From 6e85168b66da4e6cd9f951dc5cb13dc501d03c1d Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 8 Mar 2021 08:18:15 +0500 Subject: [PATCH 1/7] Update network-protection.md --- .../microsoft-defender-atp/network-protection.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md index 065da4f483..e7a4a72dc5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md @@ -49,9 +49,9 @@ You can also use [audit mode](audit-windows-defender.md) to evaluate how Network Network protection requires Windows 10 Pro or Enterprise, and Microsoft Defender Antivirus real-time protection. -| Windows 10 version | Microsoft Defender Antivirus | +| Windows version | Microsoft Defender Antivirus | |:---|:---| -| Windows 10 version 1709 or later | [Microsoft Defender AV real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled | +| Windows 10 version 1709 or later, Windows Server 1803 or later | [Microsoft Defender AV real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled | After you have enabled the services, you might need to configure your network or firewall to allow the connections between the services and your endpoints. From a72e58a8623fdbdee6860f16f6a81f45873d1226 Mon Sep 17 00:00:00 2001 From: adirdidi <68847945+adirdidi@users.noreply.github.com> Date: Mon, 8 Mar 2021 21:30:25 +0200 Subject: [PATCH 2/7] Update gov.md Resubmitting after https://github.com/MicrosoftDocs/windows-docs-pr/pull/4835 was merged but the file isn't updated. --- .../security/threat-protection/microsoft-defender-atp/gov.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/gov.md b/windows/security/threat-protection/microsoft-defender-atp/gov.md index 98632acbf5..77eb8fddab 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/gov.md +++ b/windows/security/threat-protection/microsoft-defender-atp/gov.md @@ -120,7 +120,7 @@ Spreadsheet of domains list | Description For more information, see [Configure device proxy and Internet connectivity settings](configure-proxy-internet.md). > [!NOTE] -> The spreadsheet contains commercial URLs as well, make sure you check the "US Gov" tabs.
When filtering look for the records labeled as "US Gov" and your specific cloud under the geography column. +> The spreadsheet contains commercial URLs as well, make sure you check the "US Gov" tabs.
When filtering, look for the records labeled as "US Gov" and your specific cloud under the geography column.
@@ -155,7 +155,7 @@ Threat analytics | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/ch Web content filtering | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development Integrations: Azure Sentinel | ![Yes](../images/svg/check-yes.svg) | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development Integrations: Microsoft Cloud App Security | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog -Integrations: Microsoft Compliance Center | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog +Integrations: Microsoft Compliance Manager | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog Integrations: Microsoft Defender for Identity | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog Integrations: Microsoft Defender for Office 365 | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog Integrations: Microsoft Endpoint DLP | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog From 0a5b526fe219aac639b6e5ea9a264edd79281a9b Mon Sep 17 00:00:00 2001 From: adirdidi <68847945+adirdidi@users.noreply.github.com> Date: Mon, 8 Mar 2021 21:33:29 +0200 Subject: [PATCH 3/7] Update microsoft-cloud-app-security-config.md Resubmitting after https://github.com/MicrosoftDocs/windows-docs-pr/pull/4836 was merged but the file isn't updated... --- .../microsoft-cloud-app-security-config.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md index c12ba0d4e0..def79a49fb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md @@ -1,7 +1,7 @@ --- title: Configure Microsoft Cloud App Security integration ms.reviewer: -description: Learn how to turn on the settings to enable the Microsoft Defender ATP integration with Microsoft Cloud App Security. +description: Learn how to turn on the settings to enable the Microsoft Defender for Endpoint integration with Microsoft Cloud App Security. keywords: cloud, app, security, settings, integration, discovery, report search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -35,7 +35,7 @@ To benefit from Microsoft Defender for Endpoint cloud app discovery signals, tur >[!NOTE] >This feature will be available with an E5 license for [Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) on devices running Windows 10, version 1709 (OS Build 16299.1085 with [KB4493441](https://support.microsoft.com/help/4493441)), Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464)), Windows 10, version 1809 (OS Build 17763.379 with [KB4489899](https://support.microsoft.com/help/4489899)) or later Windows 10 versions. -> See [Microsoft Defender for Endpoint integration with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/wdatp-integration) for detailed integration of Microsoft Defender for Endpoint with Microsoft Cloud App Security. +> See [Microsoft Defender for Endpoint integration with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/mde-integration) for detailed integration of Microsoft Defender for Endpoint with Microsoft Cloud App Security. ## Enable Microsoft Cloud App Security in Microsoft Defender for Endpoint @@ -52,7 +52,7 @@ To view and access Microsoft Defender for Endpoint data in Microsoft Cloud Apps For more information about cloud discovery, see [Working with discovered apps](https://docs.microsoft.com/cloud-app-security/discovered-apps). -If you are interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1). +If you're interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1). ## Related topic - [Microsoft Cloud App Security integration](microsoft-cloud-app-security-integration.md) From 259d345f39a9c48aba6e053a28d085ce1d590643 Mon Sep 17 00:00:00 2001 From: Steve DiAcetis Date: Mon, 8 Mar 2021 11:57:42 -0800 Subject: [PATCH 4/7] UnoPackage changes needed for 2C release. UnoPackage changes needed for 2C release. --- windows/deployment/update/media-dynamic-update.md | 3 +++ windows/deployment/update/servicing-stack-updates.md | 7 ++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/windows/deployment/update/media-dynamic-update.md b/windows/deployment/update/media-dynamic-update.md index ea81420b8b..74fc796879 100644 --- a/windows/deployment/update/media-dynamic-update.md +++ b/windows/deployment/update/media-dynamic-update.md @@ -81,6 +81,9 @@ This table shows the correct sequence for applying the various tasks to the file |Add .NET and .NET cumulative updates | | | 24 | |Export image | 8 | 17 | 25 | +> [!NOTE] +> Starting in February 2021, the latest cumulative update and servicing stack update will be combined and distributed in the Microsoft Update Catalog as a new combined cumulative update. For Steps 1, 9, and 18 that require the servicing stack update for updating the installation media, you should use the combined cumulative update. For more information on the combined cumulative update, see [Servicing stack updates](https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates). + ### Multiple Windows editions The main operating system file (install.wim) contains multiple editions of Windows 10. It’s possible that only an update for a given edition is required to deploy it, based on the index. Or, it might be that all editions need an update. Further, ensure that languages are installed before Features on Demand, and the latest cumulative update is always applied last. diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md index e2b6404d14..13487eef17 100644 --- a/windows/deployment/update/servicing-stack-updates.md +++ b/windows/deployment/update/servicing-stack-updates.md @@ -29,8 +29,6 @@ Servicing stack updates provide fixes to the servicing stack, the component that Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don't install the latest servicing stack update, there's a risk that your device can't be updated with the latest Microsoft security fixes. -For information about some changes to servicing stack updates, see [Simplifing Deployment of Servicing Stack Updates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/simplifying-on-premises-deployment-of-servicing-stack-updates/ba-p/1646039) on the Windows IT Pro blog. - ## When are they released? Servicing stack update are released depending on new issues or vulnerabilities. In rare occasions a servicing stack update may need to be released on demand to address an issue impacting systems installing the monthly security update. Starting in November 2018 new servicing stack updates will be classified as "Security" with a severity rating of "Critical." @@ -44,7 +42,6 @@ Both Windows 10 and Windows Server use the cumulative update mechanism, in which Servicing stack updates must ship separately from the cumulative updates because they modify the component that installs Windows updates. The servicing stack is released separately because the servicing stack itself requires an update. For example, the cumulative update [KB4284880](https://support.microsoft.com/help/4284880/windows-10-update-kb4284880) requires the [May 17, 2018 servicing stack update](https://support.microsoft.com/help/4132216), which includes updates to Windows Update. - ## Is there any special guidance? Microsoft recommends you install the latest servicing stack updates for your operating system before installing the latest cumulative update. @@ -58,3 +55,7 @@ Typically, the improvements are reliability and performance improvements that do * Servicing stack update releases are specific to the operating system version (build number), much like quality updates. * Search to install latest available [Servicing stack update for Windows 10](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001). * Once a servicing stack update is installed, it cannot be removed or uninstalled from the machine. + + +## Simplifying on-premises deployment of servicing stack updates +With the Windows Update experience, servicing stack updates and cumulative updates are deployed together to the device. The update stack automatically orchestrates the installation, so both are applied correctly. Starting in February 2021, the cumulative update will include the latest servicing stack updates, to provide a single cumulative update payload to both Windows Server Update Services (WSUS) and Microsoft Catalog. If you use an endpoint management tool backed by WSUS, such as Configuration Manager, you will only have to select and deploy the monthly cumulative update. The latest servicing stack updates will automatically be applied correctly. Release notes and file information for cumulative updates, including those related to the servicing stack, will be in a single KB article. The combined monthly cumulative update will be available on Windows 10, version 2004 and later starting with the 2021 2C release, KB4601382. From 6868a15f709f8c1e13c44587ecd47b01b8b6a0a7 Mon Sep 17 00:00:00 2001 From: Thomas Raya Date: Mon, 8 Mar 2021 12:03:10 -0800 Subject: [PATCH 5/7] Update windows/deployment/update/servicing-stack-updates.md Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- windows/deployment/update/servicing-stack-updates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md index 13487eef17..b22ca9e870 100644 --- a/windows/deployment/update/servicing-stack-updates.md +++ b/windows/deployment/update/servicing-stack-updates.md @@ -56,6 +56,6 @@ Typically, the improvements are reliability and performance improvements that do * Search to install latest available [Servicing stack update for Windows 10](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001). * Once a servicing stack update is installed, it cannot be removed or uninstalled from the machine. - ## Simplifying on-premises deployment of servicing stack updates + With the Windows Update experience, servicing stack updates and cumulative updates are deployed together to the device. The update stack automatically orchestrates the installation, so both are applied correctly. Starting in February 2021, the cumulative update will include the latest servicing stack updates, to provide a single cumulative update payload to both Windows Server Update Services (WSUS) and Microsoft Catalog. If you use an endpoint management tool backed by WSUS, such as Configuration Manager, you will only have to select and deploy the monthly cumulative update. The latest servicing stack updates will automatically be applied correctly. Release notes and file information for cumulative updates, including those related to the servicing stack, will be in a single KB article. The combined monthly cumulative update will be available on Windows 10, version 2004 and later starting with the 2021 2C release, KB4601382. From 79c25980611845457b564dd23a8310bef6be6dd0 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 8 Mar 2021 12:22:41 -0800 Subject: [PATCH 6/7] Update network-protection.md --- .../network-protection.md | 32 +++++++++---------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md index e7a4a72dc5..4db08484f1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md @@ -15,6 +15,7 @@ ms.reviewer: manager: dansimp ms.custom: asr ms.technology: mde +ms.date: 03/08/2021 --- # Protect your network @@ -27,23 +28,20 @@ ms.technology: mde > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that might host phishing scams, exploits, and other malicious content on the Internet. Network protection expands the scope of [Microsoft Defender SmartScreen](../microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname). -Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. - -Network protection expands the scope of [Microsoft Defender SmartScreen](../microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname). - -Network protection is supported beginning with Windows 10, version 1709. +Network protection is supported on Windows, beginning with Windows 10, version 1709. For more information about how to enable network protection, see [Enable network protection](enable-network-protection.md). Use Group Policy, PowerShell, or MDM CSPs to enable and manage network protection in your network. > [!TIP] -> You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. +> See the Microsoft Defender ATP testground site at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to see how network protection works. -Network protection works best with [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md). +Network protection works best with [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into exploit protection events and blocks as part of [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md). -When network protection blocks a connection, a notification will be displayed from the Action Center. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors. +When network protection blocks a connection, a notification is displayed from the Action Center. Your security operations team can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your organization's details and contact information. In addition, individual attack surface reduction rules can be enabled and customized to suit certain techniques to monitor. -You can also use [audit mode](audit-windows-defender.md) to evaluate how Network protection would impact your organization if it were enabled. +You can also use [audit mode](audit-windows-defender.md) to evaluate how network protection would impact your organization if it were enabled. ## Requirements @@ -51,9 +49,9 @@ Network protection requires Windows 10 Pro or Enterprise, and Microsoft Defender | Windows version | Microsoft Defender Antivirus | |:---|:---| -| Windows 10 version 1709 or later, Windows Server 1803 or later | [Microsoft Defender AV real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled | +| Windows 10 version 1709 or later

Windows Server 1803 or later | [Microsoft Defender Antivirus real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled | -After you have enabled the services, you might need to configure your network or firewall to allow the connections between the services and your endpoints. +After you have enabled the services, you might need to configure your network or firewall to allow the connections between the services and your devices (also referred to as endpoints). - .smartscreen.microsoft.com - .smartscreen-prod.microsoft.com @@ -79,13 +77,13 @@ You can review the Windows event log to see events that are created when network 2. Select **OK**. -3. This will create a custom view that filters to only show the following events related to network protection: +This procedure creates a custom view that filters to only show the following events related to network protection: - | Event ID | Description | - |:---|:---| - | 5007 | Event when settings are changed | - | 1125 | Event when network protection fires in audit mode | - | 1126 | Event when network protection fires in block mode | +| Event ID | Description | +|:---|:---| +| 5007 | Event when settings are changed | +| 1125 | Event when network protection fires in audit mode | +| 1126 | Event when network protection fires in block mode | ## Related articles From 53e67f30a41c18d6705f24461451f300251359d0 Mon Sep 17 00:00:00 2001 From: greg-lindsay Date: Mon, 8 Mar 2021 12:59:35 -0800 Subject: [PATCH 7/7] fix volact file --- ...ctive-directory-based-activation-client.md | 36 +++++++++---------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md b/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md index 2a37ee3bd7..79c1279f78 100644 --- a/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md +++ b/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md @@ -29,6 +29,9 @@ ms.topic: article >- Windows Server 2012 >- Windows Server 2016 >- Windows Server 2019 +>- Office 2013* +>- Office 2016* +>- Office 2019* **Looking for retail activation?** @@ -47,9 +50,9 @@ The process proceeds as follows: - Install the Volume Activation Services server role on a domain controller and add a KMS host key by using the Volume Activation Tools Wizard. - Extend the domain to the Windows Server 2012 R2 or higher schema level, and add a KMS host key by using the VAMT. -1. Microsoft verifies the KMS host key, and an activation object is created. +2. Microsoft verifies the KMS host key, and an activation object is created. -1. Client computers are activated by receiving the activation object from a domain controller during startup. +3. Client computers are activated by receiving the activation object from a domain controller during startup. > [!div class="mx-imgBorder"] > ![Active Directory-based activation flow](../images/volumeactivationforwindows81-10.jpg) @@ -73,33 +76,33 @@ When a reactivation event occurs, the client queries AD DS for the activation o 1. Use an account with Domain Administrator and Enterprise Administrator credentials to sign in to a domain controller. -1. Launch Server Manager. +2. Launch Server Manager. -1. Add the Volume Activation Services role, as shown in Figure 11. +3. Add the Volume Activation Services role, as shown in Figure 11. ![Adding the Volume Activation Services role](../images/volumeactivationforwindows81-11.jpg) **Figure 11**. Adding the Volume Activation Services role -1. Click the link to launch the Volume Activation Tools (Figure 12). +4. Click the link to launch the Volume Activation Tools (Figure 12). ![Launching the Volume Activation Tools](../images/volumeactivationforwindows81-12.jpg) **Figure 12**. Launching the Volume Activation Tools -1. Select the **Active Directory-Based Activation** option (Figure 13). +5. Select the **Active Directory-Based Activation** option (Figure 13). ![Selecting Active Directory-Based Activation](../images/volumeactivationforwindows81-13.jpg) **Figure 13**. Selecting Active Directory-Based Activation -1. Enter your KMS host key and (optionally) a display name (Figure 14). +6. Enter your KMS host key and (optionally) a display name (Figure 14). ![Choosing how to activate your product](../images/volumeactivationforwindows81-15.jpg) **Figure 14**. Entering your KMS host key -1. Activate your KMS host key by phone or online (Figure 15). +7. Activate your KMS host key by phone or online (Figure 15). ![Entering your KMS host key](../images/volumeactivationforwindows81-14.jpg) @@ -115,23 +118,18 @@ When a reactivation event occurs, the client queries AD DS for the activation o > > - [Office 2019 VL pack](https://www.microsoft.com/download/details.aspx?id=57342) -1. After activating the key, click **Commit**, and then click **Close**. +8. After activating the key, click **Commit**, and then click **Close**. ## Verifying the configuration of Active Directory-based activation To verify your Active Directory-based activation configuration, complete the following steps: 1. After you configure Active Directory-based activation, start a computer that is running an edition of Windows that is configured by volume licensing. - -1. If the computer has been previously configured with a MAK key, replace the MAK key with the GVLK by running the **slmgr.vbs /ipk** command and specifying the GLVK as the new product key. - -1. If the computer is not joined to your domain, join it to the domain. - -1. Sign in to the computer. - -1. Open Windows Explorer, right-click **Computer**, and then click **Properties**. - -1. Scroll down to the **Windows activation** section, and verify that this client has been activated. +2. If the computer has been previously configured with a MAK key, replace the MAK key with the GVLK by running the **slmgr.vbs /ipk** command and specifying the GLVK as the new product key. +3. If the computer is not joined to your domain, join it to the domain. +4. Sign in to the computer. +5. Open Windows Explorer, right-click **Computer**, and then click **Properties**. +6. Scroll down to the **Windows activation** section, and verify that this client has been activated. > [!NOTE] > If you are using both KMS and Active Directory-based activation, it may be difficult to see whether a client has been activated by KMS or by Active Directory-based activation. Consider disabling KMS during the test, or make sure that you are using a client computer that has not already been activated by KMS. The **slmgr.vbs /dlv** command also indicates whether KMS has been used.