atp/enable-custom-ti.md)
#### [Enable SIEM integration](microsoft-defender-atp/enable-siem-integration.md)
### [Rules]()
#### [Manage suppression rules](microsoft-defender-atp/manage-suppression-rules.md)
#### [Manage indicators](microsoft-defender-atp/manage-indicators.md)
#### [Manage automation file uploads](microsoft-defender-atp/manage-automation-file-uploads.md)
#### [Manage automation folder exclusions](microsoft-defender-atp/manage-automation-folder-exclusions.md)
### [Machine management]()
#### [Onboarding machines](microsoft-defender-atp/onboard-configure.md)
#### [Offboarding machines](microsoft-defender-atp/offboard-machines.md)
### [Configure Microsoft Defender Security Center time zone settings](microsoft-defender-atp/time-settings.md)
#### [Permissions]()
##### [Use basic permissions to access the portal](microsoft-defender-atp/basic-permissions.md)
##### [Manage portal access using RBAC](microsoft-defender-atp/rbac.md)
###### [Create and manage roles](microsoft-defender-atp/user-roles.md)
###### [Create and manage machine groups](microsoft-defender-atp/machine-groups.md)
####### [Create and manage machine tags](microsoft-defender-atp/machine-tags.md)
#### [APIs]()
##### [Enable Threat intel (Deprecated)](microsoft-defender-atp/enable-custom-ti.md)
##### [Enable SIEM integration](microsoft-defender-atp/enable-siem-integration.md)
#### [Rules]()
##### [Manage suppression rules](microsoft-defender-atp/manage-suppression-rules.md)
##### [Manage indicators](microsoft-defender-atp/manage-indicators.md)
##### [Manage automation file uploads](microsoft-defender-atp/manage-automation-file-uploads.md)
##### [Manage automation folder exclusions](microsoft-defender-atp/manage-automation-folder-exclusions.md)
#### [Machine management]()
##### [Onboarding machines](microsoft-defender-atp/onboard-configure.md)
##### [Offboarding machines](microsoft-defender-atp/offboard-machines.md)
#### [Configure Microsoft Defender Security Center time zone settings](microsoft-defender-atp/time-settings.md)
## [Troubleshoot Microsoft Defender ATP]()

2
windows/security/threat-protection/auditing/audit-account-lockout.md
View File

@ -1,6 +1,6 @@
---
title: Audit Account Lockout (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Account Lockout, which enables you to audit security events that are generated by a failed attempt to log on to an account that is locked out.
description: The policy setting, Audit Account Lockout, enables you to audit security events generated by a failed attempt to log on to an account that is locked out.
ms.assetid: da68624b-a174-482c-9bc5-ddddab38e589
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-application-group-management.md
View File

@ -1,6 +1,6 @@
---
title: Audit Application Group Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Application Group Management, which determines whether the operating system generates audit events when application group management tasks are performed.
description: The policy setting, Audit Application Group Management, determines if audit events are generated when application group management tasks are performed.
ms.assetid: 1bcaa41e-5027-4a86-96b7-f04eaf1c0606
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-authentication-policy-change.md
View File

@ -1,6 +1,6 @@
---
title: Audit Authentication Policy Change (Windows 10)
description: This topic for the IT professional describes this Advanced Security Audit policy setting, Audit Authentication Policy Change, which determines whether the operating system generates audit events when changes are made to authentication policy.
description: The Advanced Security Audit policy setting, Audit Authentication Policy Change, determines if audit events are generated when authentication policy is changed.
ms.assetid: aa9cea7a-aadf-47b7-b704-ac253b8e79be
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-authorization-policy-change.md
View File

@ -1,6 +1,6 @@
---
title: Audit Authorization Policy Change (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Authorization Policy Change, which determines whether the operating system generates audit events when specific changes are made to the authorization policy.
description: The policy setting, Audit Authorization Policy Change, determines if audit events are generated when specific changes are made to the authorization policy.
ms.assetid: ca0587a2-a2b3-4300-aa5d-48b4553c3b36
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-certification-services.md
View File

@ -1,6 +1,6 @@
---
title: Audit Certification Services (Windows 10)
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Certification Services, which determines whether the operating system generates events when Active Directory Certificate Services (ADÂ CS) operations are performed.
description: The policy setting, Audit Certification Services, decides if events are generated when Active Directory Certificate Services (ADA CS) operations are performed.
ms.assetid: cdefc34e-fb1f-4eff-b766-17713c5a1b03
ms.reviewer:
manager: dansimp

2
windows/security/threat-protection/auditing/audit-computer-account-management.md
View File

@ -1,6 +1,6 @@
---
title: Audit Computer Account Management (Windows 10)
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Computer Account Management, which determines whether the operating system generates audit events when a computer account is created, changed, or deleted.
description: The policy setting, Audit Computer Account Management, determines if audit events are generated when a computer account is created, changed, or deleted.
ms.assetid: 6c406693-57bf-4411-bb6c-ff83ce548991
ms.reviewer:
manager: dansimp

Some files were not shown because too many files have changed in this diff Show More