diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index cae74d63a4..dfaf5a09e2 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -19929,6 +19929,11 @@ "source_path": "windows/client-management/mdm/wmi-providers-supported-in-windows.md", "redirect_url": "/windows/client-management/wmi-providers-supported-in-windows", "redirect_document_id": false + }, + { + "source_path": "windows/deployment/do/mcc-enterprise.md", + "redirect_url": "/windows/deployment/do/waas-microsoft-connected-cache", + "redirect_document_id": false }, { "source_path": "windows/client-management/advanced-troubleshooting-802-authentication.md", diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index 441350957a..828657eada 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -1457,9 +1457,11 @@ ADMX Info: Set this policy to restrict peer selection via selected option. -Options available are: 1=Subnet mask (more options will be added in a future release). +In Windows 11 the 'Local Peer Discovery' option was introduced to restrict peer discovery to the local network. Currently, the available options include: 0 = NAT, 1 = Subnet mask, and 2 = Local Peer Discovery. These options apply to both Download Modes LAN (1) and Group (2) and therefore it means that there is no peering between subnets. The default value in Windows 11 is set to "Local Peer Discovery". -Option 1 (Subnet mask) applies to both Download Mode LAN (1) and Group (2). +If Group mode is set, Delivery Optimization will connect to locally discovered peers that are also part of the same Group (have the same Group ID). + +The Local Peer Discovery (DNS-SD) option can only be set via MDM delivered policies on Windows 11 builds. @@ -1474,7 +1476,9 @@ ADMX Info: The following list shows the supported values: -- 1 - Subnet mask. +- 0 - NAT +- 1 - Subnet mask +- 2 - Local Peer Discovery diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md index 8475dbc0d9..ee0b9dac66 100644 --- a/windows/client-management/mdm/policy-csp-internetexplorer.md +++ b/windows/client-management/mdm/policy-csp-internetexplorer.md @@ -4426,7 +4426,7 @@ The following list shows the supported values: ADMX Info: - GP Friendly name: *Enable extended hot keys in Internet Explorer mode* - GP name: *EnableExtendedIEModeHotkeys* -- GP path: *Windows Components/Internet Explorer/Security Features/Add-on Management* +- GP path: *Windows Components/Internet Explorer/Main* - GP ADMX file name: *inetres.admx* diff --git a/windows/client-management/mdm/policy-csp-kioskbrowser.md b/windows/client-management/mdm/policy-csp-kioskbrowser.md index 13fe288906..693f130feb 100644 --- a/windows/client-management/mdm/policy-csp-kioskbrowser.md +++ b/windows/client-management/mdm/policy-csp-kioskbrowser.md @@ -113,7 +113,7 @@ List of exceptions to the blocked website URLs (with wildcard support). This pol -List of blocked website URLs (with wildcard support). This policy is used to configure blocked URLs kiosk browsers can't navigate to. +List of blocked website URLs (with wildcard support). This policy is used to configure blocked URLs kiosk browsers can't navigate to. The delimiter for the URLs is "\uF000" character. > [!NOTE] > This policy only applies to the Kiosk Browser app in Microsoft Store. @@ -310,4 +310,4 @@ The value is an int 1-1440 that specifies the number of minutes the session is i ## Related topics -[Policy configuration service provider](policy-configuration-service-provider.md) \ No newline at end of file +[Policy configuration service provider](policy-configuration-service-provider.md) diff --git a/windows/client-management/mdm/policy-csp-localusersandgroups.md b/windows/client-management/mdm/policy-csp-localusersandgroups.md index 32217ff75b..10e2076e07 100644 --- a/windows/client-management/mdm/policy-csp-localusersandgroups.md +++ b/windows/client-management/mdm/policy-csp-localusersandgroups.md @@ -104,11 +104,11 @@ See [Use custom settings for Windows 10 devices in Intune](/mem/intune/configura Example 1: Azure Active Directory focused. -The following example updates the built-in administrators group with Azure AD account "bob@contoso.com" and an Azure AD group with the SID **S-1-12-1-111111111-22222222222-3333333333-4444444444** on an AAD-joined machine. +The following example updates the built-in administrators group with the SID **S-1-5-21-2222222222-3333333333-4444444444-500** with an Azure AD account "bob@contoso.com" and an Azure AD group with the SID **S-1-12-1-111111111-22222222222-3333333333-4444444444** on an AAD-joined machine. ```xml - + @@ -119,12 +119,12 @@ The following example updates the built-in administrators group with Azure AD ac Example 2: Replace / Restrict the built-in administrators group with an Azure AD user account. > [!NOTE] -> When using ‘R’ replace option to configure the built-in ‘Administrators’ group. It is required to always specify the administrator as a member + any other custom members. This is because the built-in administrator must always be a member of the administrators group. +> When using the ‘R’ replace option to configure the built-in Administrators group with the SID **S-1-5-21-2222222222-3333333333-4444444444-500** you should always specify the administrator as a member plus any other custom members. This is necessary because the built-in administrator must always be a member of the administrators group. Example: ```xml - + @@ -134,11 +134,11 @@ Example: Example 3: Update action for adding and removing group members on a hybrid joined machine. -The following example shows how you can update a local group (**Administrators**)—add an AD domain group as a member using its name (**Contoso\ITAdmins**), add a Azure Active Directory group by its SID (**S-1-12-1-111111111-22222222222-3333333333-4444444444**), and remove a local account (**Guest**) if it exists. +The following example shows how you can update a local group (**Administrators** with the SID **S-1-5-21-2222222222-3333333333-4444444444-500**)—add an AD domain group as a member using its name (**Contoso\ITAdmins**), add an Azure Active Directory group by its SID (**S-1-12-1-111111111-22222222222-3333333333-4444444444**), and remove a local account (**Guest**) if it exists. ```xml - + diff --git a/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md index c723dc30ae..23b36c4d59 100644 --- a/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/add-a-windows-10-operating-system-image-using-configuration-manager.md @@ -15,46 +15,53 @@ ms.date: 10/27/2022 # Add a Windows 10 operating system image using Configuration Manager -**Applies to** +*Applies to:* -- Windows 10 +- Windows 10 Operating system images are typically the production image used for deployment throughout the organization. This article shows you how to add a Windows 10 operating system image created with Microsoft Configuration Manager, and how to distribute the image to a distribution point. ## Infrastructure For the purposes of this guide, we'll use one server computer: CM01. + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. - CM01 is running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). ->[!IMPORTANT] ->The procedures in this article require a reference image. Our reference images is named **REFW10-X64-001.wim**. If you have not already created a reference image, then perform all the steps in [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md) on CM01, replacing MDT01 with CM01. The final result will be a reference image located in the D:\MDTBuildLab\Captures folder that you can use for the procedure below. +> [!IMPORTANT] +> The procedures in this article require a reference image. Our reference images is named **REFW10-X64-001.wim**. If you have not already created a reference image, then perform all the steps in [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md) on CM01, replacing MDT01 with CM01. The final result will be a reference image located in the D:\MDTBuildLab\Captures folder that you can use for the procedure below. - ## Add a Windows 10 operating system image +## Add a Windows 10 operating system image On **CM01**: -1. Using File Explorer, in the **D:\\Sources\\OSD\\OS** folder, create a subfolder named **Windows 10 Enterprise x64 RTM**. -2. Copy the REFW10-X64-001.wim file to the **D:\\Sources\\OSD\\OS\\Windows 10 Enterprise x64 RTM** folder. +1. Using File Explorer, in the **`D:\Sources\OSD\OS`** folder, create a subfolder named **Windows 10 Enterprise x64 RTM**. + +2. Copy the `REFW10-X64-001.wim` file to the **`D:\Sources\OSD\OS\Windows 10 Enterprise x64 RTM`** folder. ![figure 17.](../images/ref-image.png) The Windows 10 image being copied to the Sources folder structure. -3. Using the Configuration Manager Console, in the Software Library workspace, right-click **Operating System Images**, and select **Add Operating System Image**. -4. On the **Data Source** page, in the **Path:** text box, browse to \\\\CM01\\Sources$\\OSD\\OS\\Windows 10 Enterprise x64 RTM\\REFW10-X64-001.wim, select x64 next to Architecture and choose a language, then select **Next**. -5. On the **General** page, assign the name Windows 10 Enterprise x64 RTM, select **Next** twice, and then select **Close**. -6. Distribute the operating system image to the CM01 distribution point by right-clicking the **Windows 10 Enterprise x64 RTM** operating system image and then clicking **Distribute Content**. -7. In the Distribute Content Wizard, add the CM01 distribution point, select **Next** and select **Close**. -8. View the content status for the Windows 10 Enterprise x64 RTM package. Don't continue until the distribution is completed (it might take a few minutes). You also can review the D:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for the **STATMSG: ID=2301** line. +3. Using the Configuration Manager Console, in the **Software Library** workspace, right-click **Operating System Images**, and select **Add Operating System Image**. + +4. On the **Data Source** page, in the **Path:** text box, browse to **`\\CM01\Sources$\OSD\OS\Windows 10 Enterprise x64 RTM\REFW10-X64-001.wim`**, select x64 next to Architecture and choose a language, then select **Next**. + +5. On the **General** page, assign the name Windows 10 Enterprise x64 RTM, select **Next** twice, and then select **Close**. + +6. Distribute the operating system image to the CM01 distribution point by right-clicking the **Windows 10 Enterprise x64 RTM** operating system image and then clicking **Distribute Content**. + +7. In the Distribute Content Wizard, add the CM01 distribution point, select **Next** and select **Close**. + +8. View the content status for the Windows 10 Enterprise x64 RTM package. Don't continue until the distribution is completed (it might take a few minutes). You also can review the `D:\Program Files\Microsoft Configuration Manager\Logs\distmgr.log` file and look for the **STATMSG: ID=2301** line. ![figure 18.](../images/fig18-distwindows.png) The distributed Windows 10 Enterprise x64 RTM package. -Next, see [Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md). +Next, see [Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md). ## Related articles diff --git a/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md index 7dfcbe25b8..feff4155ed 100644 --- a/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md @@ -15,25 +15,26 @@ ms.date: 10/27/2022 # Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager -**Applies to** +*Applies to:* - Windows 10 In this article, you'll learn how to configure the Windows Preinstallation Environment (Windows PE) to include the network drivers required to connect to the deployment share and the storage drivers required to see the local storage on machines. Even though the Windows PE boot image and the Windows 10 operating system contain many out-of-the-box drivers, it's likely you'll have to add new or updated drivers to support all your hardware. In this section, you import drivers for both Windows PE and the full Windows 10 operating system. For the purposes of this guide, we'll use one server computer: CM01. + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. CM01 is running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). ## Add drivers for Windows PE -This section will show you how to import some network and storage drivers for Windows PE. +This section will show you how to import some network and storage drivers for Windows PE. ->[!NOTE] ->Windows PE usually has a fairly comprehensive set of drivers out of the box, assuming that you are using a recent version of the Windows ADK. This is different than the full Windows OS which will often require drivers. You shouldn't add drivers to Windows PE unless you've an issue or are missing functionality, and in these cases you should only add the driver that you need. An example of a common driver that is added is the Intel I217 driver. Adding too many drivers can cause conflicts and lead to driver bloat in the Config Mgr database. This section shows you how to add drivers, but typically you can just skip this procedure. +> [!NOTE] +> Windows PE usually has a fairly comprehensive set of drivers out of the box, assuming that you are using a recent version of the Windows ADK. This is different than the full Windows OS which will often require drivers. You shouldn't add drivers to Windows PE unless you've an issue or are missing functionality, and in these cases you should only add the driver that you need. An example of a common driver that is added is the Intel I217 driver. Adding too many drivers can cause conflicts and lead to driver bloat in the Config Mgr database. This section shows you how to add drivers, but typically you can just skip this procedure. -This section assumes you've downloaded some drivers to the **D:\\Sources\\OSD\\DriverSources\\WinPE x64** folder on CM01. +This section assumes you've downloaded some drivers to the **`D:\Sources\OSD\DriverSources\WinPE x64`** folder on CM01. ![Drivers.](../images/cm01-drivers.png) @@ -41,12 +42,18 @@ Driver folder structure on CM01 On **CM01**: -1. Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click the **Drivers** node and select **Import Driver**. -2. In the Import New Driver Wizard, on the **Specify a location to import driver** page, select the **Import all drivers in the following network path (UNC)** option, browse to the **\\\\CM01\\Sources$\\OSD\\DriverSources\\WinPE x64** folder and select **Next**. +1. Using the Configuration Manager Console, in the **Software Library** workspace, expand **Operating Systems**, right-click the **Drivers** node and select **Import Driver**. + +2. In the Import New Driver Wizard, on the **Specify a location to import driver** page, select the **Import all drivers in the following network path (UNC)** option, browse to the **`\\CM01\Sources$\OSD\DriverSources\WinPE x64`** folder and select **Next**. + 3. On the **Specify the details for the imported driver** page, select **Categories**, create a category named **WinPE x64**, and then select **Next**. + 4. On the **Select the packages to add the imported driver** page, select **Next**. + 5. On the **Select drivers to include in the boot image** page, select the **Zero Touch WinPE x64** boot image and select **Next**. + 6. In the popup window that appears, select **Yes** to automatically update the distribution point. + 7. Select **Next**, wait for the image to be updated, and then select **Close**. ![Add drivers to Windows PE step 1.](../images/fig21-add-drivers1.png)
@@ -68,27 +75,28 @@ Driver folder structure on CM01 On **CM01**: -1. Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click the **Drivers** node and select **Import Driver**. -2. In the Import New Driver Wizard, on the **Specify a location to import driver** page, select the **Import all drivers in the following network path (UNC)** option, browse to the **\\\\CM01\\Sources$\\OSD\\DriverSources\\Windows 10 x64\\Hewlett-Packard\\HP EliteBook 8560w** folder and select **Next**. Wait a minute for driver information to be validated. +1. Using the Configuration Manager Console, in the **Software Library** workspace, expand **Operating Systems**, right-click the **Drivers** node and select **Import Driver**. + +2. In the Import New Driver Wizard, on the **Specify a location to import driver** page, select the **Import all drivers in the following network path (UNC)** option, browse to the **`\\CM01\Sources$\OSD\DriverSources\Windows 10 x64\Hewlett-Packard\HP EliteBook 8560w`** folder and select **Next**. Wait a minute for driver information to be validated. + 3. On the **Specify the details for the imported driver** page, select **Categories**, create a category named **Windows 10 x64 - HP EliteBook 8560w**, select **OK**, and then select **Next**. ![Create driver categories.](../images/fig22-createcategories.png "Create driver categories") Create driver categories - 4. On the **Select the packages to add the imported driver** page, select **New Package**, use the following settings for the package, and then select **Next**: - * Name: Windows 10 x64 - HP EliteBook 8560w - * Path: \\\\CM01\\Sources$\\OSD\\DriverPackages\\Windows 10 x64\\Hewlett-Packard\\HP EliteBook 8560w + - Name: Windows 10 x64 - HP EliteBook 8560w + - Path: **`\\CM01\Sources$\OSD\DriverPackages\Windows 10 x64\Hewlett-Packard\HP EliteBook 8560w`** - >[!NOTE] - >The package path does not yet exist, so you've to type it in. The wizard will create the new package using the path you specify. + > [!NOTE] + > The package path does not yet exist so it has to be created by typing it in. The wizard will create the new package using the path you specify. -5. On the **Select drivers to include in the boot image** page, don't select anything, and select **Next** twice. After the package has been created, select **Close**. +5. On the **Select drivers to include in the boot image** page, don't select anything, and select **Next** twice. After the package has been created, select **Close**. - >[!NOTE] - >If you want to monitor the driver import process more closely, you can open the SMSProv.log file during driver import. + > [!NOTE] + > If you want to monitor the driver import process more closely, you can open the SMSProv.log file during driver import. ![Drivers imported and a new driver package created.](../images/cm01-drivers-packages.png "Drivers imported and a new driver package created") diff --git a/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md b/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md index 25f8bd58cf..bc6f5f88b1 100644 --- a/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md @@ -15,14 +15,16 @@ ms.date: 10/27/2022 # Create a custom Windows PE boot image with Configuration Manager -**Applies to** +*Applies to:* - Windows 10 In Microsoft Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This article shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process. + - The boot image that is created is based on the version of ADK that is installed. For the purposes of this guide, we'll use one server computer: CM01. + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. CM01 is running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). @@ -31,16 +33,21 @@ For the purposes of this guide, we'll use one server computer: CM01. The steps below outline the process for adding DaRT 10 installation files to the MDT installation directory. You also copy a custom background image to be used later. These steps are optional. If you don't wish to add DaRT, skip the steps below to copy DaRT tools, and later skip adding the DaRT component to the boot image. -We assume you've downloaded [Microsoft Desktop Optimization Pack (MDOP) 2015](https://my.visualstudio.com/Downloads?q=Desktop%20Optimization%20Pack%202015) and copied the x64 version of MSDaRT100.msi to the **C:\\Setup\\DaRT 10** folder on CM01. We also assume you've created a custom background image and saved it in **C:\\Setup\\Branding** on CM01. In this section, we use a custom background image named ContosoBackground.bmp. +We assume you've downloaded [Microsoft Desktop Optimization Pack (MDOP) 2015](https://my.visualstudio.com/Downloads?q=Desktop%20Optimization%20Pack%202015) and copied the x64 version of MSDaRT100.msi to the **C:\\Setup\\DaRT 10** folder on CM01. We also assume you've created a custom background image and saved it in **`C:\Setup\Branding`** on CM01. In this section, we use a custom background image named [ContosoBackground.png](../images/ContosoBackground.png) On **CM01**: -1. Install DaRT 10 (C:\\Setup\\DaRT 10\\MSDaRT100.msi) using the default settings. -2. Using File Explorer, navigate to the **C:\\Program Files\\Microsoft DaRT\\v10** folder. -3. Copy the Toolsx64.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x64** folder. -4. Copy the Toolsx86.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x86** folder. -5. Using File Explorer, navigate to the **C:\\Setup** folder. -6. Copy the **Branding** folder to **D:\\Sources\\OSD**. +1. Install DaRT 10 (**`C:\\Setup\\DaRT 10\\MSDaRT100.msi`**) using the default settings. + +2. Using File Explorer, navigate to the **`C:\Program Files\Microsoft DaRT\v10`** folder. + +3. Copy the Toolsx64.cab file to the **`C:\Program Files\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x64`** folder. + +4. Copy the Toolsx86.cab file to the **`C:\Program Files\Microsoft Deployment Toolkit\Templates\Distribution\Tools\x86`** folder. + +5. Using File Explorer, navigate to the **`C:\Setup`** folder. + +6. Copy the **Branding** folder to **`D:\Sources\OSD`**. ## Create a boot image for Configuration Manager using the MDT wizard @@ -48,15 +55,18 @@ By using the MDT wizard to create the boot image in Configuration Manager, you g On **CM01**: -1. Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Boot Images**, and select **Create Boot Image using MDT**. -2. On the **Package Source** page, in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Boot\\Zero Touch WinPE x64** and select **Next**. +1. Using the Configuration Manager Console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Boot Images**, and select **Create Boot Image using MDT**. - >[!NOTE] - >The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later by the wizard. +2. On the **Package Source** page, in the **Package source folder to be created (UNC Path):** text box, enter **`\\CM01\Sources$\OSD\Boot\Zero Touch WinPE x64`** and select **Next**. -3. On the **General Settings** page, assign the name **Zero Touch WinPE x64** and select **Next**. -4. On the **Options** page, select the **x64** platform, and select **Next**. -5. On the **Components** page, in addition to the default selected **Microsoft Data Access Components (MDAC/ADO)** support, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** check box and select **Next**. + > [!NOTE] + > The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later by the wizard. + +3. On the **General Settings** page, assign the name **Zero Touch WinPE x64** and select **Next**. + +4. On the **Options** page, select the **x64** platform, and select **Next**. + +5. On the **Components** page, in addition to the default selected **Microsoft Data Access Components (MDAC/ADO)** support, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** check box and select **Next**. ![Add the DaRT component to the Configuration Manager boot image.](../images/mdt-06-fig16.png "Add the DaRT component to the Configuration Manager boot image") @@ -64,19 +74,25 @@ On **CM01**: >Note: Another common component to add here is Windows PowerShell to enable PowerShell support within Windows PE. -6. On the **Customization** page, select the **Use a custom background bitmap file** check box, and in the **UNC path:** text box, browse to **\\\\CM01\\Sources$\\OSD\\Branding\\ContosoBackground.bmp** and then select **Next** twice. Wait a few minutes while the boot image is generated, and then select **Finish**. -7. Distribute the boot image to the CM01 distribution point by selecting the **Boot images** node, right-clicking the **Zero Touch WinPE x64** boot image, and selecting **Distribute Content**. -8. In the Distribute Content Wizard, add the CM01 distribution point, and complete the wizard. -9. Using Configuration Manager Trace, review the D:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file. Don't continue until you can see that the boot image is distributed. Look for the line that reads **STATMSG: ID=2301**. You also can monitor Content Status in the Configuration Manager Console at **\Monitoring\Overview\Distribution Status\Content Status\Zero Touch WinPE x64**. See the following examples: +6. On the **Customization** page, select the **Use a custom background bitmap file** check box, and in the **UNC path:** text box, browse to **`\\CM01\Sources$\OSD\Branding\ContosoBackground.bmp`** and then select **Next** twice. Wait a few minutes while the boot image is generated, and then select **Finish**. + +7. Distribute the boot image to the CM01 distribution point by selecting the **Boot images** node, right-clicking the **Zero Touch WinPE x64** boot image, and selecting **Distribute Content**. + +8. In the Distribute Content Wizard, add the CM01 distribution point, and complete the wizard. + +9. Using Configuration Manager Trace, review the `D:\Program Files\Microsoft Configuration Manager\Logs\distmgr.log` file. Don't continue until you can see that the boot image is distributed. Look for the line that reads **STATMSG: ID=2301**. You also can monitor Content Status in the Configuration Manager Console at **Monitoring** > **Overview** > **Distribution Status** > **Content Status** > **Zero Touch WinPE x64**. See the following examples: ![Content status for the Zero Touch WinPE x64 boot image step 1.](../images/fig16-contentstatus1.png)
![Content status for the Zero Touch WinPE x64 boot image step 2.](../images/fig16-contentstatus2.png) Content status for the Zero Touch WinPE x64 boot image -10. Using the Configuration Manager Console, in the Software Library workspace, under **Boot Images**, right-click the **Zero Touch WinPE x64** boot image and select **Properties**. +10. Using the Configuration Manager Console, in the **Software Library** workspace, under **Boot Images**, right-click the **Zero Touch WinPE x64** boot image and select **Properties**. + 11. On the **Data Source** tab, select the **Deploy this boot image from the PXE-enabled distribution point** check box, and select **OK**. + 12. Using Configuration Manager Trace, review the D:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for this text: **Expanding PS100009 to D:\\RemoteInstall\\SMSImages**. + 13. Review the **D:\\RemoteInstall\\SMSImages** folder. You should see three folders containing boot images. Two are from the default boot images, and the third folder (PS100009) is from your new boot image with DaRT. See the examples below: ![PS100009 step 1.](../images/ps100009-1.png)
diff --git a/windows/deployment/deploy-windows-cm/create-a-task-sequence-with-configuration-manager-and-mdt.md b/windows/deployment/deploy-windows-cm/create-a-task-sequence-with-configuration-manager-and-mdt.md index 3378ffe20d..dc5fff054b 100644 --- a/windows/deployment/deploy-windows-cm/create-a-task-sequence-with-configuration-manager-and-mdt.md +++ b/windows/deployment/deploy-windows-cm/create-a-task-sequence-with-configuration-manager-and-mdt.md @@ -14,13 +14,14 @@ ms.date: 10/27/2022 # Create a task sequence with Configuration Manager and MDT -**Applies to** +*Applies to:* -- Windows 10 +- Windows 10 In this article, you'll learn how to create a Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard. Creating task sequences in Configuration Manager requires many more steps than creating task sequences for MDT Lite Touch installation. Luckily, the MDT wizard helps you through the process and also guides you through creating the needed packages. For the purposes of this guide, we'll use one server computer: CM01. + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. CM01 is running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). Note: Active Directory [permissions](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md#configure-active-directory-permissions) for the **CM_JD** account are required for the task sequence to work properly. @@ -31,32 +32,46 @@ This section walks you through the process of creating a Configuration Manager t On **CM01**: -1. Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**. -2. On the **Choose Template** page, select the **Client Task Sequence** template and select **Next**. -3. On the **General** page, assign the following settings and then select **Next**: - * Task sequence name: Windows 10 Enterprise x64 RTM - * Task sequence comments: Production image with Office 365 Pro Plus x64 -4. On the **Details** page, assign the following settings and then select **Next**: - * Join a Domain - * Domain: contoso.com - * Account: contoso\\CM\_JD - * Password: pass@word1 - * Windows Settings - * User name: Contoso - * Organization name: Contoso - * Product key: <blank> +1. Using the Configuration Manager Console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**. + +2. On the **Choose Template** page, select the **Client Task Sequence** template and select **Next**. + +3. On the **General** page, assign the following settings and then select **Next**: + - Task sequence name: Windows 10 Enterprise x64 RTM + - Task sequence comments: Production image with Office 365 Pro Plus x64 + +4. On the **Details** page, assign the following settings and then select **Next**: + - Join a Domain + - Domain: contoso.com + - Account: contoso\\CM\_JD + - Password: pass@word1 + - Windows Settings + - User name: Contoso + - Organization name: Contoso + - Product key: *\* + +5. On the **Capture Settings** page, accept the default settings, and select **Next**. + +6. On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then select **Next**. + +7. On the **MDT Package** page, select **Create a new Microsoft Deployment Toolkit Files package**, and in the **Package source folder to be created (UNC Path):** text box, enter **`\\CM01\Sources$\OSD\MDT\MDT`**. Then select **Next**. + +8. On the **MDT Details** page, assign the name **MDT** and select **Next**. + +9. On the **OS Image** page, browse and select the **Windows 10 Enterprise x64 RTM** package. Then select **Next**. -5. On the **Capture Settings** page, accept the default settings, and select **Next**. -6. On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then select **Next**. -7. On the **MDT Package** page, select **Create a new Microsoft Deployment Toolkit Files package**, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\MDT\\MDT**. Then select **Next**. -8. On the **MDT Details** page, assign the name **MDT** and select **Next**. -9. On the **OS Image** page, browse and select the **Windows 10 Enterprise x64 RTM** package. Then select **Next**. 10. On the **Deployment Method** page, accept the default settings (Zero Touch installation) and select **Next**. + 11. On the **Client Package** page, browse and select the **Microsoft Corporation Configuration Manager Client Package** and select **Next**. + 12. On the **USMT Package** page, browse and select the **Microsoft Corporation User State Migration Tool for Windows** package and select **Next**. -13. On the **Settings Package** page, select the **Create a new settings package** option, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Settings\\Windows 10 x64 Settings** and select **Next**. + +13. On the **Settings Package** page, select the **Create a new settings package** option, and in the **Package source folder to be created (UNC Path):** text box, enter **`\\CM01\Sources$\OSD\Settings\Windows 10 x64 Settings`** and select **Next**. + 14. On the **Settings Details** page, assign the name **Windows 10 x64 Settings** and select **Next**. + 15. On the **Sysprep Package** page, select **Next** twice. + 16. On the **Confirmation** page, select **Finish**. ## Edit the task sequence @@ -65,66 +80,70 @@ After you create the task sequence, we recommend that you configure the task seq On **CM01**: -1. Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, select **Task Sequences**, right-click the **Windows 10 Enterprise x64 RTM** task sequence, and select **Edit**. -2. In the **Install** group (about halfway down), select the **Set Variable for Drive Letter** action and configure the following: - * OSDPreserveDriveLetter: True - - >[!NOTE] - >If you don't change this value, your Windows installation will end up in D:\\Windows. +1. Using the Configuration Manager Console, in the **Software Library** workspace, expand **Operating Systems**, select **Task Sequences**, right-click the **Windows 10 Enterprise x64 RTM** task sequence, and select **Edit**. + +2. In the **Post Install** group, select **Apply Network Settings**, and configure the **Domain OU** value to use the **Contoso / Computers / Workstations** OU (browse for values). + +3. In the **Post Install** group, disable the **Auto Apply Drivers** action. (Disabling is done by selecting the action and, in the **Options** tab, selecting the **Disable this step** check box.) + +4. After the disabled **Post Install / Auto Apply Drivers** action, add a new group name: **Drivers**. + +5. After the **Post Install / Drivers** group, add an **Apply Driver Package** action with the following settings: + + - Name: HP EliteBook 8560w + - Driver Package: Windows 10 x64 - HP EliteBook 8560w + - Options tab - Add Condition: Task Sequence Variable: Model equals HP EliteBook 8560w + + > [!NOTE] + > You also can add a Query WMI condition with the following query: SELECT \* FROM Win32\_ComputerSystem WHERE Model LIKE '%HP EliteBook 8560w%' -3. In the **Post Install** group, select **Apply Network Settings**, and configure the **Domain OU** value to use the **Contoso / Computers / Workstations** OU (browse for values). -4. In the **Post Install** group, disable the **Auto Apply Drivers** action. (Disabling is done by selecting the action and, in the **Options** tab, selecting the **Disable this step** check box.) -5. After the disabled **Post Install / Auto Apply Drivers** action, add a new group name: **Drivers**. -6. After the **Post Install / Drivers** group, add an **Apply Driver Package** action with the following settings: - * Name: HP EliteBook 8560w - * Driver Package: Windows 10 x64 - HP EliteBook 8560w - * Options tab - Add Condition: Task Sequence Variable: Model equals HP EliteBook 8560w - - >[!NOTE] - >You also can add a Query WMI condition with the following query: SELECT \* FROM Win32\_ComputerSystem WHERE Model LIKE '%HP EliteBook 8560w%' - ![Driver package options.](../images/fig27-driverpackage.png "Driver package options") - + The driver package options -7. In the **State Restore / Install Applications** group, select the **Install Application** action. -8. Select the **Install the following applications** radio button, and add the OSD / Adobe Reader DC - OSD Install application to the list. +6. In the **State Restore / Install Applications** group, select the **Install Application** action. + +7. Select the **Install the following applications** radio button, and add the OSD / Adobe Reader DC - OSD Install application to the list. ![Add an application to the task sequence.](../images/fig28-addapp.png "Add an application to the task sequence") Add an application to the Configuration Manager task sequence - >[!NOTE] - >In recent versions of Configuration Manager the Request State Store and Release State Store actions described below are present by default. These actions are used for common computer replace scenarios. There's also the additional condition on the options tab: USMTOfflineMigration not equals TRUE. If these actions are not present, try updating to the Config Mgr current branch release. + > [!NOTE] + > In recent versions of Configuration Manager the Request State Store and Release State Store actions described below are present by default. These actions are used for common computer replace scenarios. There's also the additional condition on the options tab: USMTOfflineMigration not equals TRUE. If these actions are not present, try updating to the latest Configuration Manager current branch release. -9. In the **State Restore** group, after the **Set Status 5** action, verify there's a **User State \ Request State Store** action with the following settings: - * Request state storage location to: Restore state from another computer - * If computer account fails to connect to state store, use the Network Access account: selected - * Options: Continue on error - * Options / Add Condition: - * Task Sequence Variable - * USMTLOCAL not equals True +8. In the **State Restore** group, after the **Set Status 5** action, verify there's a **User State \ Request State Store** action with the following settings: -10. In the **State Restore** group, after the **Restore User State** action, verify there's a **Release State Store** action with the following settings: - * Options: Continue on error - * Options / Condition: - * Task Sequence Variable - * USMTLOCAL not equals True + - Request state storage location to: Restore state from another computer + - If computer account fails to connect to state store, use the Network Access account: selected + - Options: Continue on error + - Options / Add Condition: + - Task Sequence Variable + - USMTLOCAL not equals True -11. Select **OK**. +9. In the **State Restore** group, after the **Restore User State** action, verify there's a **Release State Store** action with the following settings: + - Options: Continue on error + - Options / Condition: + - Task Sequence Variable + - USMTLOCAL not equals True + +10. Select **OK**. ## Organize your packages (optional) -If desired, you can create a folder structure for packages. This folder structure is purely for organizational purposes and is useful if you need to manage a large number of packages. +If desired, you can create a folder structure for packages. This folder structure is purely for organizational purposes and is useful if you need to manage a large number of packages. To create a folder for packages: On **CM01**: -1. Using the Configuration Manager Console, in the Software Library workspace, expand **Application Management**, and then select **Packages**. -2. Right-click **Packages**, point to **Folder**, select **Create Folder** and create the OSD folder. This process will create the Root \ OSD folder structure. -3. Select the **MDT**, **User State Migration Tool for Windows**, and **Windows 10 x64 Settings** packages, right-click and select **Move**. -4. In the **Move Selected Items** dialog box, select the **OSD** folder, and select **OK**. +1. Using the Configuration Manager Console, in the **Software Library** workspace, expand **Application Management**, and then select **Packages**. + +2. Right-click **Packages**, point to **Folder**, select **Create Folder** and create the OSD folder. This process will create the Root \ OSD folder structure. + +3. Select the **MDT**, **User State Migration Tool for Windows**, and **Windows 10 x64 Settings** packages, right-click and select **Move**. + +4. In the **Move Selected Items** dialog box, select the **OSD** folder, and select **OK**. Next, see [Finalize the operating system configuration for Windows 10 deployment with Configuration Manager](finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md). diff --git a/windows/deployment/deploy-windows-cm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md index 104e5718ef..7a7d509012 100644 --- a/windows/deployment/deploy-windows-cm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md @@ -15,62 +15,73 @@ ms.date: 10/27/2022 # Create an application to deploy with Windows 10 using Configuration Manager +*Applies to:* -**Applies to** - -- Windows 10 +- Windows 10 Microsoft Configuration Manager supports deploying applications as part of the Windows 10 deployment process. In this section, you create an application in Microsoft Configuration Manager that you later configure the task sequence to use. For the purposes of this guide, we'll use one server computer: CM01. -- CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. CM01 is running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. ->[!NOTE] ->The [reference image](add-a-windows-10-operating-system-image-using-configuration-manager.md) used in this lab already contains some applications, such as Microsoft Office 365 Pro Plus x64. The procedure demonstrated in this article enables you to add some additional custom applications beyond those included in the reference image. +- CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. CM01 is running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. + +> [!NOTE] +> The [reference image](add-a-windows-10-operating-system-image-using-configuration-manager.md) used in this lab already contains some applications, such as Microsoft Office 365 Pro Plus x64. The procedure demonstrated in this article enables you to add some additional custom applications beyond those included in the reference image. ## Example: Create the Adobe Reader application On **CM01**: -1. Create the **D:\Setup** folder if it doesn't already exist. -1. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (ex: AcroRdrDC2000620034_en_US.exe) to **D:\\Setup\\Adobe** on CM01. The filename will differ depending on the version of Acrobat Reader. -2. Extract the .exe file that you downloaded to a .msi. The source folder will differ depending on where you downloaded the file. See the following example: +1. Create the **`D:\Setup`** folder if it doesn't already exist. - ```powershell - Set-Location C:\Users\administrator.CONTOSO\Downloads - .\AcroRdrDC2000620034_en_US.exe -sfx_o"d:\Setup\Adobe\" -sfx_ne - ``` - >Note: the extraction process will create the "Adobe" folder +2. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (ex: AcroRdrDC2000620034_en_US.exe) to **`D:\Setup\Adobe`** on CM01. The filename will differ depending on the version of Acrobat Reader. -3. Using File Explorer, copy the **D:\\Setup\\Adobe** folder to the **D:\\Sources\\Software\\Adobe** folder. -4. In the Configuration Manager Console, in the Software Library workspace, expand **Application Management**. -5. Right-click **Applications**, point to **Folder** and then select **Create Folder**. Assign the name **OSD**. -6. Right-click the **OSD** folder, and select **Create Application**. -7. In the Create Application Wizard, on the **General** page, use the following settings: +3. Extract the .exe file that you downloaded to a .msi. The source folder will differ depending on where you downloaded the file. See the following example: - * Automatically detect information about this application from installation files - * Type: Windows Installer (\*.msi file) - * Location: \\\\CM01\\Sources$\\Software\\Adobe\\AcroRead.msi + ```powershell + Set-Location C:\Users\administrator.CONTOSO\Downloads + .\AcroRdrDC2000620034_en_US.exe -sfx_o"d:\Setup\Adobe\" -sfx_ne + ``` + + > [!NOTE] + > The extraction process will create the "Adobe" folder. + +4. Using File Explorer, copy the **`D:\Setup\Adobe`** folder to the **`D:\Sources\Software\Adobe`** folder. + +5. In the Configuration Manager Console, in the **Software Library** workspace, expand **Application Management**. + +6. Right-click **Applications**, point to **Folder** and then select **Create Folder**. Assign the name **OSD**. + +7. Right-click the **OSD** folder, and select **Create Application**. + +8. In the Create Application Wizard, on the **General** page, use the following settings: + + - Automatically detect information about this application from installation files + - Type: Windows Installer (\*.msi file) + - Location: `\\CM01\Sources$\Software\Adobe\AcroRead.msi` ![The Create Application Wizard.](../images/mdt-06-fig20.png "The Create Application Wizard") The Create Application Wizard -8. Select **Next**, and wait while Configuration Manager parses the MSI file. -9. On the **Import Information** page, review the information and then select **Next**. -10. On the **General Information** page, name the application Adobe Acrobat Reader DC - OSD Install, select **Next** twice, and then select **Close**. +9. Select **Next**, and wait while Configuration Manager parses the MSI file. - >[!NOTE] - >Because it is not possible to reference an application deployment type in the task sequence, you should have a single deployment type for applications deployed by the task sequence. If you are deploying applications via both the task sequence and normal application deployment, and you have multiple deployment types, you should have two applications of the same software. In this section, you add the "OSD Install" suffix to applications that are deployed via the task sequence. If using packages, you can still reference both package and program in the task sequence. +10. On the **Import Information** page, review the information and then select **Next**. + +11. On the **General Information** page, name the application Adobe Acrobat Reader DC - OSD Install, select **Next** twice, and then select **Close**. + + > [!NOTE] + > Because it is not possible to reference an application deployment type in the task sequence, you should have a single deployment type for applications deployed by the task sequence. If you are deploying applications via both the task sequence and normal application deployment, and you have multiple deployment types, you should have two applications of the same software. In this section, you add the "OSD Install" suffix to applications that are deployed via the task sequence. If using packages, you can still reference both package and program in the task sequence. - ![Add the OSD Install suffix to the application name.](../images/mdt-06-fig21.png "Add the OSD Install suffix to the application name") + ![Add the OSD Install suffix to the application name.](../images/mdt-06-fig21.png "Add the OSD Install suffix to the application name") - Add the "OSD Install" suffix to the application name + Add the "OSD Install" suffix to the application name -11. In the **Applications** node, select the Adobe Reader - OSD Install application, and select **Properties** on the ribbon bar (this path is another place to view properties, you can also right-click and select properties). -12. On the **General Information** tab, select the **Allow this application to be installed from the Install Application task sequence action without being deployed** check box, and select **OK**. +12. In the **Applications** node, select the Adobe Reader - OSD Install application, and select **Properties** on the ribbon bar (this path is another place to view properties, you can also right-click and select properties). -Next, see [Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md). +13. On the **General Information** tab, select the **Allow this application to be installed from the Install Application task sequence action without being deployed** check box, and select **OK**. + +Next, see [Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md). ## Related articles diff --git a/windows/deployment/deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md b/windows/deployment/deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md index c9e0d32d11..6a0dd625b6 100644 --- a/windows/deployment/deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md @@ -14,13 +14,14 @@ ms.date: 10/27/2022 # Deploy Windows 10 using PXE and Configuration Manager -**Applies to** +*Applies to:* -- Windows 10 +- Windows 10 In this article, you'll learn how to deploy Windows 10 using Microsoft Configuration Manager deployment packages and task sequences. This article will walk you through the process of deploying the Windows 10 Enterprise image to a Unified Extensible Firmware Interface (UEFI) computer named PC0001. An existing Configuration Manager infrastructure that is integrated with MDT is used for the procedures in this article. This article assumes that you've completed the following prerequisite procedures: + - [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) - [Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md) - [Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md) @@ -30,37 +31,49 @@ This article assumes that you've completed the following prerequisite procedures - [Finalize the operating system configuration for Windows 10 deployment with Configuration Manager](finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md) For the purposes of this guide, we'll use a minimum of two server computers (DC01 and CM01) and one client computer (PC0001). + - DC01 is a domain controller and DNS server for the contoso.com domain. DHCP services are also available and optionally installed on DC01 or another server. Note: DHCP services are required for the client (PC0001) to connect to the Windows Deployment Service (WDS). + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. - - CM01 is also running WDS that will be required to start PC0001 via PXE. **Note**: Ensure that only CM01 is running WDS. + + - CM01 is also running WDS that will be required to start PC0001 via PXE. + + > [!NOTE] + > Ensure that only CM01 is running WDS. + - PC0001 is a client computer that is blank, or has an operating system that will be erased and replaced with Windows 10. The device must be configured to boot from the network. ->[!NOTE] ->If desired, PC0001 can be a VM hosted on the server HV01, which is a Hyper-V host computer that we used previously to build a Windows 10 reference image. However, if PC0001 is a VM then you must ensure it has sufficient resources available to run the Configuration Manager OSD task sequence. 2GB of RAM or more is recommended. +> [!NOTE] +> If desired, PC0001 can be a VM hosted on the server HV01, which is a Hyper-V host computer that we used previously to build a Windows 10 reference image. However, if PC0001 is a VM then you must ensure it has sufficient resources available to run the Configuration Manager OSD task sequence. 2GB of RAM or more is recommended. -All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. +All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. All server and client computers referenced in this guide are on the same subnet. This connection isn't required. But each server and client computer must be able to connect to each other to share files, and to resolve all DNS names and Active Directory information for the `contoso.com` domain. Internet connectivity is also required to download OS and application updates. ->[!NOTE] ->No WDS console configuration is required for PXE to work. Everything is done with the Configuration Manager console. +> [!NOTE] +> No WDS console configuration is required for PXE to work. Everything is done with the Configuration Manager console. ## Procedures 1. Start the PC0001 computer. At the Pre-Boot Execution Environment (PXE) boot menu, press **Enter** to allow it to PXE boot. -2. On the **Welcome to the Task Sequence Wizard** page, type in the password **pass\@word1** and select **Next**. + +2. On the **Welcome to the Task Sequence Wizard** page, enter in the password **pass\@word1** and select **Next**. + 3. On the **Select a task sequence to run** page, select **Windows 10 Enterprise x64 RTM** and select **Next**. -4. On the **Edit Task Sequence Variables** page, double-click the **OSDComputerName** variable, and in the **Value** field, type **PC0001** and select **OK**. Then select **Next**. -5. The operating system deployment will take several minutes to complete. + +4. On the **Edit Task Sequence Variables** page, double-click the **OSDComputerName** variable, and in the **Value** field, enter **PC0001** and select **OK**. Then select **Next**. + +5. The operating system deployment will take several minutes to complete. + 6. You can monitor the deployment on CM01 using the MDT Deployment Workbench. When you see the PC0001 entry, double-click **PC0001**, and then select **DaRT Remote Control** and review the **Remote Control** option. The task sequence will run and do the following steps: - * Install the Windows 10 operating system. - * Install the Configuration Manager client and the client hotfix. - * Join the computer to the domain. - * Install the application added to the task sequence. - - >[!NOTE] - >You also can use the built-in reports to get information about ongoing deployments. For example, a task sequence report gives you a quick overview of the task sequence progress. + - Install the Windows 10 operating system. + - Install the Configuration Manager client and the client hotfix. + - Join the computer to the domain. + - Install the application added to the task sequence. + + > [!NOTE] + > You also can use the built-in reports to get information about ongoing deployments. For example, a task sequence report gives you a quick overview of the task sequence progress. ![MDT monitoring.](../images/pc0001-monitor.png) diff --git a/windows/deployment/deploy-windows-cm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md b/windows/deployment/deploy-windows-cm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md index 5bec64ed7d..581ec6010d 100644 --- a/windows/deployment/deploy-windows-cm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md @@ -15,31 +15,32 @@ ms.date: 10/27/2022 # Finalize the operating system configuration for Windows 10 deployment with Configuration Manager -**Applies to** +*Applies to:* -- Windows 10 +- Windows 10 This article walks you through the steps to finalize the configuration of your Windows 10 operating deployment, which includes enabling optional MDT monitoring for Configuration Manager, logs folder settings, rules configuration, content distribution, and deployment of the previously created task sequence. For the purposes of this guide, we'll use one server computer: CM01. + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. CM01 is running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). ## Enable MDT monitoring -This section will walk you through the process of creating the D:\\MDTProduction deployment share using the MDT Deployment Workbench to enable monitoring for Configuration Manager. +This section will walk you through the process of creating the **`D:\MDTProduction`** deployment share using the MDT Deployment Workbench to enable monitoring for Configuration Manager. On **CM01**: -1. Open the Deployment Workbench, right-click **Deployment Shares** and select **New Deployment Share**. Use the following settings for the New Deployment Share Wizard: +1. Open the Deployment Workbench, right-click **Deployment Shares** and select **New Deployment Share**. Use the following settings for the New Deployment Share Wizard: - * Deployment share path: D:\\MDTProduction - * Share name: MDTProduction$ - * Deployment share description: MDT Production - * Options: <default settings> + - Deployment share path: D:\\MDTProduction + - Share name: MDTProduction$ + - Deployment share description: MDT Production + - Options: *\* -2. Right-click the **MDT Production** deployment share, and select **Properties**. On the **Monitoring** tab, select the **Enable monitoring for this deployment share** check box, and select **OK**. +2. Right-click the **MDT Production** deployment share, and select **Properties**. On the **Monitoring** tab, select the **Enable monitoring for this deployment share** check box, and select **OK**. ![Enable MDT monitoring for Configuration Manager.](../images/mdt-06-fig31.png) @@ -51,16 +52,17 @@ The D:\Logs folder was [created previously](prepare-for-zero-touch-installation- On **CM01**: -1. To configure NTFS permissions using icacls.exe, type the following command at an elevated Windows PowerShell prompt: +1. To configure NTFS permissions using `icacls.exe`, enter the following command at an elevated Windows PowerShell prompt: - ``` - icacls D:\Logs /grant '"CM_NAA":(OI)(CI)(M)' + ```cmd + icacls.exe D:\Logs /grant '"CM_NAA":(OI)(CI)(M)' ``` -2. Using File Explorer, navigate to the **D:\\Sources\\OSD\\Settings\\Windows 10 x64 Settings** folder. -3. To enable server-side logging, edit the CustomSetting.ini file with Notepad.exe and enter the following settings: +2. Using File Explorer, navigate to the **`D:\Sources\OSD\Settings\Windows 10 x64 Settings`** folder. - ``` +3. To enable server-side logging, edit the `CustomSetting.ini` file with `Notepad.exe` and enter the following settings: + + ```ini [Settings] Priority=Default Properties=OSDMigrateConfigFiles,OSDMigrateMode @@ -79,12 +81,12 @@ On **CM01**: ![Settings package during deployment.](../images/fig30-settingspack.png) - The Settings package, holding the rules and the Unattend.xml template used during deployment + The Settings package, holding the rules and the `Unattend.xml` template used during deployment -3. In the Configuration Manager console, update the distribution point for the **Windows 10 x64 Settings** package by right-clicking the **Windows 10 x64 Settings** package and selecting **Update Distribution Points**. Select **OK** in the popup dialog box. +4. In the Configuration Manager console, update the distribution point for the **Windows 10 x64 Settings** package by right-clicking the **Windows 10 x64 Settings** package and selecting **Update Distribution Points**. Select **OK** in the popup dialog box. - >[!NOTE] - >Although you haven't yet added a distribution point, you still need to select Update Distribution Points. This process also updates the Configuration Manager content library with changes. + > [!NOTE] + > Although you haven't yet added a distribution point, you still need to select Update Distribution Points. This process also updates the Configuration Manager content library with changes. ## Distribute content to the CM01 distribution portal @@ -92,9 +94,11 @@ In Configuration Manager, you can distribute all packages needed by a task seque On **CM01**: -1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems** and select **Task Sequences**. Right-click the **Windows 10 Enterprise x64 RTM** task sequence, and select **Distribute Content**. -2. In the Distribute Content Wizard, select **Next** twice then on the **Specify the content destination** page add the Distribution Point: **CM01.CONTOSO.COM**, and then complete the wizard. -3. Using the CMTrace tool, verify the distribution to the CM01 distribution point by reviewing the distmgr.log file, or use the Distribution Status / Content Status option in the Monitoring workspace. Don't continue until you see all the new packages being distributed successfully. +1. Using the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems** and select **Task Sequences**. Right-click the **Windows 10 Enterprise x64 RTM** task sequence, and select **Distribute Content**. + +2. In the Distribute Content Wizard, select **Next** twice then on the **Specify the content destination** page add the Distribution Point: **CM01.CONTOSO.COM**, and then complete the wizard. + +3. Using the CMTrace tool, verify the distribution to the CM01 distribution point by reviewing the `distmgr.log` file, or use the Distribution Status / Content Status option in the Monitoring workspace. Don't continue until you see all the new packages being distributed successfully. ![Content status.](../images/cm01-content-status1.png) @@ -106,20 +110,25 @@ This section provides steps to help you create a deployment for the task sequenc On **CM01**: -1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems** and select **Task Sequences**, right-click **Windows 10 Enterprise x64 RTM** and then select **Deploy**. +1. Using the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems** and select **Task Sequences**, right-click **Windows 10 Enterprise x64 RTM** and then select **Deploy**. + 2. In the Deploy Software Wizard, on the **General** page, select the **All Unknown Computers** collection and select **Next**. + 3. On the **Deployment Settings** page, use the below settings and then select **Next**: - * Purpose: Available - * Make available to the following: Only media and PXE + - Purpose: Available + - Make available to the following: Only media and PXE ![Configure the deployment settings.](../images/mdt-06-fig33.png) - + Configure the deployment settings 4. On the **Scheduling** page, accept the default settings and select **Next**. + 5. On the **User Experience** page, accept the default settings and select **Next**. + 6. On the **Alerts** page, accept the default settings and select **Next**. + 7. On the **Distribution Points** page, accept the default settings, select **Next** twice, and then select **Close**. ![Task sequence deployed.](../images/fig32-deploywiz.png) @@ -134,20 +143,20 @@ This section provides steps to help you configure the All Unknown Computers coll On **CM01**: -1. Using the Configuration Manager console, in the Asset and Compliance workspace, select **Device Collections**, right-click **All Unknown Computers**, and select **Properties**. +1. Using the Configuration Manager console, in the **Asset and Compliance** workspace, select **Device Collections**, right-click **All Unknown Computers**, and select **Properties**. 2. On the **Collection Variables** tab, create a new variable with the following settings: - * Name: OSDComputerName - * Clear the **Do not display this value in the Configuration Manager console** check box. + - Name: OSDComputerName + - Clear the **Do not display this value in the Configuration Manager console** check box. 3. Select **OK**. - >[!NOTE] - >Configuration Manager can prompt for information in many ways. Using a collection variable with an empty value is just one of them. Another option is the User-Driven Installation (UDI) wizard. - + > [!NOTE] + > Configuration Manager can prompt for information in many ways. Using a collection variable with an empty value is just one of them. Another option is the User-Driven Installation (UDI) wizard. + ![Configure a collection variable.](../images/mdt-06-fig35.png) - + Configure a collection variable Next, see [Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md). diff --git a/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md b/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md index ce164ba563..2fa98b5ab7 100644 --- a/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md @@ -14,7 +14,7 @@ ms.date: 10/27/2022 # Prepare for Zero Touch Installation of Windows 10 with Configuration Manager -**Applies to** +*Applies to:* - Windows 10 @@ -28,18 +28,30 @@ In this article, you'll use [components](#components-of-configuration-manager-op > [!NOTE] > Procedures in this guide use Configuration Manager version 1910. For more information about the versions of Windows 10 supported by Configuration Manager, see [Support for Windows 10](/mem/configmgr/core/plan-design/configs/support-for-windows-10). + - The [Active Directory Schema has been extended](/mem/configmgr/core/plan-design/network/extend-the-active-directory-schema) and System Management container created. + - Active Directory Forest Discovery and Active Directory System Discovery are [enabled](/mem/configmgr/core/servers/deploy/configure/configure-discovery-methods). + - IP range [boundaries and a boundary group](/mem/configmgr/core/servers/deploy/configure/define-site-boundaries-and-boundary-groups) for content and site assignment have been created. + - The Configuration Manager [reporting services](/mem/configmgr/core/servers/manage/configuring-reporting) point role has been added and configured. + - A file system folder structure and Configuration Manager console folder structure for packages has been created. Steps to verify or create this folder structure are [provided below](#review-the-sources-folder-structure). -- The [Windows ADK](/windows-hardware/get-started/adk-install) (including USMT) version 1903, Windows PE add-on, WSIM 1903 update, [MDT](https://www.microsoft.com/download/details.aspx?id=54259) version 8456, and DaRT 10 (part of [MDOP 2015](https://my.visualstudio.com/Downloads?q=Desktop%20Optimization%20Pack%202015)) are installed. + +- The [Windows ADK](/windows-hardware/get-started/adk-install) version that is [supported for the version of Configuration Manager](/mem/configmgr/core/plan-design/configs/support-for-windows-adk) that is installed, including the Windows PE add-on. USMT should be installed as part of the Windows ADK install. + +- [MDT](https://www.microsoft.com/download/details.aspx?id=54259) version 8456 + +- DaRT 10 (part of [MDOP 2015](https://my.visualstudio.com/Downloads?q=Desktop%20Optimization%20Pack%202015)) are installed. + - The [CMTrace tool](/configmgr/core/support/cmtrace) (cmtrace.exe) is installed on the distribution point. > [!NOTE] - > CMTrace is automatically installed with the current branch of Configuration Manager at **Program Files\Microsoft Configuration Manager\tools\cmtrace.exe**. + > CMTrace is automatically installed with the current branch of Configuration Manager at **`Program Files\Microsoft Configuration Manager\tools\cmtrace.exe`**. + +For the purposes of this guide, we'll use three server computers: DC01, CM01 and HV01. -For the purposes of this guide, we'll use three server computers: DC01, CM01 and HV01. - DC01 is a domain controller and DNS server for the contoso.com domain. DHCP services are also available and optionally installed on DC01 or another server. - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. - HV01 is a Hyper-V host computer that is used to build a Windows 10 reference image. This computer doesn't need to be a domain member. @@ -54,12 +66,12 @@ The following generic credentials are used in this guide. You should replace the - **Active Directory domain name**: `contoso.com` - **Domain administrator username**: `administrator` --**Domain administrator password**: `pass@word1` +- **Domain administrator password**: `pass@word1` ## Create the OU structure ->[!NOTE] ->If you've already [created the OU structure](../deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md#create-the-ou-structure) that was used in the OSD guide for MDT, the same structure is used here and you can skip this section. +> [!NOTE] +> If you've already [created the OU structure](../deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md#create-the-ou-structure) that was used in the OSD guide for MDT, the same structure is used here and you can skip this section. On **DC01**: @@ -107,25 +119,27 @@ A role-based model is used to configure permissions for the service accounts nee On **DC01**: -1. In the Active Directory Users and Computers console, browse to **contoso.com / Contoso / Service Accounts**. -2. Select the Service Accounts OU and create the CM\_JD account using the following settings: +1. In the Active Directory Users and Computers console, browse to **contoso.com** > **Contoso** > **Service Accounts**. - * Name: CM\_JD - * User sign-in name: CM\_JD - * Password: `pass@word1` - * User must change password at next logon: Clear - * User can't change password: Selected - * Password never expires: Selected +2. Select the Service Accounts OU and create the CM\_JD account using the following settings: -3. Repeat the step, but for the CM\_NAA account. -4. After creating the accounts, assign the following descriptions: + - Name: CM\_JD + - User sign-in name: CM\_JD + - Password: `pass@word1` + - User must change password at next logon: Clear + - User can't change password: Selected + - Password never expires: Selected - * CM\_JD: Configuration Manager Join Domain Account - * CM\_NAA: Configuration Manager Network Access Account +3. Repeat the step, but for the CM\_NAA account. + +4. After creating the accounts, assign the following descriptions: + + - CM\_JD: Configuration Manager Join Domain Account + - CM\_NAA: Configuration Manager Network Access Account ## Configure Active Directory permissions -In order for the Configuration Manager Join Domain Account (CM\_JD) to join machines into the contoso.com domain, you need to configure permissions in Active Directory. These steps assume you've downloaded the sample [Set-OUPermissions.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619362) and copied it to C:\\Setup\\Scripts on DC01. +In order for the Configuration Manager Join Domain Account (CM\_JD) to join machines into the contoso.com domain, you need to configure permissions in Active Directory. These steps assume you've downloaded the sample [Set-OUPermissions.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619362) and copied it to `C:\Setup\Scripts` on DC01. On **DC01**: @@ -139,18 +153,18 @@ On **DC01**: 2. The Set-OUPermissions.ps1 script allows the CM\_JD user account permissions to manage computer accounts in the Contoso / Computers / Workstations OU. The following list is that of permissions being granted: - * Scope: This object and all descendant objects - * Create Computer objects - * Delete Computer objects - * Scope: Descendant Computer objects - * Read All Properties - * Write All Properties - * Read Permissions - * Modify Permissions - * Change Password - * Reset Password - * Validated write to DNS host name - * Validated write to service principal name + - Scope: This object and all descendant objects + - Create Computer objects + - Delete Computer objects + - Scope: Descendant Computer objects + - Read All Properties + - Write All Properties + - Read Permissions + - Modify Permissions + - Change Password + - Reset Password + - Validated write to DNS host name + - Validated write to service principal name ## Review the Sources folder structure @@ -158,9 +172,6 @@ On **CM01**: To support the packages you create in this article, the following folder structure should be created on the Configuration Manager primary site server (CM01): ->[!NOTE] ->In most production environments, the packages are stored on a Distributed File System (DFS) share or a "normal" server share, but in a lab environment you can store them on the site server. - - D:\\Sources - D:\\Sources\\OSD - D:\\Sources\\OSD\\Boot @@ -173,11 +184,13 @@ To support the packages you create in this article, the following folder structu - D:\\Sources\\Software - D:\\Sources\\Software\\Adobe - D:\\Sources\\Software\\Microsoft +- D:\\Logs + +> [!NOTE] +> In most production environments, the packages are stored on a Distributed File System (DFS) share or a "normal" server share, but in a lab environment you can store them on the site server. You can run the following commands from an elevated Windows PowerShell prompt to create this folder structure: ->We'll also create the D:\Logs folder here which will be used later to support server-side logging. - ```powershell New-Item -ItemType Directory -Path "D:\Sources" New-Item -ItemType Directory -Path "D:\Sources\OSD" @@ -203,11 +216,13 @@ To extend the Configuration Manager console with MDT wizards and templates, inst On **CM01**: 1. Sign in as contoso\administrator. -2. Ensure the Configuration Manager Console is closed before continuing. -5. Select Start, type **Configure ConfigManager Integration**, and run the application the following settings: - * Site Server Name: CM01.contoso.com - * Site code: PS1 +2. Ensure the Configuration Manager Console is closed before continuing. + +3. Select Start, type **Configure ConfigManager Integration**, and run the application with the following settings: + + - Site Server Name: CM01.contoso.com + - Site code: PS1 ![figure 8.](../images/mdt-06-fig08.png) @@ -219,9 +234,11 @@ Most organizations want to display their name during deployment. In this section On **CM01**: -1. Open the Configuration Manager Console, select the Administration workspace, then select **Client Settings**. -2. In the right pane, right-click **Default Client Settings** and then select **Properties**. -3. In the **Computer Agent** node, in the **Organization name displayed in Software Center** text box, type in **Contoso** and select **OK**. +1. Open the Configuration Manager Console, select the **Administration** workspace, then select **Client Settings**. + +2. In the right pane, right-click **Default Client Settings** and then select **Properties**. + +3. In the **Computer Agent** node, in the **Organization name displayed in Software Center** text box, enter in **Contoso** and select **OK**. ![figure 9.](../images/mdt-06-fig10.png) @@ -237,9 +254,11 @@ Configuration Manager uses the Network Access account during the Windows 10 depl On **CM01**: -1. Using the Configuration Manager Console, in the Administration workspace, expand **Site Configuration** and select **Sites**. -2. Right-click **PS1 - Primary Site 1**, point to **Configure Site Components**, and then select **Software Distribution**. -3. On the **Network Access Account** tab, select **Specify the account that accesses network locations** and add the *New Account* **CONTOSO\\CM\_NAA** as the Network Access account (password: pass@word1). Use the new **Verify** option to verify that the account can connect to the **\\\\DC01\\sysvol** network share. +1. Using the Configuration Manager Console, in the **Administration** workspace, expand **Site Configuration** and select **Sites**. + +2. Right-click **PS1 - Primary Site 1**, point to **Configure Site Components**, and then select **Software Distribution**. + +3. On the **Network Access Account** tab, select **Specify the account that accesses network locations** and add the account **CONTOSO\\CM\_NAA** as the Network Access account (password: **pass@word1**). Use the new **Verify** option to verify that the account can connect to the **`\\DC01\sysvol`** network share. ![figure 11.](../images/mdt-06-fig12.png) @@ -251,36 +270,39 @@ Configuration Manager has many options for starting a deployment, but starting v On **CM01**: -1. In the Configuration Manager Console, in the Administration workspace, select **Distribution Points**. -2. Right-click the **\\\\CM01.CONTOSO.COM distribution point** and select **Properties**. -3. On the **PXE** tab, use the following settings: +1. In the Configuration Manager Console, in the **Administration** workspace, select **Distribution Points**. - * Enable PXE support for clients - * Allow this distribution point to respond to incoming PXE requests - * Enable unknown computer - * Require a password when computers use PXE - * Password and Confirm password: pass@word1 +2. Right-click the **\\\\CM01.CONTOSO.COM distribution point** and select **Properties**. + +3. On the **PXE** tab, use the following settings: + + - Enable PXE support for clients + - Allow this distribution point to respond to incoming PXE requests + - Enable unknown computer + - Require a password when computers use PXE + - Password and Confirm password: pass@word1 ![figure 12.](../images/mdt-06-fig13.png) Configure the CM01 distribution point for PXE. - >[!NOTE] - >If you select **Enable a PXE responder without Windows Deployment Service**, then WDS won't be installed, or if it's already installed it will be suspended, and the **ConfigMgr PXE Responder Service** (SccmPxe) will be used instead of WDS. The ConfigMgr PXE Responder doesn't support multicast. For more information, see [Install and configure distribution points](/configmgr/core/servers/deploy/configure/install-and-configure-distribution-points#bkmk_config-pxe). + > [!NOTE] + > If you select **Enable a PXE responder without Windows Deployment Service**, then WDS won't be installed, or if it's already installed it will be suspended, and the **ConfigMgr PXE Responder Service** (**SccmPxe**) will be used instead of WDS. The ConfigMgr PXE Responder doesn't support multicast. For more information, see [Install and configure distribution points](/configmgr/core/servers/deploy/configure/install-and-configure-distribution-points#bkmk_config-pxe). -4. Using the CMTrace tool, review the C:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file. Look for ConfigurePXE and CcmInstallPXE lines. +4. Using the CMTrace tool, review the **`C:\Program Files\Microsoft Configuration Manager\Logs\distmgr.log`** file. Look for the **ConfigurePXE** and **CcmInstallPXE** lines. ![figure 13.](../images/mdt-06-fig14.png) - The distmgr.log displays a successful configuration of PXE on the distribution point. + The `distmgr.log` displays a successful configuration of PXE on the distribution point. -5. Verify that you've seven files in each of the folders **D:\\RemoteInstall\\SMSBoot\\x86** and **D:\\RemoteInstall\\SMSBoot\\x64**. +5. Verify that you've seven files in each of the folders **`D:\RemoteInstall\SMSBoot\x86`** and **`D:\RemoteInstall\SMSBoot\x64`**. ![figure 14.](../images/mdt-06-fig15.png) The contents of the D:\\RemoteInstall\\SMSBoot\\x64 folder after you enable PXE. - **Note**: These files are used by WDS. They aren't used by the ConfigMgr PXE Responder. This article doesn't use the ConfigMgr PXE Responder. + > [!NOTE] + > These files are used by WDS. They aren't used by the ConfigMgr PXE Responder. This article doesn't use the ConfigMgr PXE Responder. Next, see [Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md). @@ -288,15 +310,24 @@ Next, see [Create a custom Windows PE boot image with Configuration Manager](cre Operating system deployment with Configuration Manager is part of the normal software distribution infrastructure, but there are more components. For example, operating system deployment in Configuration Manager may use the State Migration Point role, which isn't used by normal application deployment in Configuration Manager. This section describes the Configuration Manager components involved with the deployment of an operating system, such as Windows 10. -- **State migration point (SMP).** The state migration point is used to store user state migration data during computer replace scenarios. -- **Distribution point (DP).** The distribution point is used to store all packages in Configuration Manager, including the operating system deployment-related packages. -- **Software update point (SUP).** The software update point, which is normally used to deploy updates to existing machines, also can be used to update an operating system as part of the deployment process. You also can use offline servicing to update the image directly on the Configuration Manager server. -- **Reporting services point.** The reporting services point can be used to monitor the operating system deployment process. -- **Boot images.** Boot images are the Windows Preinstallation Environment (Windows PE) images Configuration Manager uses to start the deployment. -- **Operating system images.** The operating system image package contains only one file, the custom .wim image. This image is typically the production deployment image. -- **Operating system installers.** The operating system installers were originally added to create reference images using Configuration Manager. Instead, we recommend that you use MDT Lite Touch to create your reference images. For more information on how to create a reference image, see [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md). -- **Drivers.** Like MDT Lite Touch, Configuration Manager also provides a repository (catalog) of managed device drivers. -- **Task sequences.** The task sequences in Configuration Manager look and feel much like the sequences in MDT Lite Touch, and they're used for the same purpose. However, in Configuration Manager, the task sequence is delivered to the clients as a policy via the Management Point (MP). MDT provides more task sequence templates to Configuration Manager. +- **State migration point (SMP).** The state migration point is used to store user state migration data during computer replace scenarios. + +- **Distribution point (DP).** The distribution point is used to store all packages in Configuration Manager, including the operating system deployment-related packages. + +- **Software update point (SUP).** The software update point, which is normally used to deploy updates to existing machines, also can be used to update an operating system as part of the deployment process. You also can use offline servicing to update the image directly on the Configuration Manager server. + +- **Reporting services point.** The reporting services point can be used to monitor the operating system deployment process. + +- **Boot images.** Boot images are the Windows Preinstallation Environment (Windows PE) images Configuration Manager uses to start the deployment. + +- **Operating system images.** The operating system image package contains only one file, the custom .wim image. This image is typically the production deployment image. + +- **Operating system installers.** The operating system installers were originally added to create reference images using Configuration Manager. Instead, we recommend that you use MDT Lite Touch to create your reference images. For more information on how to create a reference image, see [Create a Windows 10 reference image](../deploy-windows-mdt/create-a-windows-10-reference-image.md). + +- **Drivers.** Like MDT Lite Touch, Configuration Manager also provides a repository (catalog) of managed device drivers. + +- **Task sequences.** The task sequences in Configuration Manager look and feel much like the sequences in MDT Lite Touch, and they're used for the same purpose. However, in Configuration Manager, the task sequence is delivered to the clients as a policy via the Management Point (MP). MDT provides more task sequence templates to Configuration Manager. + > [!NOTE] > The Windows Assessment and Deployment Kit (ADK) for Windows 10 is also required to support management and deployment of Windows 10. @@ -304,28 +335,31 @@ Operating system deployment with Configuration Manager is part of the normal sof As noted above, MDT adds many enhancements to Configuration Manager. While these enhancements are called Zero Touch, that name doesn't reflect how deployment is conducted. The following sections provide a few samples of the 280 enhancements that MDT adds to Configuration Manager. ->[!NOTE] ->MDT installation requires the following: ->- The Windows ADK for Windows 10 (installed in the previous procedure) ->- Windows PowerShell ([version 5.1](https://www.microsoft.com/download/details.aspx?id=54616) is recommended; type **$host** to check) ->- Microsoft .NET Framework +> [!NOTE] +> MDT installation requires the following: +> +> - The Windows ADK for Windows 10 (installed in the previous procedure) +> - Windows PowerShell ([version 5.1](https://www.microsoft.com/download/details.aspx?id=54616) is recommended; type **$host** to check) +> - Microsoft .NET Framework ### MDT enables dynamic deployment -When MDT is integrated with Configuration Manager, the task sequence takes more instructions from the MDT rules. In its most simple form, these settings are stored in a text file, the CustomSettings.ini file, but you can store the settings in Microsoft SQL Server databases, or have Microsoft Visual Basic Scripting Edition (VBScripts) or web services provide the settings used. +When MDT is integrated with Configuration Manager, the task sequence processes more instructions from the MDT rules. In its most simple form, these settings are stored in a text file, the `CustomSettings.ini` file, but you can store the settings in Microsoft SQL Server databases, or have Microsoft Visual Basic Scripting Edition (VBScripts) or web services provide the settings used. The task sequence uses instructions that allow you to reduce the number of task sequences in Configuration Manager and instead store settings outside the task sequence. Here are a few examples: -- The following settings instruct the task sequence to install the HP Hotkeys package, but only if the hardware is an HP EliteBook 8570w. You don't have to add the package to the task sequence. - ``` syntax +- The following settings instruct the task sequence to install the HP Hotkeys package, but only if the hardware is an HP EliteBook 8570w. You don't have to add the package to the task sequence. + + ```ini [Settings] Priority=Model [HP EliteBook 8570w] Packages001=PS100010:Install HP Hotkeys ``` -- The following settings instruct the task sequence to put laptops and desktops in different organizational units (OUs) during deployment, assign different computer names, and finally have the task sequence install the Cisco VPN client, but only if the machine is a laptop. - ``` syntax +- The following settings instruct the task sequence to put laptops and desktops in different organizational units (OUs) during deployment, assign different computer names, and finally have the task sequence install the Cisco VPN client, but only if the machine is a laptop. + + ```ini [Settings] Priority= ByLaptopType, ByDesktopType [ByLaptopType] @@ -373,13 +407,17 @@ MDT Zero Touch simply extends Configuration Manager with many useful built-in op ### Why use MDT Lite Touch to create reference images -You can create reference images for Configuration Manager in Configuration Manager, but in general we recommend creating them in MDT Lite Touch for the following reasons: +You can create reference images for Configuration Manager in Configuration Manager, but in general it is recommended to create them in MDT Lite Touch for the following reasons: -- You can use the same image for every type of operating system deployment - Microsoft Virtual Desktop Infrastructure (VDI), Microsoft System Center Virtual Machine Manager (VMM), MDT, Configuration Manager, Windows Deployment Services (WDS), and more. -- Configuration Manager performs deployment in the LocalSystem context, which means that you can't configure the Administrator account with all of the settings that you would like to be included in the image. MDT runs in the context of the Local Administrator, which means you can configure the look and feel of the configuration and then use the CopyProfile functionality to copy these changes to the default user during deployment. -- The Configuration Manager task sequence doesn't suppress user interface interaction. -- MDT Lite Touch supports a Suspend action that allows for reboots, which is useful when you need to perform a manual installation or check the reference image before it's automatically captured. -- MDT Lite Touch doesn't require any infrastructure and is easy to delegate. +- You can use the same image for every type of operating system deployment - Microsoft Virtual Desktop Infrastructure (VDI), Microsoft System Center Virtual Machine Manager (VMM), MDT, Configuration Manager, Windows Deployment Services (WDS), and more. + +- Configuration Manager performs deployment in the LocalSystem context, which means that you can't configure the Administrator account with all of the settings that you would like to be included in the image. MDT runs in the context of the Local Administrator, which means you can configure the look and feel of the configuration and then use the CopyProfile functionality to copy these changes to the default user during deployment. + +- The Configuration Manager task sequence suppresses user interface interaction. + +- MDT Lite Touch supports a Suspend action that allows for reboots, which is useful when you need to perform a manual installation or check the reference image before it's automatically captured. + +- MDT Lite Touch doesn't require any infrastructure and is easy to delegate. ## Related articles diff --git a/windows/deployment/deploy-windows-cm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md index 473643d7e9..d87aff2989 100644 --- a/windows/deployment/deploy-windows-cm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md @@ -15,7 +15,7 @@ ms.date: 10/27/2022 # Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager -**Applies to** +*Applies to:* - Windows 10 @@ -23,29 +23,31 @@ This article will show you how to refresh a Windows 7 SP1 client with Windows 10 A computer refresh with Configuration Manager works the same as it does with MDT Lite Touch installation. Configuration Manager also uses the User State Migration Tool (USMT) from the Windows Assessment and Deployment Kit (Windows ADK) 10 in the background. A computer refresh with Configuration Manager has the following steps: -1. Data and settings are backed up locally in a backup folder. -2. The partition is wiped, except for the backup folder. -3. The new operating system image is applied. -4. Other applications are installed. -5. Data and settings are restored. +1. Data and settings are backed up locally in a backup folder. +2. The partition is wiped, except for the backup folder. +3. The new operating system image is applied. +4. Other applications are installed. +5. Data and settings are restored. ## Infrastructure -An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). +An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). For the purposes of this article, we'll use one server computer (CM01) and one client computer (PC0003). + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. + - PC0003 is a domain member client computer running Windows 7 SP1, or a later version of Windows, with the Configuration Manager client installed, that will be refreshed to Windows 10. ->[!NOTE] ->If desired, PC0003 can be a VM hosted on the server HV01, which is a Hyper-V host computer that we used previously to build a Windows 10 reference image. However, if PC0003 is a VM then you must ensure it has sufficient resources available to run the Configuration Manager OSD task sequence. 2GB of RAM or more is recommended. +> [!NOTE] +> If desired, PC0003 can be a VM hosted on the server HV01, which is a Hyper-V host computer that we used previously to build a Windows 10 reference image. However, if PC0003 is a VM then you must ensure it has sufficient resources available to run the Configuration Manager OSD task sequence. 2GB of RAM or more is recommended. -All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. +All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. All server and client computers referenced in this guide are on the same subnet. This interrelation isn't required, but each server and client computer must be able to connect to each other to share files, and to resolve all DNS names and Active Directory information for the contoso.com domain. Internet connectivity is also required to download OS and application updates. ->[!IMPORTANT] ->This article assumes that you have [configured Active Directory permissions](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md#configure-active-directory-permissions) in the specified OU for the **CM_JD** account, and the client's Active Directory computer account is in the **Contoso > Computers > Workstations** OU. Use the Active Directory Users and Computers console to review the location of computer objects and move them if needed. +> [!IMPORTANT] +> This article assumes that you have [configured Active Directory permissions](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md#configure-active-directory-permissions) in the specified OU for the **CM_JD** account, and the client's Active Directory computer account is in the **Contoso** > **Computers** > **Workstations** OU. Use the Active Directory Users and Computers console to review the location of computer objects and move them if needed. ## Verify the Configuration Manager client settings @@ -53,8 +55,10 @@ To verify that PC003 is correctly assigned to the PS1 site: On **PC0003**: -1. Open the Configuration Manager control panel (control smscfgrc). +1. Open the Configuration Manager control panel (`control.exe smscfgrc`). + 2. On the **Site** tab, select **Configure Settings**, then select **Find Site**. + 3. Verify that Configuration Manager has successfully found a site to manage this client is displayed. See the following example. ![Found a site to manage this client.](../images/pc0003a.png) @@ -63,49 +67,49 @@ On **PC0003**: On **CM01**: -1. Using the Configuration Manager console, in the Asset and Compliance workspace, expand **Overview**, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: +1. Using the Configuration Manager console, in the **Asset and Compliance** workspace, expand **Overview**, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: - * General - * Name: Install Windows 10 Enterprise x64 - * Limited Collection: All Systems - * Membership rules - * Add Rule: Direct rule - * Resource Class: System Resource - * Attribute Name: Name - * Value: PC0003 - * Select Resources - * Select **PC0003** + - General + - Name: Install Windows 10 Enterprise x64 + - Limited Collection: All Systems + - Membership rules + - Add Rule: Direct rule + - Resource Class: System Resource + - Attribute Name: Name + - Value: PC0003 + - Select Resources + - Select **PC0003** - Use the default settings to complete the remaining wizard pages and select **Close**. + Use the default settings to complete the remaining wizard pages and select **Close**. -2. Review the Install Windows 10 Enterprise x64 collection. Don't continue until you see the PC0003 machine in the collection. +2. Review the Install Windows 10 Enterprise x64 collection. Don't continue until you see the PC0003 machine in the collection. - >[!NOTE] - >It may take a short while for the collection to refresh; you can view progress via the Colleval.log file. If you want to speed up the process, you can manually update membership on the Install Windows 10 Enterprise x64 collection by right-clicking the collection and selecting Update Membership. + > [!NOTE] + > It may take a short while for the collection to refresh; you can view progress via the `Colleval.log` file. If you want to speed up the process, you can manually update membership on the Install Windows 10 Enterprise x64 collection by right-clicking the collection and selecting Update Membership. ## Create a new deployment On **CM01**: -Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, select **Task Sequences**, right-click **Windows 10 Enterprise x64 RTM**, and then select **Deploy**. Use the below settings: +Using the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, select **Task Sequences**, right-click **Windows 10 Enterprise x64 RTM**, and then select **Deploy**. Use the below settings: - General - - Collection: Install Windows 10 Enterprise x64 + - Collection: Install Windows 10 Enterprise x64 - Deployment Settings - - Purpose: Available - - Make available to the following: Configuration Manager clients, media and PXE + - Purpose: Available + - Make available to the following: Configuration Manager clients, media and PXE - >[!NOTE] - >It's not necessary to make the deployment available to media and Pre-Boot Execution Environment (PXE) for a computer refresh, but you will use the same deployment for bare-metal deployments later on and you will need it at that point. + > [!NOTE] + > It's not necessary to make the deployment available to media and Pre-Boot Execution Environment (PXE) for a computer refresh, but you will use the same deployment for bare-metal deployments later on and you will need it at that point. - Scheduling - - <default> + - *\* - User Experience - - <default> + - *\* - Alerts - - <default> + - *\* - Distribution Points - - <default> + - *\* ## Initiate a computer refresh @@ -113,12 +117,14 @@ Now you can start the computer refresh on PC0003. On **CM01**: -1. Using the Configuration Manager console, in the Assets and Compliance workspace, select the **Install Windows 10 Enterprise x64** collection, right-click **PC0003**, point to **Client Notification**, select **Download Computer Policy**, and then select **OK** in the popup dialog box that appears. +1. Using the Configuration Manager console, in the **Assets and Compliance** workspace, select the **Install Windows 10 Enterprise x64** collection, right-click **PC0003**, point to **Client Notification**, select **Download Computer Policy**, and then select **OK** in the popup dialog box that appears. On **PC0003**: -1. Open the Software Center (select Start and type **Software Center**, or select the **New software is available** balloon in the system tray), select **Operating Systems** and select the **Windows 10 Enterprise x64 RTM** deployment, then select **Install**. -2. In the **Software Center** warning dialog box, select **Install Operating System**. +1. Open the Software Center (select Start and type **Software Center**, or select the **New software is available** balloon in the system tray), select **Operating Systems** and select the **Windows 10 Enterprise x64 RTM** deployment, then select **Install**. + +2. In the **Software Center** warning dialog box, select **Install Operating System**. + 3. The client computer will run the Configuration Manager task sequence, boot into Windows PE, and install the new OS and applications. See the following examples: ![Task sequence example 1.](../images/pc0003b.png)
diff --git a/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md index 45a35d3282..dd75747e26 100644 --- a/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md @@ -16,7 +16,7 @@ ms.date: 10/27/2022 # Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager -**Applies to** +*Applies to:* - Windows 10 @@ -26,46 +26,56 @@ In this article, you'll create a backup-only task sequence that you run on PC000 ## Infrastructure -An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). +An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). For the purposes of this article, we'll use one server computer (CM01) and two client computers (PC0004, PC0006). + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. - - Important: CM01 must include the **[State migration point](/configmgr/osd/get-started/manage-user-state#BKMK_StateMigrationPoint)** role for the replace task sequence used in this article to work. + - Important: CM01 must include the **[State migration point](/configmgr/osd/get-started/manage-user-state#BKMK_StateMigrationPoint)** role for the replace task sequence used in this article to work. + - PC0004 is a domain member client computer running Windows 7 SP1, or a later version of Windows, with the Configuration Manager client installed, that will be replaced. + - PC0006 is a domain member client computer running Windows 10, with the Configuration Manager client installed, that will replace PC0004. ->[!NOTE] ->PC0004 and PC006 can be VMs hosted on the server HV01, which is a Hyper-V host computer that we used previously to build a Windows 10 reference image. However, the VMs must have sufficient resources available to run the Configuration Manager OSD task sequence. 2GB of RAM or more is recommended. +> [!NOTE] +> PC0004 and PC006 can be VMs hosted on the server HV01, which is a Hyper-V host computer that we used previously to build a Windows 10 reference image. However, the VMs must have sufficient resources available to run the Configuration Manager OSD task sequence. 2GB of RAM or more is recommended. -All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. +All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. All server and client computers referenced in this guide are on the same subnet. This interrelation isn't required, but each server and client computer must be able to connect to each other to share files, and to resolve all DNS names and Active Directory information for the contoso.com domain. Internet connectivity is also required to download OS and application updates. ->[!IMPORTANT] ->This article assumes that you have [configured Active Directory permissions](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md#configure-active-directory-permissions) in the specified OU for the **CM_JD** account, and the client's Active Directory computer account is in the **Contoso > Computers > Workstations** OU. Use the Active Directory Users and Computers console to review the location of computer objects and move them if needed. +> [!IMPORTANT] +> This article assumes that you have [configured Active Directory permissions](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md#configure-active-directory-permissions) in the specified OU for the **CM_JD** account, and the client's Active Directory computer account is in the **Contoso > Computers > Workstations** OU. Use the Active Directory Users and Computers console to review the location of computer objects and move them if needed. ## Create a replace task sequence On **CM01**: -1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**. +1. Using the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**. + 2. On the **Choose Template** page, select the **Client Replace Task Sequence** template and select **Next**. + 3. On the **General** page, assign the following settings and select **Next**: - * Task sequence name: Replace Task Sequence - * Task sequence comments: USMT backup only + - Task sequence name: Replace Task Sequence + - Task sequence comments: USMT backup only 4. On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then select **Next**. + 5. On the **MDT Package** page, browse and select the **OSD / MDT** package. Then select **Next**. + 6. On the **USMT Package** page, browse and select the **OSD / Microsoft Corporation User State Migration Tool for Windows** package. Then select **Next**. + 7. On the **Settings Package** page, browse and select the **OSD / Windows 10 x64 Settings** package. Then select **Next**. + 8. On the **Summary** page, review the details and then select **Next**. + 9. On the **Confirmation** page, select **Finish**. -10. Review the Replace Task Sequence. +10. Review the Replace Task Sequence. - >[!NOTE] - >This task sequence has many fewer actions than the normal client task sequence. If it doesn't seem different, make sure you selected the **Client Replace Task Sequence** template when creating the task sequence. + > [!NOTE] + > This task sequence has many fewer actions than the normal client task sequence. If it doesn't seem different, make sure you selected the **Client Replace Task Sequence** template when creating the task sequence. ![The back-up only task sequence.](../images/mdt-06-fig42.png "The back-up only task sequence") @@ -77,70 +87,78 @@ This section walks you through the process of associating a new, blank device (P On **HV01** (if PC0006 is a VM) or in the PC0006 BIOS: -1. Make a note of the MAC address for PC0006. (If PC0006 is a virtual machine, you can see the MAC Address in the virtual machine settings.) In our example, the PC0006 MAC Address is 00:15:5D:0A:6A:96. Don't attempt to PXE boot PC0006 yet. +1. Make a note of the MAC address for PC0006. (If PC0006 is a virtual machine, you can see the MAC Address in the virtual machine settings.) In our example, the PC0006 MAC Address is 00:15:5D:0A:6A:96. Don't attempt to PXE boot PC0006 yet. On **CM01**: -2. When you're using the Configuration Manager console, in the Assets and Compliance workspace, right-click **Devices**, and then select **Import Computer Information**. -3. On the **Select Source** page, select **Import single computer** and select **Next**. -4. On the **Single Computer** page, use the following settings and then select **Next**: +1. When you're using the Configuration Manager console, in the **Assets and Compliance** workspace, right-click **Devices**, and then select **Import Computer Information**. - * Computer Name: PC0006 - * MAC Address: <the mac address that you wrote down> - * Source Computer: PC0004 +2. On the **Select Source** page, select **Import single computer** and select **Next**. + +3. On the **Single Computer** page, use the following settings and then select **Next**: + + - Computer Name: PC0006 + - MAC Address: *\ + - Source Computer: PC0004 ![Create the computer association.](../images/mdt-06-fig43.png "Create the computer association") Creating the computer association between PC0004 and PC0006. -5. On the **User Accounts** page, select **Capture and restore all user accounts** and select **Next**. -6. On the **Data Preview** page, select **Next**. -7. On the **Choose additional collections** page, select **Add** and then select the **Install Windows 10 Enterprise x64** collection. Now, select the checkbox next to the Install Windows 10 Enterprise x64 collection you just added, and then select **Next**. -8. On the **Summary** page, select **Next**, and then select **Close**. -9. Select the **User State Migration** node and review the computer association in the right hand pane. -10. Right-click the **PC0004/PC0006** association and select **View Recovery Information**. A recovery key has been assigned already, but a user state store location hasn't. -11. Review the **Install Windows 10 Enterprise x64** collection. Don't continue until you see the **PC0006** computer in the collection. You might have to update membership and refresh the collection again. +4. On the **User Accounts** page, select **Capture and restore all user accounts** and select **Next**. + +5. On the **Data Preview** page, select **Next**. + +6. On the **Choose additional collections** page, select **Add** and then select the **Install Windows 10 Enterprise x64** collection. Now, select the checkbox next to the Install Windows 10 Enterprise x64 collection you just added, and then select **Next**. + +7. On the **Summary** page, select **Next**, and then select **Close**. + +8. Select the **User State Migration** node and review the computer association in the right hand pane. + +9. Right-click the **PC0004/PC0006** association and select **View Recovery Information**. A recovery key has been assigned already, but a user state store location hasn't. + +10. Review the **Install Windows 10 Enterprise x64** collection. Don't continue until you see the **PC0006** computer in the collection. You might have to update membership and refresh the collection again. ## Create a device collection and add the PC0004 computer On **CM01**: -1. When you're using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: +1. When you're using the Configuration Manager console, in the **Asset and Compliance** workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: - * General - * Name: USMT Backup (Replace) - * Limited Collection: All Systems - * Membership rules: - * Add Rule: Direct rule - * Resource Class: System Resource - * Attribute Name: Name - * Value: PC0004 - * Select Resources: - * Select **PC0004** + - General + - Name: USMT Backup (Replace) + - Limited Collection: All Systems + - Membership rules: + - Add Rule: Direct rule + - Resource Class: System Resource + - Attribute Name: Name + - Value: PC0004 + - Select Resources: + - Select **PC0004** Use default settings for the remaining wizard pages, then select **Close**. -2. Review the **USMT Backup (Replace)** collection. Don't continue until you see the **PC0004** computer in the collection. +2. Review the **USMT Backup (Replace)** collection. Don't continue until you see the **PC0004** computer in the collection. ## Create a new deployment On **CM01**: -Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, select **Task Sequences**, right-click **Replace Task Sequence**, and then select **Deploy**. Use the following settings: +Using the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, select **Task Sequences**, right-click **Replace Task Sequence**, and then select **Deploy**. Use the following settings: -- General - - Collection: USMT Backup (Replace) -- Deployment Settings - - Purpose: Available - - Make available to the following: Only Configuration Manager Clients -- Scheduling - - <default> -- User Experience - - <default> -- Alerts - - <default> -- Distribution Points - - <default> +- General + - Collection: USMT Backup (Replace) +- Deployment Settings + - Purpose: Available + - Make available to the following: Only Configuration Manager Clients +- Scheduling + - *\ +- User Experience + - *\ +- Alerts + - *\ +- Distribution Points + - *\ ## Verify the backup @@ -148,15 +166,17 @@ This section assumes that you have a computer named PC0004 with the Configuratio On **PC0004**: -1. If it's not already started, start the PC0004 computer and open the Configuration Manager control panel (control smscfgrc). -2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, select **Run Now**, and then select **OK** in the popup dialog box that appears. +1. If it's not already started, start the PC0004 computer and open the Configuration Manager control panel (**`control.exe smscfgrc`**). +2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, select **Run Now**, and then select **OK** in the popup dialog box that appears. - >[!NOTE] - >You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md). + > [!NOTE] + > You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md). -3. Open the Software Center, select the **Replace Task Sequence** deployment and then select **Install**. -4. Confirm you want to upgrade the operating system on this computer by clicking **Install** again. -5. Allow the Replace Task Sequence to complete. The PC0004 computer will gather user data, boot into Windows PE and gather more data, then boot back to the full OS. The entire process should only take a few minutes. +3. Open the Software Center, select the **Replace Task Sequence** deployment and then select **Install**. + +4. Confirm you want to upgrade the operating system on this computer by clicking **Install** again. + +5. Allow the Replace Task Sequence to complete. The PC0004 computer will gather user data, boot into Windows PE and gather more data, then boot back to the full OS. The entire process should only take a few minutes. ![Task sequence example.](../images/pc0004b.png) @@ -164,11 +184,12 @@ Capturing the user state On **CM01**: -6. Open the state migration point storage folder (ex: D:\Migdata) and verify that a subfolder was created containing the USMT backup. -7. Using the Configuration Manager console, in the Assets and Compliance workspace, select the **User State Migration** node, right-click the **PC0004/PC0006** association, and select **View Recovery Information**. The object now also has a user state store location. +1. Open the state migration point storage folder (ex: D:\Migdata) and verify that a subfolder was created containing the USMT backup. - >[!NOTE] - >It may take a few minutes for the user state store location to be populated. +2. Using the Configuration Manager console, in the **Assets and Compliance** workspace, select the **User State Migration** node, right-click the **PC0004/PC0006** association, and select **View Recovery Information**. The object now also has a user state store location. + + > [!NOTE] + > It may take a few minutes for the user state store location to be populated. ## Deploy the new computer @@ -176,16 +197,16 @@ On **PC0006**: 1. Start the PC0006 virtual machine (or physical computer), press **F12** to Pre-Boot Execution Environment (PXE) boot when prompted. Allow it to boot Windows Preinstallation Environment (Windows PE), and then complete the deployment wizard using the following settings: - * Password: pass@word1 - * Select a task sequence to execute on this computer: Windows 10 Enterprise x64 RTM + - Password: pass@word1 + - Select a task sequence to execute on this computer: Windows 10 Enterprise x64 RTM -2. The setup now starts and does the following steps: +2. The setup now starts and does the following steps: - * Installs the Windows 10 operating system - * Installs the Configuration Manager client - * Joins it to the domain - * Installs the applications - * Restores the PC0004 backup + - Installs the Windows 10 operating system + - Installs the Configuration Manager client + - Joins it to the domain + - Installs the applications + - Restores the PC0004 backup When the process is complete, you'll have a new Windows 10 computer in your domain with user data and settings restored. See the following examples: diff --git a/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md b/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md index 687b63ad7c..db3236d549 100644 --- a/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md @@ -15,25 +15,25 @@ ms.date: 10/27/2022 # Perform an in-place upgrade to Windows 10 using Configuration Manager +*Applies to:* -**Applies to** - -- Windows 10 +- Windows 10 The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Microsoft Configuration Manager task sequence to completely automate the process. ->[!IMPORTANT] ->Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must be removed from a device before performing an in-place upgrade to Windows 10. +> [!IMPORTANT] +> Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must be removed from a device before performing an in-place upgrade to Windows 10. ## Infrastructure -An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). +An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). For the purposes of this article, we'll use one server computer (CM01) and one client computer (PC0004). + - CM01 is a domain member server and Configuration Manager software distribution point. In this guide, CM01 is a standalone primary site server. - PC0004 is a domain member client computer running Windows 7 SP1, or a later version of Windows, with the Configuration Manager client installed, that will be upgraded to Windows 10. -All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. +All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. All server and client computers referenced in this guide are on the same subnet. This interrelation isn't required. But each server and client computer must be able to connect to each other to share files, and to resolve all DNS names and Active Directory information for the `contoso.com` domain. Internet connectivity is also required to download OS and application updates. @@ -43,30 +43,40 @@ Configuration Manager Current Branch includes a native in-place upgrade task. Th On **CM01**: -1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Operating System Upgrade Packages**, and select **Add Operating System Upgrade Package**. -2. On the **Data Source** page, under **Path**, select **Browse** and enter the UNC path to your media source. In this example, we've extracted the Windows 10 installation media to **\\\\cm01\\Sources$\\OSD\\UpgradePackages\\Windows 10**. +1. Using the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Operating System Upgrade Packages**, and select **Add Operating System Upgrade Package**. + +2. On the **Data Source** page, under **Path**, select **Browse** and enter the UNC path to your media source. In this example, we've extracted the Windows 10 installation media to **`\\cm01\Sources$\OSD\UpgradePackages\Windows 10`**. + 3. If you have multiple image indexes in the installation media, select **Extract a specific image index from install.wim...** and choose the image index you want from the dropdown menu. In this example, we've chosen **Windows 10 Enterprise**. + 4. Next to **Architecture**, select **x64**, choose a language from the dropdown menu next to **Language**, and then select **Next**. + 5. Next to **Name**, enter **Windows 10 x64 RTM** and then complete the wizard by clicking **Next** and **Close**. -6. Distribute the OS upgrade package to the CM01 distribution point by right-clicking the **Windows 10 x64 RTM** OS upgrade package and then clicking **Distribute Content**. -7. In the Distribute Content Wizard, add the CM01 distribution point, select **Next** and select **Close**. -8. View the content status for the Windows 10 x64 RTM upgrade package. Don't continue until the distribution is completed (it might take a few minutes). You also can review the D:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for the **STATMSG: ID=2301** line. + +6. Distribute the OS upgrade package to the CM01 distribution point by right-clicking the **Windows 10 x64 RTM** OS upgrade package and then clicking **Distribute Content**. + +7. In the Distribute Content Wizard, add the CM01 distribution point, select **Next** and select **Close**. + +8. View the content status for the Windows 10 x64 RTM upgrade package. Don't continue until the distribution is completed (it might take a few minutes). You also can review the **`D:\Program Files\Microsoft Configuration Manager\Logs\distmgr.log`** file and look for the **STATMSG: ID=2301** line. ## Create an in-place upgrade task sequence On **CM01**: -1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create Task Sequence**. +1. Using the Configuration Manager console, in the **Software Library** workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create Task Sequence**. + 2. On the **Create a new task sequence** page, select **Upgrade an operating system from an upgrade package** and select **Next**. + 3. Use the below settings to complete the wizard: - * Task sequence name: Upgrade Task Sequence - * Description: In-place upgrade - * Upgrade package: Windows 10 x64 RTM - * Include software updates: Don't install any software updates - * Install applications: OSD \ Adobe Acrobat Reader DC + - Task sequence name: Upgrade Task Sequence + - Description: In-place upgrade + - Upgrade package: Windows 10 x64 RTM + - Include software updates: Don't install any software updates + - Install applications: OSD \ Adobe Acrobat Reader DC 4. Complete the wizard, and select **Close**. + 5. Review the Upgrade Task Sequence. ![The upgrade task sequence.](../images/cm-upgrade-ts.png) @@ -79,7 +89,7 @@ After you create the upgrade task sequence, you can create a collection to test On **CM01**: -1. When you're using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: +1. When you're using the Configuration Manager console, in the **Asset and Compliance** workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: - General - Name: Windows 10 x64 in-place upgrade - Limited Collection: All Systems @@ -91,7 +101,7 @@ On **CM01**: - Select Resources - Select PC0004 -2. Review the Windows 10 x64 in-place upgrade collection. Don't continue until you see PC0004 in the collection. +2. Review the Windows 10 x64 in-place upgrade collection. Don't continue until you see PC0004 in the collection. ## Deploy the Windows 10 upgrade @@ -99,15 +109,23 @@ In this section, you create a deployment for the Windows 10 Enterprise x64 Updat On **CM01**: -1. Using the Configuration Manager console, in the Software Library workspace, right-click the **Upgrade Task Sequence** task sequence, and then select **Deploy**. -2. On the **General** page, browse and select the **Windows 10 x64 in-place upgrade** collection, and then select **Next**. -3. On the **Content** page, select **Next**. -4. On the **Deployment Settings** page, select **Next**: -5. On the **Scheduling** page, accept the default settings, and then select **Next**. -6. On the **User Experience** page, accept the default settings, and then select **Next**. -7. On the **Alerts** page, accept the default settings, and then select **Next**. -7. On the **Distribution Points** page, accept the default settings, and then select **Next**. -8. On the **Summary** page, select **Next**, and then select **Close**. +1. Using the Configuration Manager console, in the **Software Library** workspace, right-click the **Upgrade Task Sequence** task sequence, and then select **Deploy**. + +2. On the **General** page, browse and select the **Windows 10 x64 in-place upgrade** collection, and then select **Next**. + +3. On the **Content** page, select **Next**. + +4. On the **Deployment Settings** page, select **Next**: + +5. On the **Scheduling** page, accept the default settings, and then select **Next**. + +6. On the **User Experience** page, accept the default settings, and then select **Next**. + +7. On the **Alerts** page, accept the default settings, and then select **Next**. + +8. On the **Distribution Points** page, accept the default settings, and then select **Next**. + +9. On the **Summary** page, select **Next**, and then select **Close**. ## Start the Windows 10 upgrade @@ -115,15 +133,18 @@ Next, run the in-place upgrade task sequence on PC0004. On **PC0004**: -1. Open the Configuration Manager control panel (control smscfgrc). -2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, select **Run Now**, and then select **OK** in the popup dialog box that appears. +1. Open the Configuration Manager control panel (`control.exe smscfgrc`). - >[!NOTE] - >You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md). +2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, select **Run Now**, and then select **OK** in the popup dialog box that appears. -3. Open the Software Center, select the **Upgrade Task Sequence** deployment and then select **Install**. -4. Confirm you want to upgrade the operating system on this computer by clicking **Install** again. -5. Allow the Upgrade Task Sequence to complete. The PC0004 computer will download the install.wim file, perform an in-place upgrade, and install your added applications. See the following examples: + > [!NOTE] + > You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md). + +3. Open the Software Center, select the **Upgrade Task Sequence** deployment and then select **Install**. + +4. Confirm you want to upgrade the operating system on this computer by clicking **Install** again. + +5. Allow the Upgrade Task Sequence to complete. The PC0004 computer will download the **Operating System Upgrade Package** (the Windows installation source files), perform an in-place upgrade, and install your added applications. See the following examples: ![Upgrade task sequence example 1.](../images/pc0004-a.png)
![Upgrade task sequence example 2.](../images/pc0004-b.png)
diff --git a/windows/deployment/do/TOC.yml b/windows/deployment/do/TOC.yml index 4589ac5834..07805dc6fb 100644 --- a/windows/deployment/do/TOC.yml +++ b/windows/deployment/do/TOC.yml @@ -1,51 +1,67 @@ -- name: Delivery Optimization for Windows client +- name: Delivery Optimization for Windows client and Microsoft Connected Cache href: index.yml +- name: What's new + href: whats-new-do.md items: - - name: Get started - items: - - name: What is Delivery Optimization - href: waas-delivery-optimization.md - - name: What's new - href: whats-new-do.md - - name: Delivery Optimization Frequently Asked Questions - href: waas-delivery-optimization-faq.yml - - - - - name: Configure Delivery Optimization +- name: Delivery Optimization + items: + - name: What is Delivery Optimization + href: waas-delivery-optimization.md + - name: Delivery Optimization Frequently Asked Questions + href: waas-delivery-optimization-faq.yml + - name: Configure Delivery Optimization for Windows clients + items: + - name: Windows client Delivery Optimization settings + href: waas-delivery-optimization-setup.md#recommended-delivery-optimization-settings + - name: Configure Delivery Optimization settings using Microsoft Intune + href: /mem/intune/configuration/delivery-optimization-windows + - name: Resources for Delivery Optimization + items: + - name: Set up Delivery Optimization for Windows + href: waas-delivery-optimization-setup.md + - name: Delivery Optimization reference + href: waas-delivery-optimization-reference.md + - name: Delivery Optimization client-service communication + href: delivery-optimization-workflow.md + - name: Using a proxy with Delivery Optimization + href: delivery-optimization-proxy.md +- name: Microsoft Connected Cache + items: + - name: Microsoft Connected Cache overview + href: waas-microsoft-connected-cache.md + - name: MCC for Enterprise and Education items: - - name: Configure Windows Clients - items: - - name: Windows Delivery Optimization settings - href: waas-delivery-optimization-setup.md#recommended-delivery-optimization-settings - - name: Windows Delivery Optimization Frequently Asked Questions - href: ../do/waas-delivery-optimization-faq.yml - - name: Configure Microsoft Intune - items: - - name: Delivery Optimization settings in Microsoft Intune - href: /mem/intune/configuration/delivery-optimization-windows - - - name: Microsoft Connected Cache + - name: Requirements + href: mcc-enterprise-prerequisites.md + - name: Deploy Microsoft Connected Cache + href: mcc-enterprise-deploy.md + - name: Update or uninstall MCC + href: mcc-enterprise-update-uninstall.md + - name: Appendix + href: mcc-enterprise-appendix.md + - name: MCC for ISPs items: - - name: MCC overview - href: waas-microsoft-connected-cache.md - - name: MCC for Enterprise and Education - href: mcc-enterprise.md - - name: MCC for ISPs + - name: How-to guides + items: + - name: Operator sign up and service onboarding + href: mcc-isp-signup.md + - name: Create, provision, and deploy the cache node in Azure portal + href: mcc-isp-create-provision-deploy.md + - name: Verify cache node functionality and monitor health and performance + href: mcc-isp-verify-cache-node.md + - name: Update or uninstall your cache node + href: mcc-isp-update.md + - name: Resources + items: + - name: Frequently Asked Questions + href: mcc-isp-faq.yml + - name: Enhancing VM performance + href: mcc-isp-vm-performance.md + - name: Support and troubleshooting + href: mcc-isp-support.md + - name: MCC for ISPs (early preview) href: mcc-isp.md +- name: Content endpoints for Delivery Optimization and Microsoft Connected Cache + href: delivery-optimization-endpoints.md - - name: Resources - items: - - name: Set up Delivery Optimization for Windows - href: waas-delivery-optimization-setup.md - - name: Delivery Optimization reference - href: waas-delivery-optimization-reference.md - - name: Delivery Optimization client-service communication - href: delivery-optimization-workflow.md - - name: Using a proxy with Delivery Optimization - href: delivery-optimization-proxy.md - - name: Content endpoints for Delivery Optimization and Microsoft Connected Cache - href: delivery-optimization-endpoints.md - - name: Testing Delivery Optimization - href: delivery-optimization-test.md - + diff --git a/windows/deployment/do/images/addcachenode.png b/windows/deployment/do/images/addcachenode.png new file mode 100644 index 0000000000..ea8db2a08a Binary files /dev/null and b/windows/deployment/do/images/addcachenode.png differ diff --git a/windows/deployment/do/images/elixir_ux/readme-elixir-ux-files.md b/windows/deployment/do/images/elixir_ux/readme-elixir-ux-files.md new file mode 100644 index 0000000000..f97aed1785 --- /dev/null +++ b/windows/deployment/do/images/elixir_ux/readme-elixir-ux-files.md @@ -0,0 +1,30 @@ +--- +title: Don't Remove images under do/images/elixir_ux - used by Azure portal Diagnose/Solve feature UI +manager: aaroncz +description: Elixir images read me file +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +ms.mktglfcycl: deploy +audience: itpro +author: nidos +ms.localizationpriority: medium +ms.author: nidos +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Read Me + +This file contains the images that are included in this GitHub repository that are used by the Azure UI for Diagnose and Solve. The following images _shouldn't be removed_ from the repository: + +:::image type="content" source="ux-check-verbose-2.png" alt-text="A screenshot that shows 6 out of the 22 checks raising errors."::: + +:::image type="content" source="ux-check-verbose-1.png" alt-text="A screenshot that all checks passing after the iotedge check command."::: + +:::image type="content" source="ux-connectivity-check.png" alt-text="A screenshot of green checkmarks, showing that all of the connectivity checks are successful."::: + +:::image type="content" source="ux-edge-agent-failed.png" alt-text="A screenshot of the terminal after the command 'iotedge list', which shows three containers and the edgeAgent container failing."::: + +:::image type="content" source="ux-iot-edge-list.png" alt-text="A screenshot of the terminal after the command 'iotedge list', showing all three containers running successfully."::: + +:::image type="content" source="ux-mcc-failed.png" alt-text="A screenshot of the terminal after the command 'iotedge list', showing the MCC container in a failure state."::: \ No newline at end of file diff --git a/windows/deployment/do/images/elixir_ux/ux-check-verbose-1.png b/windows/deployment/do/images/elixir_ux/ux-check-verbose-1.png new file mode 100644 index 0000000000..692416d04c Binary files /dev/null and b/windows/deployment/do/images/elixir_ux/ux-check-verbose-1.png differ diff --git a/windows/deployment/do/images/elixir_ux/ux-check-verbose-2.png b/windows/deployment/do/images/elixir_ux/ux-check-verbose-2.png new file mode 100644 index 0000000000..5f232fe0c6 Binary files /dev/null and b/windows/deployment/do/images/elixir_ux/ux-check-verbose-2.png differ diff --git a/windows/deployment/do/images/elixir_ux/ux-connectivity-check.png b/windows/deployment/do/images/elixir_ux/ux-connectivity-check.png new file mode 100644 index 0000000000..0e72c45b33 Binary files /dev/null and b/windows/deployment/do/images/elixir_ux/ux-connectivity-check.png differ diff --git a/windows/deployment/do/images/elixir_ux/ux-edge-agent-failed.png b/windows/deployment/do/images/elixir_ux/ux-edge-agent-failed.png new file mode 100644 index 0000000000..1ce0e3e929 Binary files /dev/null and b/windows/deployment/do/images/elixir_ux/ux-edge-agent-failed.png differ diff --git a/windows/deployment/do/images/elixir_ux/ux-iot-edge-list.png b/windows/deployment/do/images/elixir_ux/ux-iot-edge-list.png new file mode 100644 index 0000000000..a26638a119 Binary files /dev/null and b/windows/deployment/do/images/elixir_ux/ux-iot-edge-list.png differ diff --git a/windows/deployment/do/images/elixir_ux/ux-mcc-failed.png b/windows/deployment/do/images/elixir_ux/ux-mcc-failed.png new file mode 100644 index 0000000000..b82d0e4441 Binary files /dev/null and b/windows/deployment/do/images/elixir_ux/ux-mcc-failed.png differ diff --git a/windows/deployment/do/images/emcc07.png b/windows/deployment/do/images/emcc07.png deleted file mode 100644 index 21420eab09..0000000000 Binary files a/windows/deployment/do/images/emcc07.png and /dev/null differ diff --git a/windows/deployment/do/images/emcc10.png b/windows/deployment/do/images/emcc10.png deleted file mode 100644 index 77c8754bf5..0000000000 Binary files a/windows/deployment/do/images/emcc10.png and /dev/null differ diff --git a/windows/deployment/do/images/emcc06.png b/windows/deployment/do/images/ent-mcc-azure-cache-created.png similarity index 100% rename from windows/deployment/do/images/emcc06.png rename to windows/deployment/do/images/ent-mcc-azure-cache-created.png diff --git a/windows/deployment/do/images/emcc05.png b/windows/deployment/do/images/ent-mcc-azure-create-connected-cache.png similarity index 100% rename from windows/deployment/do/images/emcc05.png rename to windows/deployment/do/images/ent-mcc-azure-create-connected-cache.png diff --git a/windows/deployment/do/images/emcc04.png b/windows/deployment/do/images/ent-mcc-azure-marketplace.png similarity index 100% rename from windows/deployment/do/images/emcc04.png rename to windows/deployment/do/images/ent-mcc-azure-marketplace.png diff --git a/windows/deployment/do/images/emcc03.png b/windows/deployment/do/images/ent-mcc-azure-search-result.png similarity index 100% rename from windows/deployment/do/images/emcc03.png rename to windows/deployment/do/images/ent-mcc-azure-search-result.png diff --git a/windows/deployment/do/images/emcc08.png b/windows/deployment/do/images/ent-mcc-cache-nodes.png similarity index 100% rename from windows/deployment/do/images/emcc08.png rename to windows/deployment/do/images/ent-mcc-cache-nodes.png diff --git a/windows/deployment/do/images/emcc20.png b/windows/deployment/do/images/ent-mcc-connect-eflowvm.png similarity index 100% rename from windows/deployment/do/images/emcc20.png rename to windows/deployment/do/images/ent-mcc-connect-eflowvm.png diff --git a/windows/deployment/do/images/ent-mcc-connected-cache-installer-download.png b/windows/deployment/do/images/ent-mcc-connected-cache-installer-download.png new file mode 100644 index 0000000000..45cb01de9f Binary files /dev/null and b/windows/deployment/do/images/ent-mcc-connected-cache-installer-download.png differ diff --git a/windows/deployment/do/images/emcc02.png b/windows/deployment/do/images/ent-mcc-create-azure-resource.png similarity index 100% rename from windows/deployment/do/images/emcc02.png rename to windows/deployment/do/images/ent-mcc-create-azure-resource.png diff --git a/windows/deployment/do/images/ent-mcc-create-cache-failed.png b/windows/deployment/do/images/ent-mcc-create-cache-failed.png new file mode 100644 index 0000000000..5c2ac09d56 Binary files /dev/null and b/windows/deployment/do/images/ent-mcc-create-cache-failed.png differ diff --git a/windows/deployment/do/images/emcc09.5.png b/windows/deployment/do/images/ent-mcc-create-cache-node-name.png similarity index 100% rename from windows/deployment/do/images/emcc09.5.png rename to windows/deployment/do/images/ent-mcc-create-cache-node-name.png diff --git a/windows/deployment/do/images/emcc09.png b/windows/deployment/do/images/ent-mcc-create-cache-node.png similarity index 100% rename from windows/deployment/do/images/emcc09.png rename to windows/deployment/do/images/ent-mcc-create-cache-node.png diff --git a/windows/deployment/do/images/emcc11.png b/windows/deployment/do/images/ent-mcc-delete-cache-node.png similarity index 100% rename from windows/deployment/do/images/emcc11.png rename to windows/deployment/do/images/ent-mcc-delete-cache-node.png diff --git a/windows/deployment/do/images/emcc29.png b/windows/deployment/do/images/ent-mcc-delivery-optimization-activity.png similarity index 100% rename from windows/deployment/do/images/emcc29.png rename to windows/deployment/do/images/ent-mcc-delivery-optimization-activity.png diff --git a/windows/deployment/do/images/emcc12.png b/windows/deployment/do/images/ent-mcc-download-installer.png similarity index 100% rename from windows/deployment/do/images/emcc12.png rename to windows/deployment/do/images/ent-mcc-download-installer.png diff --git a/windows/deployment/do/images/emcc28.png b/windows/deployment/do/images/ent-mcc-get-deliveryoptimizationstatus.png similarity index 100% rename from windows/deployment/do/images/emcc28.png rename to windows/deployment/do/images/ent-mcc-get-deliveryoptimizationstatus.png diff --git a/windows/deployment/do/images/emcc26.png b/windows/deployment/do/images/ent-mcc-group-policy-hostname.png similarity index 100% rename from windows/deployment/do/images/emcc26.png rename to windows/deployment/do/images/ent-mcc-group-policy-hostname.png diff --git a/windows/deployment/do/images/emcc13.png b/windows/deployment/do/images/ent-mcc-installer-script.png similarity index 100% rename from windows/deployment/do/images/emcc13.png rename to windows/deployment/do/images/ent-mcc-installer-script.png diff --git a/windows/deployment/do/images/emcc23.png b/windows/deployment/do/images/ent-mcc-intune-do.png similarity index 100% rename from windows/deployment/do/images/emcc23.png rename to windows/deployment/do/images/ent-mcc-intune-do.png diff --git a/windows/deployment/do/images/emcc24.png b/windows/deployment/do/images/ent-mcc-iotedge-list.png similarity index 100% rename from windows/deployment/do/images/emcc24.png rename to windows/deployment/do/images/ent-mcc-iotedge-list.png diff --git a/windows/deployment/do/images/emcc25.png b/windows/deployment/do/images/ent-mcc-journalctl.png similarity index 100% rename from windows/deployment/do/images/emcc25.png rename to windows/deployment/do/images/ent-mcc-journalctl.png diff --git a/windows/deployment/do/images/emcc01.png b/windows/deployment/do/images/ent-mcc-overview.png similarity index 100% rename from windows/deployment/do/images/emcc01.png rename to windows/deployment/do/images/ent-mcc-overview.png diff --git a/windows/deployment/do/images/emcc19.png b/windows/deployment/do/images/ent-mcc-script-complete.png similarity index 100% rename from windows/deployment/do/images/emcc19.png rename to windows/deployment/do/images/ent-mcc-script-complete.png diff --git a/windows/deployment/do/images/emcc17.png b/windows/deployment/do/images/ent-mcc-script-device-code.png similarity index 100% rename from windows/deployment/do/images/emcc17.png rename to windows/deployment/do/images/ent-mcc-script-device-code.png diff --git a/windows/deployment/do/images/emcc16.png b/windows/deployment/do/images/ent-mcc-script-dynamic-address.png similarity index 100% rename from windows/deployment/do/images/emcc16.png rename to windows/deployment/do/images/ent-mcc-script-dynamic-address.png diff --git a/windows/deployment/do/images/emcc15.png b/windows/deployment/do/images/ent-mcc-script-existing-switch.png similarity index 100% rename from windows/deployment/do/images/emcc15.png rename to windows/deployment/do/images/ent-mcc-script-existing-switch.png diff --git a/windows/deployment/do/images/emcc14.png b/windows/deployment/do/images/ent-mcc-script-new-switch.png similarity index 100% rename from windows/deployment/do/images/emcc14.png rename to windows/deployment/do/images/ent-mcc-script-new-switch.png diff --git a/windows/deployment/do/images/emcc18.png b/windows/deployment/do/images/ent-mcc-script-select-hub.png similarity index 100% rename from windows/deployment/do/images/emcc18.png rename to windows/deployment/do/images/ent-mcc-script-select-hub.png diff --git a/windows/deployment/do/images/emcc27.png b/windows/deployment/do/images/ent-mcc-store-example-download.png similarity index 100% rename from windows/deployment/do/images/emcc27.png rename to windows/deployment/do/images/ent-mcc-store-example-download.png diff --git a/windows/deployment/do/images/emcc22.png b/windows/deployment/do/images/ent-mcc-verify-server-powershell.png similarity index 100% rename from windows/deployment/do/images/emcc22.png rename to windows/deployment/do/images/ent-mcc-verify-server-powershell.png diff --git a/windows/deployment/do/images/emcc21.png b/windows/deployment/do/images/ent-mcc-verify-server-ssh.png similarity index 100% rename from windows/deployment/do/images/emcc21.png rename to windows/deployment/do/images/ent-mcc-verify-server-ssh.png diff --git a/windows/deployment/do/images/imcc07.png b/windows/deployment/do/images/imcc07.png deleted file mode 100644 index 31668ba8a1..0000000000 Binary files a/windows/deployment/do/images/imcc07.png and /dev/null differ diff --git a/windows/deployment/do/images/imcc21.png b/windows/deployment/do/images/imcc21.png deleted file mode 100644 index 5bd68d66c5..0000000000 Binary files a/windows/deployment/do/images/imcc21.png and /dev/null differ diff --git a/windows/deployment/do/images/imcc48.png b/windows/deployment/do/images/imcc48.png deleted file mode 100644 index eb53b7a5be..0000000000 Binary files a/windows/deployment/do/images/imcc48.png and /dev/null differ diff --git a/windows/deployment/do/images/imcc49.png b/windows/deployment/do/images/imcc49.png deleted file mode 100644 index eb53b7a5be..0000000000 Binary files a/windows/deployment/do/images/imcc49.png and /dev/null differ diff --git a/windows/deployment/do/images/imcc53.png b/windows/deployment/do/images/imcc53.png deleted file mode 100644 index ddec14d717..0000000000 Binary files a/windows/deployment/do/images/imcc53.png and /dev/null differ diff --git a/windows/deployment/do/images/imcc54.png b/windows/deployment/do/images/imcc54.png deleted file mode 100644 index c40ab0c5c9..0000000000 Binary files a/windows/deployment/do/images/imcc54.png and /dev/null differ diff --git a/windows/deployment/do/images/imcc24.png b/windows/deployment/do/images/mcc-isp-bash-allocate-space.png similarity index 100% rename from windows/deployment/do/images/imcc24.png rename to windows/deployment/do/images/mcc-isp-bash-allocate-space.png diff --git a/windows/deployment/do/images/imcc23.png b/windows/deployment/do/images/mcc-isp-bash-datadrive.png similarity index 100% rename from windows/deployment/do/images/imcc23.png rename to windows/deployment/do/images/mcc-isp-bash-datadrive.png diff --git a/windows/deployment/do/images/imcc20.png b/windows/deployment/do/images/mcc-isp-bash-device-code.png similarity index 100% rename from windows/deployment/do/images/imcc20.png rename to windows/deployment/do/images/mcc-isp-bash-device-code.png diff --git a/windows/deployment/do/images/imcc22.png b/windows/deployment/do/images/mcc-isp-bash-drive-number.png similarity index 100% rename from windows/deployment/do/images/imcc22.png rename to windows/deployment/do/images/mcc-isp-bash-drive-number.png diff --git a/windows/deployment/do/images/imcc25.png b/windows/deployment/do/images/mcc-isp-bash-iot-prompt.png similarity index 100% rename from windows/deployment/do/images/imcc25.png rename to windows/deployment/do/images/mcc-isp-bash-iot-prompt.png diff --git a/windows/deployment/do/images/imcc08.png b/windows/deployment/do/images/mcc-isp-cache-nodes-option.png similarity index 100% rename from windows/deployment/do/images/imcc08.png rename to windows/deployment/do/images/mcc-isp-cache-nodes-option.png diff --git a/windows/deployment/do/images/imcc19.png b/windows/deployment/do/images/mcc-isp-copy-install-script.png similarity index 100% rename from windows/deployment/do/images/imcc19.png rename to windows/deployment/do/images/mcc-isp-copy-install-script.png diff --git a/windows/deployment/do/images/imcc10.png b/windows/deployment/do/images/mcc-isp-create-cache-node-fields.png similarity index 100% rename from windows/deployment/do/images/imcc10.png rename to windows/deployment/do/images/mcc-isp-create-cache-node-fields.png diff --git a/windows/deployment/do/images/imcc09.png b/windows/deployment/do/images/mcc-isp-create-cache-node-option.png similarity index 100% rename from windows/deployment/do/images/imcc09.png rename to windows/deployment/do/images/mcc-isp-create-cache-node-option.png diff --git a/windows/deployment/do/images/imcc12.png b/windows/deployment/do/images/mcc-isp-create-new-node.png similarity index 100% rename from windows/deployment/do/images/imcc12.png rename to windows/deployment/do/images/mcc-isp-create-new-node.png diff --git a/windows/deployment/do/images/imcc13.png b/windows/deployment/do/images/mcc-isp-create-node-form.png similarity index 100% rename from windows/deployment/do/images/imcc13.png rename to windows/deployment/do/images/mcc-isp-create-node-form.png diff --git a/windows/deployment/do/images/imcc02.png b/windows/deployment/do/images/mcc-isp-create-resource.png similarity index 100% rename from windows/deployment/do/images/imcc02.png rename to windows/deployment/do/images/mcc-isp-create-resource.png diff --git a/windows/deployment/do/images/imcc04.png b/windows/deployment/do/images/mcc-isp-create.png similarity index 100% rename from windows/deployment/do/images/imcc04.png rename to windows/deployment/do/images/mcc-isp-create.png diff --git a/windows/deployment/do/images/mcc-isp-deploy-cache-node-numbered.png b/windows/deployment/do/images/mcc-isp-deploy-cache-node-numbered.png new file mode 100644 index 0000000000..17fb6a18f1 Binary files /dev/null and b/windows/deployment/do/images/mcc-isp-deploy-cache-node-numbered.png differ diff --git a/windows/deployment/do/images/imcc06.png b/windows/deployment/do/images/mcc-isp-deployment-complete.png similarity index 100% rename from windows/deployment/do/images/imcc06.png rename to windows/deployment/do/images/mcc-isp-deployment-complete.png diff --git a/windows/deployment/do/images/imcc01.png b/windows/deployment/do/images/mcc-isp-diagram.png similarity index 100% rename from windows/deployment/do/images/imcc01.png rename to windows/deployment/do/images/mcc-isp-diagram.png diff --git a/windows/deployment/do/images/imcc27.png b/windows/deployment/do/images/mcc-isp-edge-journalctl.png similarity index 100% rename from windows/deployment/do/images/imcc27.png rename to windows/deployment/do/images/mcc-isp-edge-journalctl.png diff --git a/windows/deployment/do/images/imcc42.png b/windows/deployment/do/images/mcc-isp-gnu-grub.png similarity index 100% rename from windows/deployment/do/images/imcc42.png rename to windows/deployment/do/images/mcc-isp-gnu-grub.png diff --git a/windows/deployment/do/images/imcc31.png b/windows/deployment/do/images/mcc-isp-hyper-v-begin.png similarity index 100% rename from windows/deployment/do/images/imcc31.png rename to windows/deployment/do/images/mcc-isp-hyper-v-begin.png diff --git a/windows/deployment/do/images/imcc36.png b/windows/deployment/do/images/mcc-isp-hyper-v-disk.png similarity index 100% rename from windows/deployment/do/images/imcc36.png rename to windows/deployment/do/images/mcc-isp-hyper-v-disk.png diff --git a/windows/deployment/do/images/imcc33.png b/windows/deployment/do/images/mcc-isp-hyper-v-generation.png similarity index 100% rename from windows/deployment/do/images/imcc33.png rename to windows/deployment/do/images/mcc-isp-hyper-v-generation.png diff --git a/windows/deployment/do/images/imcc37.png b/windows/deployment/do/images/mcc-isp-hyper-v-installation-options.png similarity index 100% rename from windows/deployment/do/images/imcc37.png rename to windows/deployment/do/images/mcc-isp-hyper-v-installation-options.png diff --git a/windows/deployment/do/images/imcc34.png b/windows/deployment/do/images/mcc-isp-hyper-v-memory.png similarity index 100% rename from windows/deployment/do/images/imcc34.png rename to windows/deployment/do/images/mcc-isp-hyper-v-memory.png diff --git a/windows/deployment/do/images/imcc32.png b/windows/deployment/do/images/mcc-isp-hyper-v-name.png similarity index 100% rename from windows/deployment/do/images/imcc32.png rename to windows/deployment/do/images/mcc-isp-hyper-v-name.png diff --git a/windows/deployment/do/images/imcc35.png b/windows/deployment/do/images/mcc-isp-hyper-v-networking.png similarity index 100% rename from windows/deployment/do/images/imcc35.png rename to windows/deployment/do/images/mcc-isp-hyper-v-networking.png diff --git a/windows/deployment/do/images/imcc38.png b/windows/deployment/do/images/mcc-isp-hyper-v-summary.png similarity index 100% rename from windows/deployment/do/images/imcc38.png rename to windows/deployment/do/images/mcc-isp-hyper-v-summary.png diff --git a/windows/deployment/do/images/imcc41.png b/windows/deployment/do/images/mcc-isp-hyper-v-vm-processor.png similarity index 100% rename from windows/deployment/do/images/imcc41.png rename to windows/deployment/do/images/mcc-isp-hyper-v-vm-processor.png diff --git a/windows/deployment/do/images/imcc40.png b/windows/deployment/do/images/mcc-isp-hyper-v-vm-security.png similarity index 100% rename from windows/deployment/do/images/imcc40.png rename to windows/deployment/do/images/mcc-isp-hyper-v-vm-security.png diff --git a/windows/deployment/do/images/imcc39.png b/windows/deployment/do/images/mcc-isp-hyper-v-vm-settings.png similarity index 100% rename from windows/deployment/do/images/imcc39.png rename to windows/deployment/do/images/mcc-isp-hyper-v-vm-settings.png diff --git a/windows/deployment/do/images/imcc18.png b/windows/deployment/do/images/mcc-isp-installer-download.png similarity index 100% rename from windows/deployment/do/images/imcc18.png rename to windows/deployment/do/images/mcc-isp-installer-download.png diff --git a/windows/deployment/do/images/imcc16.png b/windows/deployment/do/images/mcc-isp-list-nodes.png similarity index 100% rename from windows/deployment/do/images/imcc16.png rename to windows/deployment/do/images/mcc-isp-list-nodes.png diff --git a/windows/deployment/do/images/imcc05.png b/windows/deployment/do/images/mcc-isp-location-west.png similarity index 100% rename from windows/deployment/do/images/imcc05.png rename to windows/deployment/do/images/mcc-isp-location-west.png diff --git a/windows/deployment/do/images/mcc-isp-metrics.png b/windows/deployment/do/images/mcc-isp-metrics.png new file mode 100644 index 0000000000..1ca9078f3e Binary files /dev/null and b/windows/deployment/do/images/mcc-isp-metrics.png differ diff --git a/windows/deployment/do/images/imcc30.png b/windows/deployment/do/images/mcc-isp-nmcli.png similarity index 100% rename from windows/deployment/do/images/imcc30.png rename to windows/deployment/do/images/mcc-isp-nmcli.png diff --git a/windows/deployment/do/images/imcc17.png b/windows/deployment/do/images/mcc-isp-node-configuration.png similarity index 100% rename from windows/deployment/do/images/imcc17.png rename to windows/deployment/do/images/mcc-isp-node-configuration.png diff --git a/windows/deployment/do/images/imcc15.png b/windows/deployment/do/images/mcc-isp-node-names.png similarity index 100% rename from windows/deployment/do/images/imcc15.png rename to windows/deployment/do/images/mcc-isp-node-names.png diff --git a/windows/deployment/do/images/imcc11.png b/windows/deployment/do/images/mcc-isp-node-server-ip.png similarity index 100% rename from windows/deployment/do/images/imcc11.png rename to windows/deployment/do/images/mcc-isp-node-server-ip.png diff --git a/windows/deployment/do/images/mcc-isp-operator-verification.png b/windows/deployment/do/images/mcc-isp-operator-verification.png new file mode 100644 index 0000000000..3641761e0a Binary files /dev/null and b/windows/deployment/do/images/mcc-isp-operator-verification.png differ diff --git a/windows/deployment/do/images/mcc-isp-provision-cache-node-numbered.png b/windows/deployment/do/images/mcc-isp-provision-cache-node-numbered.png new file mode 100644 index 0000000000..e61bb78fc4 Binary files /dev/null and b/windows/deployment/do/images/mcc-isp-provision-cache-node-numbered.png differ diff --git a/windows/deployment/do/images/imcc26.png b/windows/deployment/do/images/mcc-isp-running-containers.png similarity index 100% rename from windows/deployment/do/images/imcc26.png rename to windows/deployment/do/images/mcc-isp-running-containers.png diff --git a/windows/deployment/do/images/imcc03.png b/windows/deployment/do/images/mcc-isp-search-marketplace.png similarity index 100% rename from windows/deployment/do/images/imcc03.png rename to windows/deployment/do/images/mcc-isp-search-marketplace.png diff --git a/windows/deployment/do/images/mcc-isp-search.png b/windows/deployment/do/images/mcc-isp-search.png new file mode 100644 index 0000000000..4ab4f0b0d6 Binary files /dev/null and b/windows/deployment/do/images/mcc-isp-search.png differ diff --git a/windows/deployment/do/images/mcc-isp-sign-up.png b/windows/deployment/do/images/mcc-isp-sign-up.png new file mode 100644 index 0000000000..0bc62894c6 Binary files /dev/null and b/windows/deployment/do/images/mcc-isp-sign-up.png differ diff --git a/windows/deployment/do/images/imcc14.png b/windows/deployment/do/images/mcc-isp-success-instructions.png similarity index 100% rename from windows/deployment/do/images/imcc14.png rename to windows/deployment/do/images/mcc-isp-success-instructions.png diff --git a/windows/deployment/do/images/imcc45.png b/windows/deployment/do/images/mcc-isp-ubuntu-erase-disk.png similarity index 100% rename from windows/deployment/do/images/imcc45.png rename to windows/deployment/do/images/mcc-isp-ubuntu-erase-disk.png diff --git a/windows/deployment/do/images/imcc44.png b/windows/deployment/do/images/mcc-isp-ubuntu-keyboard.png similarity index 100% rename from windows/deployment/do/images/imcc44.png rename to windows/deployment/do/images/mcc-isp-ubuntu-keyboard.png diff --git a/windows/deployment/do/images/imcc43.png b/windows/deployment/do/images/mcc-isp-ubuntu-language.png similarity index 100% rename from windows/deployment/do/images/imcc43.png rename to windows/deployment/do/images/mcc-isp-ubuntu-language.png diff --git a/windows/deployment/do/images/imcc51.png b/windows/deployment/do/images/mcc-isp-ubuntu-restart.png similarity index 100% rename from windows/deployment/do/images/imcc51.png rename to windows/deployment/do/images/mcc-isp-ubuntu-restart.png diff --git a/windows/deployment/do/images/imcc47.png b/windows/deployment/do/images/mcc-isp-ubuntu-time-zone.png similarity index 100% rename from windows/deployment/do/images/imcc47.png rename to windows/deployment/do/images/mcc-isp-ubuntu-time-zone.png diff --git a/windows/deployment/do/images/imcc52.png b/windows/deployment/do/images/mcc-isp-ubuntu-upgrade.png similarity index 100% rename from windows/deployment/do/images/imcc52.png rename to windows/deployment/do/images/mcc-isp-ubuntu-upgrade.png diff --git a/windows/deployment/do/images/imcc50.png b/windows/deployment/do/images/mcc-isp-ubuntu-who.png similarity index 100% rename from windows/deployment/do/images/imcc50.png rename to windows/deployment/do/images/mcc-isp-ubuntu-who.png diff --git a/windows/deployment/do/images/imcc46.png b/windows/deployment/do/images/mcc-isp-ubuntu-write-changes.png similarity index 100% rename from windows/deployment/do/images/imcc46.png rename to windows/deployment/do/images/mcc-isp-ubuntu-write-changes.png diff --git a/windows/deployment/do/images/imcc55.PNG b/windows/deployment/do/images/mcc-isp-use-bgp.png similarity index 100% rename from windows/deployment/do/images/imcc55.PNG rename to windows/deployment/do/images/mcc-isp-use-bgp.png diff --git a/windows/deployment/do/images/imcc28.png b/windows/deployment/do/images/mcc-isp-wget.png similarity index 100% rename from windows/deployment/do/images/imcc28.png rename to windows/deployment/do/images/mcc-isp-wget.png diff --git a/windows/deployment/do/includes/get-azure-subscription.md b/windows/deployment/do/includes/get-azure-subscription.md new file mode 100644 index 0000000000..114671fd5e --- /dev/null +++ b/windows/deployment/do/includes/get-azure-subscription.md @@ -0,0 +1,17 @@ +--- +author: amymzhou +ms.author: amyzhou +manager: dougeby +ms.prod: w10 +ms.collection: M365-modern-desktop +ms.topic: include +ms.localizationpriority: medium +--- + + +1. Sign in to the [Azure portal](https://portal.azure.com). +1. Select **Subscriptions**. If you don't see **Subscriptions**, type **Subscriptions** in the search bar. As you begin typing, the list filters based on your input. +1. If you already have an Azure Subscription, skip to step 5. If you don't have an Azure Subscription, select **+ Add** on the top left. +1. Select the **Pay-As-You-Go** subscription. You'll be asked to enter credit card information, but you'll not be charged for using the MCC service. +1. On the **Subscriptions** page, you'll find details about your current subscription. Select the subscription name. +1. After you select the subscription name, you'll find the subscription ID in the **Overview** tab. Select the **Copy to clipboard** icon next to your Subscription ID to copy the value. \ No newline at end of file diff --git a/windows/deployment/do/includes/mcc-prerequisites.md b/windows/deployment/do/includes/mcc-prerequisites.md new file mode 100644 index 0000000000..f90bc995e6 --- /dev/null +++ b/windows/deployment/do/includes/mcc-prerequisites.md @@ -0,0 +1,17 @@ +--- +author: amyzhou +ms.author: amyzhou +manager: dougeby +ms.prod: w10 +ms.collection: M365-modern-desktop +ms.topic: include +ms.date: 11/09/2022 +ms.localizationpriority: medium +--- + + +Peak Egress | Hardware Specifications| +---|---| +< 5G Peak | VM with 8 cores, 16 GB memory, 1 SSD Drive 500GB| +10 - 20G Peak | VM with 16 cores, 32 GB memory, 2 - 3 SSD Drives 1 TB| +20 - 40G Peak | Hardware (sample hardware spec) with 32 cores, 64 GB memory, 4 - 6 SSDs 1 TB | \ No newline at end of file diff --git a/windows/deployment/do/index.yml b/windows/deployment/do/index.yml index c9373755d6..729d713050 100644 --- a/windows/deployment/do/index.yml +++ b/windows/deployment/do/index.yml @@ -69,8 +69,8 @@ landingContent: linkLists: - linkListType: deploy links: - - text: MCC for Enterprise and Education (Private Preview) - url: mcc-enterprise.md + - text: MCC for Enterprise and Education (early preview) + url: waas-microsoft-connected-cache.md - text: Sign up url: https://aka.ms/MSConnectedCacheSignup @@ -79,10 +79,13 @@ landingContent: linkLists: - linkListType: deploy links: - - text: MCC for ISPs (Private Preview) - url: mcc-isp.md + - text: MCC for ISPs (public preview) + url: mcc-isp-signup.md - text: Sign up - url: https://aka.ms/MSConnectedCacheSignup + url: https://aka.ms/MCCForISPSurvey + - text: MCC for ISPs (early preview) + url: mcc-isp.md + # Card (optional) - title: Resources diff --git a/windows/deployment/do/mcc-enterprise-appendix.md b/windows/deployment/do/mcc-enterprise-appendix.md new file mode 100644 index 0000000000..83d2df61da --- /dev/null +++ b/windows/deployment/do/mcc-enterprise-appendix.md @@ -0,0 +1,117 @@ +--- +title: Appendix +manager: aaroncz +description: Appendix on Microsoft Connected Cache (MCC) for Enterprise and Education. +ms.prod: w10 +author: amymzhou +ms.author: amyzhou +ms.localizationpriority: medium +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Appendix + +## Diagnostics Script + +If you're having issues with your MCC, we included a diagnostics script. The script collects all your logs and zips them into a single file. You can then send us these logs via email for the MCC team to debug. + +To run this script: + +1. Navigate to the following folder in the MCC installation files: + + mccinstaller > Eflow > Diagnostics + +1. Run the following commands: + + ```powershell + Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process + .\collectMccDiagnostics.ps1 + ``` + +1. The script stores all the debug files into a folder and then creates a tar file. After the script is finished running, it will output the path of the tar file, which you can share with us. The location should be **\**\mccdiagnostics\support_bundle_\$timestamp.tar.gz + +1. [Email the MCC team](mailto:mccforenterprise@microsoft.com?subject=Debugging%20Help%20Needed%20for%20MCC%20for%20Enterprise) and attach this file asking for debugging support. Screenshots of the error along with any other warnings you saw will be helpful during out debugging process. + +## Steps to obtain an Azure Subscription ID + + +[!INCLUDE [Get Azure subscription](includes/get-azure-subscription.md)] + +## Troubleshooting + +If you're not able to sign up for a Microsoft Azure subscription with the error: **Account belongs to a directory that cannot be associated with an Azure subscription. Please sign in with a different account.** See [Can't sign up for a Microsoft Azure subscription](/troubleshoot/azure/general/cannot-sign-up-subscription). + +Also see [Troubleshoot issues when you sign up for a new account in the Azure portal](/azure/cost-management-billing/manage/troubleshoot-azure-sign-up). + +## IoT Edge runtime + +The Azure IoT Edge runtime enables custom and cloud logic on IoT Edge devices. +The runtime sits on the IoT Edge device, and performs management and +communication operations. The runtime performs several functions: + +- Installs and update workloads (Docker containers) on the device. +- Maintains Azure IoT Edge security standards on the device. +- Ensures that IoT Edge modules (Docker containers) are always running. +- Reports module (Docker containers) health to the cloud for remote monitoring. +- Manages communication between an IoT Edge device and the cloud. + +For more information on Azure IoT Edge, see the [Azure IoT Edge documentation](/azure/iot-edge/about-iot-edge). + +## EFLOW + +- [What is Azure IoT Edge for Linux on Windows](/azure/iot-edge/iot-edge-for-linux-on-windows) +- [Install Azure IoT Edge for Linux on Windows](/azure/iot-edge/how-to-provision-single-device-linux-on-windows-symmetric#install-iot-edge) +- [PowerShell functions for Azure IoT Edge for Linux on Windows](/azure/iot-edge/reference-iot-edge-for-linux-on-windows-functions) +- EFLOW FAQ and Support: [Support · Azure/iotedge-eflow Wiki (github.com)](https://github.com/Azure/iotedge-eflow/wiki/Support#how-can-i-apply-updates-to-eflow) +- [Now ready for Production: Linux IoT Edge Modules on Windows - YouTube](https://www.youtube.com/watch?v=pgqVCg6cxVU&ab_channel=MicrosoftIoTDevelopers) + +## Routing local Windows Clients to an MCC + +### Get the IP address of your MCC using ifconfig + +There are multiple methods that can be used to apply a policy to PCs that should participate in downloading from the MCC. + +#### Registry Key + +You can either set your MCC IP address or FQDN using: + +1. Registry Key (version 1709 and later): + `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization` +
+ "DOCacheHost"=" " + + From an elevated command prompt: + + ``` + reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /v DOCacheHost /t REG_SZ /d "10.137.187.38" /f + ``` + +1. MDM Path (version 1809 and later): + + `.Vendor/MSFT/Policy/Config/DeliveryOptimization/DOCacheHost` + +1. In Windows (release version 1809 and later), you can apply the policy via Group Policy Editor. The policy to apply is **DOCacheHost**. To configure the clients to pull content from the MCC using Group Policy, go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. Set the **Cache Server Hostname** to the IP address of your MCC, such as `10.137.187.38`. + + :::image type="content" source="./images/ent-mcc-group-policy-hostname.png" alt-text="Screenshot of the Group Policy editor showing the Cache Server Hostname Group Policy setting." lightbox="./images/ent-mcc-group-policy-hostname.png"::: + + +**Verify Content using the DO Client** + +To verify that the Delivery Optimization client can download content using MCC, you can use the following steps: + +1. Download a game or application from the Microsoft Store. + + :::image type="content" source="./images/ent-mcc-store-example-download.png" alt-text="Screenshot of the Microsoft Store with the game, Angry Birds 2, selected."::: + + +1. Verify downloads came from MCC by one of two methods: + + - Using the PowerShell Cmdlet Get-DeliveryOptimizationStatus you should see *BytesFromCacheServer*. + + :::image type="content" source="./images/ent-mcc-get-deliveryoptimizationstatus.png" alt-text="Screenshot of the output of Get-DeliveryOptimization | FT from PowerShell." lightbox="./images/ent-mcc-get-deliveryoptimizationstatus.png"::: + + - Using the Delivery Optimization Activity Monitor + + :::image type="content" source="./images/ent-mcc-delivery-optimization-activity.png" alt-text="Screenshot of the Delivery Optimization Activity Monitor."::: + diff --git a/windows/deployment/do/mcc-enterprise-deploy.md b/windows/deployment/do/mcc-enterprise-deploy.md new file mode 100644 index 0000000000..74ef198811 --- /dev/null +++ b/windows/deployment/do/mcc-enterprise-deploy.md @@ -0,0 +1,325 @@ +--- +title: Deploying your cache node +manager: dougeby +description: How to deploy Microsoft Connected Cache (MCC) for Enterprise and Education cache node +ms.prod: w10 +author: amymzhou +ms.localizationpriority: medium +ms.author: amyzhou +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Deploying your cache node + +**Applies to** + +- Windows 10 +- Windows 11 + +## Steps to deploy MCC + +To deploy MCC to your server: + +1. [Provide Microsoft with the Azure subscription ID](#provide-microsoft-with-the-azure-subscription-id) +1. [Create the MCC Resource in Azure](#create-the-mcc-resource-in-azure) +1. [Create an MCC Node](#create-an-mcc-node-in-azure) +1. [Edit Cache Node Information](#edit-cache-node-information) +1. [Install MCC on a physical server or VM](#install-mcc-on-windows) +1. [Verify proper functioning MCC server](#verify-proper-functioning-mcc-server) +1. [Review common Issues](#common-issues) if needed. + +For questions regarding these instructions contact [msconnectedcache@microsoft.com](mailto:msconnectedcache@microsoft.com) + +### Provide Microsoft with the Azure Subscription ID + +As part of the MCC preview onboarding process an Azure subscription ID must be provided to Microsoft. + +> [!IMPORTANT] +> [Take this survey](https://aka.ms/MSConnectedCacheSignup) and provide your Azure subscription ID and contact information to be added to the allowlist for this preview. You will not be able to proceed if you skip this step. + +For information about creating or locating your subscription ID, see [Steps to obtain an Azure Subscription ID](mcc-enterprise-appendix.md#steps-to-obtain-an-azure-subscription-id). + +### Create the MCC resource in Azure + +The MCC Azure management portal is used to create and manage MCC nodes. An Azure Subscription ID is used to grant access to the preview and to create the MCC resource in Azure and Cache nodes. + +Once you take the survey above and the MCC team adds your subscription ID to the allowlist, you'll be given a link to the Azure portal where you can create the resource described below. + +1. In the Azure portal home page, choose **Create a resource**: + :::image type="content" source="./images/ent-mcc-create-azure-resource.png" alt-text="Screenshot of the Azure portal. The create a resource option is outlined in red."::: + +1. Type **Microsoft Connected Cache** into the search box, and hit **Enter** to show search results. + + > [!NOTE] + > You won't see Microsoft Connected Cache in the drop-down list. You'll need to type the string and press enter to see the result. + +1. Select **Microsoft Connected Cache Enterprise** and choose **Create** on the next screen to start the process of creating the MCC resource. + + :::image type="content" source="./images/ent-mcc-azure-search-result.png" alt-text="Screenshot of the Azure portal search results for Microsoft Connected Cache."::: + :::image type="content" source="./images/ent-mcc-azure-marketplace.png" alt-text="Screenshot of Microsoft Connected Cache Enterprise within the Azure Marketplace."::: + +1. Fill in the required fields to create the MCC resource. + + - Choose the subscription that you provided to Microsoft. + - Azure resource groups are logical groups of resources. Create a new resource group and choose a name for your resource group. + - Choose **(US) West US** for the location of the resource. This choice won't impact MCC if the physical location isn't in the West US, it's just a limitation of the preview. + + > [!IMPORTANT] + > Your MCC resource will not be created properly if you do not select **(US) West US** + + - Choose a name for the MCC resource. + - Your MCC resource must not contain the word **Microsoft** in it. + + :::image type="content" source="./images/ent-mcc-azure-create-connected-cache.png" alt-text="Screenshot of the Create a Connected Cache page within the Azure Marketplace."::: + +1. Once all the information has been entered, select the **Review + Create** button. Once validation is complete, select the **Create** button to start the + resource creation. + + :::image type="content" source="./images/ent-mcc-azure-cache-created.png" alt-text="Screenshot of the completed cache deployment within the Azure." lightbox="./images/ent-mcc-azure-cache-created.png"::: + +#### Error: Validation failed + +- If you get a Validation failed error message on your portal, it's likely because you selected the **Location** as **US West 2** or some other location that isn't **(US) West US**. + - To resolve this error, go to the previous step and choose **(US) West US**. + + :::image type="content" source="./images/ent-mcc-create-cache-failed.png" alt-text="Screenshot of a failed cache deployment due to an incorrect location."::: + +### Create an MCC node in Azure + +Creating an MCC node is a multi-step process and the first step is to access the MCC early preview management portal. + +1. After the successful resource creation, select **Go to resource**. +1. Under **Cache Node Management** section on the leftmost panel, select **Cache Nodes**. + + :::image type="content" source="./images/ent-mcc-cache-nodes.png" alt-text="Screenshot of the Cache Node Management section with the navigation link to the Cache Nodes page outlined in red."::: + +1. On the **Cache Nodes** blade, select the **Create Cache Node** button. + + :::image type="content" source="./images/ent-mcc-create-cache-node.png" alt-text="Screenshot of the Cache Nodes page with the Create Cache Node option outlined in red."::: + +1. Selecting the **Create Cache Node** button will open the **Create Cache Node** page; **Cache Node Name** is the only field required for cache node creation. + + | **Field Name**| **Expected Value**|**Description** | + |---|---|---| + | **Cache Node Name** | Alphanumeric name that doesn't include any spaces. | The name of the cache node. You may choose names based on location such as `Seattle-1`. This name must be unique and can't be changed later. | + +1. Enter the information for the **Cache Node** and select the **Create** button. + + :::image type="content" source="./images/ent-mcc-create-cache-node-name.png" alt-text="Screenshot of the Cache Nodes page displaying the Cache Node Name text entry during the creation process."::: + +If there are errors, the form will provide guidance on how to correct the errors. + +Once the MCC node has been created, the installer instructions will be exposed. More details on the installer instructions will be addressed later in this article, in the [Install Connected Cache](#install-mcc-on-windows) section. + +:::image type="content" source="./images/ent-mcc-connected-cache-installer-download.png" alt-text="Screenshot of the Connected Cache installer download button, installer instructions, and script."::: + +#### Edit cache node information + +Cache nodes can be deleted here by selecting the check box to the left of a **Cache Node Name** and then selecting the delete toolbar item. Be aware that if a cache node is deleted, there's no way to recover the cache node or any of the information related to the cache node. + +:::image type="content" source="./images/ent-mcc-delete-cache-node.png" alt-text="Screenshot of deleting a cache node from the Cache Nodes page."::: + +### Install MCC on Windows + +Installing MCC on your Windows device is a simple process. A PowerShell script performs the following tasks: + +- Installs the Azure CLI +- Downloads, installs, and deploys EFLOW +- Enables Microsoft Update so EFLOW can stay up to date +- Creates a virtual machine +- Enables the firewall and opens ports 80 and 22 for inbound and outbound traffic. Port 80 is used by MCC, and port 22 is used for SSH communications. +- Configures Connected Cache tuning settings. +- Creates the necessary *FREE* Azure resource - IoT Hub/IoT Edge. +- Deploys the MCC container to server. + +#### Run the installer + +1. Download and unzip `mccinstaller.zip` from the create cache node page or cache node configuration page, both of which contain the necessary installation files. + + :::image type="content" source="./images/ent-mcc-download-installer.png" alt-text="Screenshot of the download installer option on the Create Cache Node page."::: + + The following files are contained in the `mccinstaller.zip` file: + + - **installmcc.ps1**: Main installer file. + - **installEflow.ps1**: Installs the necessary prerequisites such as the Linux VM, IoT Edge runtime, and Docker, and makes necessary host OS settings to optimize caching performance. + - **resourceDeploymentForConnectedCache.ps1**: Creates Azure cloud resources required to support MCC control plane. + - **mccdeployment.json**: Deployment manifest used by IoT Edge to deploy the MCC container and configure settings on the container, such as cache drive location sizes. + - **updatemcc.ps1**: The update script used to upgrade MCC to a particular version. + - **mccupdate.json**: Used as part of the update script + +1. Open Windows PowerShell as administrator then navigate to the location of these files. + + > [!NOTE] + > Ensure that Hyper-V is enabled on your device. + > - **Windows 10:** [Enable Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) + > - **Windows Server:** [Install the Hyper-V role on Windows Server](/windows-server/virtualization/hyper-v/get-started/install-the-hyper-v-role-on-windows-server)' + > + > Don't use PowerShell ISE, PowerShell 6.x, or PowerShell 7.x. Only Windows PowerShell version 5.x is supported. + +#### If you're installing MCC on a local virtual machine + +1. Turn the virtual machine **off** while you enable nested virtualization and MAC spoofing. + 1. Enable nested virtualization: + + ```powershell + Set -VMProcessor -VMName "VM name" -ExposeVirtualizationExtensions $true + ``` + + 1. Enable MAC spoofing: + + ```powershell + Get-VMNetworkAdapter -VMName "VM name" | Set-VMNetworkAdapter -MacAddressSpoofing On + ``` + +1. Set the execution policy. + + ```powershell + Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process + ``` + + > [!NOTE] + > After setting the execution policy, you'll see a warning asking if you wish to change the execution policy. Choose **[A] Yes to All**. + +1. Copy the command from the Azure portal and run it in Windows PowerShell. + + :::image type="content" source="./images/ent-mcc-installer-script.png" alt-text="Screenshot of the installer script for the connected cache node."::: + + > [!NOTE] + > After running the command, and multiple times throughout the installation process, you'll receive the following notice. Select **[R] Run once** to proceed. + >
+ >
Security warning + >
Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your computer. If you trust this script, use the Unblock-File cmdlet to allow the script to run without this warning message. Do you want to run C:\Users\mccinstaller\Eflow\installmcc.ps1? + >
+ >
[D] Do not run **[R] Run once** [S] Suspend [?] Help (default is "D"): + +1. Choose whether you would like to create a new virtual switch or select an existing one. Name your switch and select the Net Adapter to use for the switch. A computer restart will be required if you're creating a new switch. + + > [!NOTE] + > Restarting your computer after creating a switch is recommended. You'll notice network delays during installation if the computer has not been restarted. + + If you restarted your computer after creating a switch, start from Step 2 above and skip step 5. + + :::image type="content" source="./images/ent-mcc-script-new-switch.png" alt-text="Screenshot of the installer script running in PowerShell when a new switch is created." lightbox="./images/ent-mcc-script-new-switch.png"::: + +1. Rerun the script after the restart. This time, choose **No** when asked to create a new switch. Enter the number corresponding to the switch you previously created. + + :::image type="content" source="./images/ent-mcc-script-existing-switch.png" alt-text="Screenshot of the installer script running in PowerShell when using an existing switch." lightbox="./images/ent-mcc-script-existing-switch.png"::: + +1. Decide whether you would like to use dynamic or static address for the Eflow VM + + :::image type="content" source="./images/ent-mcc-script-dynamic-address.png" alt-text="Screenshot of the installer script running in PowerShell asking if you'd like to use a dynamic address." lightbox="./images/ent-mcc-script-dynamic-address.png"::: + + > [!NOTE] + > Choosing a dynamic IP address might assign a different IP address when the MCC restarts. A static IP address is recommended so you don't have to change this value in your management solution when MCC restarts. + +1. Choose where you would like to download, install, and store the virtual hard disk for EFLOW. You'll also be asked how much memory, storage, and how many cores you would like to allocate for the VM. For this example, we chose the default values for all prompts. + +1. Follow the Azure Device Login link and sign into the Azure portal. + + :::image type="content" source="./images/ent-mcc-script-device-code.png" alt-text="Screenshot of the installer script running in PowerShell displaying the code and URL to use for the Azure portal." lightbox="./images/ent-mcc-script-device-code.png"::: + +1. If this is your first MCC deployment, select **n** so that a new IoT Hub can be created. If you have already configured MCC before, choose **y** so that your MCCs are grouped in the same IoT Hub. + + 1. You'll be shown a list of existing IoT Hubs in your Azure Subscription. Enter the number corresponding to the IoT Hub to select it. **You'll likely have only 1 IoT Hub in your subscription, in which case you want to enter "1"** + + :::image type="content" source="./images/ent-mcc-script-select-hub.png" alt-text="Screenshot of the installer script running in PowerShell prompting you to select which IoT Hub to use." lightbox="./images/ent-mcc-script-select-hub.png"::: + :::image type="content" source="./images/ent-mcc-script-complete.png" alt-text="Screenshot of the installer script displaying the completion summary in PowerShell." lightbox="./images/ent-mcc-script-complete.png"::: + + +1. Your MCC deployment is now complete. + + 1. If you don't see any errors, continue to the next section to validate your MCC deployment. + 1. After validating your MCC is properly functional, review your management solution documentation, such as [Intune](/mem/intune/configuration/delivery-optimization-windows), to set the cache host policy to the IP address of your MCC. + 1. If you had errors during your deployment, see the [Common Issues](#common-issues) section in this article. + +## Verify proper functioning MCC server + +#### Verify Client Side + +Connect to the EFLOW VM and check if MCC is properly running: + +1. Open PowerShell as an Administrator. +2. Enter the following commands: + + ```powershell + Connect-EflowVm + sudo -s + iotedge list + ``` + + :::image type="content" source="./images/ent-mcc-connect-eflowvm.png" alt-text="Screenshot of running connect-EflowVm, sudo -s, and iotedge list from PowerShell." lightbox="./images/ent-mcc-connect-eflowvm.png"::: + +You should see MCC, edgeAgent, and edgeHub running. If you see edgeAgent or edgeHub but not MCC, try this command in a few minutes. The MCC container can take a few minutes to deploy. + +#### Verify server side + +For a validation of properly functioning MCC, execute the following command in the EFLOW VM or any device in the network. Replace with the IP address of the cache server. + +```powershell +wget [http:///mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com] +``` + +A successful test result will display a status code of 200 along with additional information. + +:::image type="content" source="./images/ent-mcc-verify-server-ssh.png" alt-text="Screenshot of a successful wget with an SSH client." lightbox="./images/ent-mcc-verify-server-ssh.png"::: + + :::image type="content" source="./images/ent-mcc-verify-server-powershell.png" alt-text="Screenshot of a successful wget using PowerShell." lightbox="./images/ent-mcc-verify-server-powershell.png"::: + +Similarly, enter the following URL from a browser in the network: + +`http:///mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com` + +If the test fails, see the [common issues](#common-issues) section for more information. + +### Intune (or other management software) configuration for MCC + +For an [Intune](/mem/intune/) deployment, create a **Configuration Profile** and include the Cache Host eFlow IP Address or FQDN: + +:::image type="content" source="./images/ent-mcc-intune-do.png" alt-text="Screenshot of Intune showing the Delivery Optimization cache server host names."::: + +## Common Issues + +#### PowerShell issues + +If you're seeing errors similar to this error: `The term Get- isn't recognized as the name of a cmdlet, function, script file, or operable program.` + +1. Ensure you're running Windows PowerShell version 5.x. + +1. Run \$PSVersionTable and ensure you're running version 5.x and *not version 6 or 7*. + +1. Ensure you have Hyper-V enabled: + + **Windows 10:** [Enable Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) + + **Windows Server:** [Install the Hyper-V role on Windows Server](/windows-server/virtualization/hyper-v/get-started/install-the-hyper-v-role-on-windows-server) + +#### Verify Running MCC Container + +Connect to the Connected Cache server and check the list of running IoT Edge modules using the following commands: + +```bash +Connect-EflowVm +sudo iotedge list +``` + +:::image type="content" source="./images/ent-mcc-iotedge-list.png" alt-text="Screenshot of the iotedge list command." lightbox="./images/ent-mcc-iotedge-list.png"::: + +If edgeAgent and edgeHub containers are listed, but not "MCC", you may view the status of the IoT Edge security manager using the command: + +```bash +sudo journalctl -u iotedge -f +``` + +For example, this command will provide the current status of the starting, stopping of a container, or the container pull and start. + +:::image type="content" source="./images/ent-mcc-journalctl.png" alt-text="Screenshot of the output from journalctl -u iotedge -f." lightbox="./images/ent-mcc-journalctl.png"::: + +Use this command to check the IoT Edge Journal + +```bash +sudo journalctl -u iotedge -f +``` + +> [!NOTE] +> You should consult the IoT Edge troubleshooting guide ([Common issues and resolutions for Azure IoT Edge](/azure/iot-edge/troubleshoot)) for any issues you may encounter configuring IoT Edge, but we've listed a few issues that we encountered during our internal validation. diff --git a/windows/deployment/do/mcc-enterprise-prerequisites.md b/windows/deployment/do/mcc-enterprise-prerequisites.md new file mode 100644 index 0000000000..705448742b --- /dev/null +++ b/windows/deployment/do/mcc-enterprise-prerequisites.md @@ -0,0 +1,53 @@ +--- +title: Requirements for Microsoft Connected Cache (MCC) for Enterprise and Education +manager: dougeby +description: Overview of requirements for Microsoft Connected Cache (MCC) for Enterprise and Education. +ms.prod: w10 +author: amymzhou +ms.localizationpriority: medium +ms.author: amyzhou +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Requirements of Microsoft Connected Cache for Enterprise and Education (early preview) + +**Applies to** + +- Windows 10 +- Windows 11 + +## Enterprise requirements for MCC + +1. **Azure subscription**: MCC management portal is hosted within Azure and is used to create the Connected Cache [Azure resource](/azure/cloud-adoption-framework/govern/resource-consistency/resource-access-management) and IoT Hub resource. Both are free services. + + Your Azure subscription ID is first used to provision MCC services, and enable access to the preview. The MCC server requirement for an Azure subscription will cost you nothing. If you don't have an Azure subscription already, you can create an Azure [Pay-As-You-Go](https://azure.microsoft.com/offers/ms-azr-0003p/) account, which requires a credit card for verification purposes. For more information, see the [Azure Free Account FAQ](https://azure.microsoft.com/free/free-account-faq/). + + The resources used for the preview and in the future when this product is ready for production will be free to you, like other caching solutions. + +2. **Hardware to host MCC**: The recommended configuration will serve approximately 35000 managed devices, downloading a 2 GB payload in 24-hour timeframe at a sustained rate of 6.5 Gbps. + + **EFLOW Requires Hyper-V support** + - On Windows client, enable the Hyper-V feature + - On Windows Server, install the Hyper-V role and create a default network switch + + Disk recommendations: + - Using an SSD is recommended as cache read speed of SSD is superior to HDD + + NIC requirements: + - Multiple NICs on a single MCC instance aren't supported. + - 1 Gbps NIC is the minimum speed recommended but any NIC is supported. + - For best performance, NIC and BIOS should support SR-IOV + + VM networking: + - An external virtual switch to support outbound and inbound network communication (created during the installation process) + +## Sizing recommendations + +| Component | Branch Office / Small Enterprise | Large Enterprise | +| -- | --- | --- | +| OS| Windows Server 2019*/2022
Windows 10*/11 (Pro or Enterprise) with Hyper-V Support

* Windows 10 and Windows Server 2019 build 17763 or later | Same | +|NIC | 1 Gbps | 5 Gbps | +|Disk | SSD
1 drive
50 GB each |SSD
1 drive
200 GB each | +|Memory | 4 GB | 8 GB | +|Cores | 4 | 8 | diff --git a/windows/deployment/do/mcc-enterprise-update-uninstall.md b/windows/deployment/do/mcc-enterprise-update-uninstall.md new file mode 100644 index 0000000000..60d0df68e3 --- /dev/null +++ b/windows/deployment/do/mcc-enterprise-update-uninstall.md @@ -0,0 +1,45 @@ +--- +title: Update or uninstall Microsoft Connected Cache for Enterprise and Education +manager: dougeby +description: Details on updating or uninstalling Microsoft Connected Cache (MCC) for Enterprise and Education. +ms.prod: w10 +author: amymzhou +ms.localizationpriority: medium +ms.author: amyzhou +ms.collection: M365-modern-desktop +ms.topic: article +--- +# Update or uninstall Microsoft Connected Cache for Enterprise and Education + +Throughout the preview phase, we'll send you security and feature updates for MCC. Follow these steps to perform the update. + +## Update MCC + +Run the following command with the **arguments** we provided in the email to update your MCC: + +```powershell +# .\updatemcc.ps1 version="**\**" tenantid="**\**" customerid="**\**" cachenodeid="**\**" customerkey="**\**" +``` + +For example: + +```powershell +# .\updatemcc.ps1 version="msconnectedcacheprod.azurecr.io/mcc/linux/iot/mcc-ubuntu-iot-amd64:1.2.1.659" tenantid="799a999aa-99a1-99aa-99aa-9a9aa099db99" customerid="99a999aa-99a1-99aa-99aa-9aaa9aaa0saa" cachenodeid=" aa99aaaa-999a-9aas-99aa99daaa99 " customerkey="a99d999a-aaaa-aa99-0999aaaa99a" +``` + +## Uninstall MCC + +Please contact the MCC Team before uninstalling to let us know if you're facing issues. + +This script will remove the following items: + +1. EFLOW + Linux VM +1. IoT Edge +1. Edge Agent +1. Edge Hub +1. MCC +1. Moby CLI +1. Moby Engine + +To delete MCC, go to Control Panel \> Uninstall a program \> Select Azure IoT +Edge LTS \> Uninstall diff --git a/windows/deployment/do/mcc-enterprise.md b/windows/deployment/do/mcc-enterprise.md deleted file mode 100644 index 2063ed9e6c..0000000000 --- a/windows/deployment/do/mcc-enterprise.md +++ /dev/null @@ -1,545 +0,0 @@ ---- -title: Microsoft Connected Cache for Enterprise and Education (private preview) -manager: dougeby -description: Details on Microsoft Connected Cache (MCC) for Enterprise and Education. -ms.prod: windows-client -author: carmenf -ms.localizationpriority: medium -ms.author: carmenf -ms.collection: M365-modern-desktop -ms.topic: article -ms.technology: itpro-updates ---- - -# Microsoft Connected Cache for Enterprise and Education (private preview) - -**Applies to** - -- Windows 10 -- Windows 11 - -## Overview - -> [!IMPORTANT] -> Microsoft Connected Cache is currently a private preview feature. During this phase we invite customers to take part in early access for testing purposes. This phase does not include formal support, and should not be used for production workloads. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/). - -Microsoft Connected Cache (MCC) preview is a software-only caching solution that delivers Microsoft content within Enterprise networks. MCC can be deployed to as many physical servers or VMs as needed, and is managed from a cloud portal. Cache nodes are created in the cloud portal and are configured by applying a client policy using your management tool, such as [Intune](/mem/intune/). - -MCC is a hybrid (a mix of on-premises and cloud resources) SaaS solution built as an Azure IoT Edge module; it's a Docker compatible Linux container that is deployed to your Windows devices. IoT Edge for Linux on Windows (EFLOW) was chosen because it's a secure, reliable container management infrastructure. EFLOW is a Linux virtual machine, based on Microsoft's first party CBL-Mariner operating system. It’s built with the IoT Edge runtime and validated as a tier 1 supported environment for IoT Edge workloads. MCC will be a Linux IoT Edge module running on the Windows Host OS. - -Even though your MCC scenario isn't related to IoT, Azure IoT Edge is used as a more generic Linux container, deployment, and management infrastructure. The Azure IoT Edge runtime sits on your designated MCC device and performs management and communication operations. The runtime performs the following important functions to manage MCC on your edge device: - -1. Installs and updates MCC on your edge device. -2. Maintains Azure IoT Edge security standards on your edge device. -3. Ensures that MCC is always running. -4. Reports MCC health and usage to the cloud for remote monitoring. - -To deploy a functional MCC to your device, you must obtain the necessary keys that will provision the Connected Cache instance to communicate with Delivery Optimization services and enable the device to cache and deliver content. See [figure 1](#fig1) below for a summary of the architecture of MCC, built using IoT Edge. - -For more information about Azure IoT Edge, see [What is Azure IoT Edge](/azure/iot-edge/about-iot-edge). - -## How MCC works - -The following steps describe how MCC is provisioned and used. - -1. The Azure Management Portal is used to create MCC nodes. -2. The MCC container is deployed and provisioned to a server using the installer provided in the portal. -3. Client policy is configured in your management solution to point to the IP address or FQDN of the cache server. -4. Microsoft end-user devices make range requests for content from the MCC node. -5. An MCC node pulls content from the CDN, seeds its local cache stored on disk, and delivers content to the client. -6. Subsequent requests from end-user devices for content come from the cache. - -If an MCC node is unavailable, the client will pull content from CDN to ensure uninterrupted service for your subscribers. - - - -![eMCC img01](images/emcc01.png) - -Figure 1: **MCC processes**. Each number in the diagram corresponds to the steps described above. - - -## Enterprise requirements for MCC - -1. **Azure subscription**: MCC management portal is hosted within Azure and is used to create the Connected Cache [Azure resource](/azure/cloud-adoption-framework/govern/resource-consistency/resource-access-management) and IoT Hub resource. Both are free services. - - Your Azure subscription ID is first used to provision MCC services, and enable access to the preview. The MCC server requirement for an Azure subscription will cost you nothing. If you do not have an Azure subscription already, you can create an Azure [Pay-As-You-Go](https://azure.microsoft.com/offers/ms-azr-0003p/) account which requires a credit card for verification purposes. For more information, see the [Azure Free Account FAQ](https://azure.microsoft.com/free/free-account-faq/). - - The resources used for the preview and in the future when this product is ready for production will be completely free to you, like other caching solutions. - -2. **Hardware to host MCC**: The recommended configuration will serve approximately 35000 managed devices, downloading a 2GB payload in 24-hour timeframe at a sustained rate of 6.5 Gbps. - - **EFLOW Requires Hyper-V support** - - On Windows client, enable the Hyper-V feature - - On Windows Server, install the Hyper-V role and create a default network switch - - Disk recommendations: - - Using an SSD is recommended as cache read speed of SSD is superior to HDD - - NIC requirements: - - Multiple NICs on a single MCC instance aren't supported. - - 1 Gbps NIC is the minimum speed recommended but any NIC is supported. - - For best performance, NIC and BIOS should support SR-IOV - - VM networking: - - An external virtual switch to support outbound and inbound network communication (created during the installation process) - -### Sizing recommendations - -| Component | Branch Office / Small Enterprise | Large Enterprise | -| -- | --- | --- | -| OS| Windows Server 2019*/2022
Windows 10*/11 (Pro or Enterprise) with Hyper-V Support

* Windows 10 and Windows Server 2019 build 17763 or later | Same | -|NIC | 1 Gbps | 5 Gbps | -|Disk | SSD
1 drive
50GB each |SSD
1 drive
200GB each | -|Memory | 4GB | 8GB | -|Cores | 4 | 8 | - -## Steps to deploy MCC - -To deploy MCC to your server: - -1. [Provide Microsoft with the Azure subscription ID](#provide-microsoft-with-the-azure-subscription-id) -2. [Create the MCC Resource in Azure](#create-the-mcc-resource-in-azure) -3. [Create an MCC Node](#create-an-mcc-node-in-azure) -4. [Edit Cache Node Information](#edit-cache-node-information) -5. [Install MCC on a physical server or VM](#install-mcc-on-windows) -6. [Verify proper functioning MCC server](#verify-proper-functioning-mcc-server) -7. [Review common Issues](#common-issues) if needed. - -For questions regarding these instructions contact [msconnectedcache@microsoft.com](mailto:msconnectedcache@microsoft.com) - -### Provide Microsoft with the Azure Subscription ID - -As part of the MCC preview onboarding process an Azure subscription ID must be provided to Microsoft. - -> [!IMPORTANT] -> [Take this survey](https://aka.ms/MSConnectedCacheSignup) and provide your Azure subscription ID and contact information to be added to the allowlist for this preview. You will not be able to proceed if you skip this step. - -For information about creating or locating your subscription ID, see [Steps to obtain an Azure Subscription ID](#steps-to-obtain-an-azure-subscription-id). - -### Create the MCC resource in Azure - -The MCC Azure management portal is used to create and manage MCC nodes. An Azure Subscription ID is used to grant access to the preview and to create the MCC resource in Azure and Cache nodes. - -Once you take the survey above and the MCC team adds your subscription ID to the allowlist, you will be given a link to the Azure portal where you can create the resource described below. - -1. On the Azure portal home page, choose **Create a resource**: - ![eMCC img02](images/emcc02.png) - -2. Type **Microsoft Connected Cache** into the search box, and hit **Enter** to show search results. - -> [!NOTE] -> You'll not see Microsoft Connected Cache in the drop-down list. You need to type it and press enter to see the result. - -3. Select **Microsoft Connected Cache** and choose **Create** on the next screen to start the process of creating the MCC resource. - - ![eMCC img03](images/emcc03.png) - ![eMCC img04](images/emcc04.png) - -4. Fill in the required fields to create the MCC resource. - - - Choose the subscription that you provided to Microsoft. - - Azure resource groups are logical groups of resources. Create a new resource group and choose a name for your resource group. - - Choose **(US) West US** for the location of the resource. This choice will not impact MCC if the physical location isn't in the West US, it's just a limitation of the preview. - - > [!NOTE] - > Your MCC resource will not be created properly if you do not select **(US) West US** - - - Choose a name for the MCC resource. - - > [!NOTE] - > Your MCC resource must not contain the word **Microsoft** in it. - - ![eMCC img05](images/emcc05.png) - -5. Once all the information has been entered, click the **Review + Create** button. Once validation is complete, click the **Create** button to start the - resource creation. - - ![eMCC img06](images/emcc06.png) - -#### Error: Validation failed - -- If you get a Validation failed error message on your portal, it's likely because you selected the **Location** as **US West 2** or some other location that isn't **(US) West US**. -- To resolve this error, go to the previous step and choose **(US) West US**. - - ![eMCC img07](images/emcc07.png) - -### Create an MCC node in Azure - -Creating an MCC node is a multi-step process and the first step is to access the MCC private preview management portal. - -1. After the successful resource creation click on the **Go to resource**. -2. Under **Cache Node Management** section on the leftmost panel, click on **Cache Nodes**. - - ![eMCC img08](images/emcc08.png) - -3. On the **Cache Nodes** blade, click on the **Create Cache Node** button. - - ![eMCC img09](images/emcc09.png) - -4. Clicking the **Create Cache Node** button will open the **Create Cache Node** page; **Cache Node Name** is the only field required for cache node creation. - -| **Field Name** | **Expected Value** | **Description** | -|---------------------|--------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------| -| **Cache Node Name** | Alphanumeric name that includes no spaces. | The name of the cache node. You may choose names based on location like Seattle-1. This name must be unique and cannot be changed later. | - -5. Enter the information for the **Cache Node** and click the **Create** button. - -![eMCC img9.5](images/emcc09.5.png) - -If there are errors, the form will provide guidance on how to correct the errors. - -Once the MCC node has been created, the installer instructions will be exposed. More details on the installer instructions will be addressed later in this article, in the [Install Connected Cache](#install-mcc-on-windows) section. - -![eMCC img10](images/emcc10.png) - -#### Edit cache node information - -Cache nodes can be deleted here by clicking the check box to the left of a **Cache Node Name** and then clicking the delete toolbar item. Be aware that if a cache node is deleted, there is no way to recover the cache node or any of the information related to the cache node. - -![eMCC img11](images/emcc11.png) - -### Install MCC on Windows - -Installing MCC on your Windows device is a simple process. A PowerShell script performs the following tasks: - - - Installs the Azure CLI - - Downloads, installs, and deploys EFLOW - - Enables Microsoft Update so EFLOW can stay up to date - - Creates a virtual machine - - Enables the firewall and opens ports 80 and 22 for inbound and outbound traffic. Port 80 is used by MCC, and port 22 is used for SSH communications. - - Configures Connected Cache tuning settings. - - Creates the necessary *FREE* Azure resource - IoT Hub/IoT Edge. - - Deploys the MCC container to server. - -#### Run the installer - -1. Download and unzip mccinstaller.zip from the create cache node page or cache node configuration page which contains the necessary installation files. - - ![eMCC img12](images/emcc12.png) - -Files contained in the mccinstaller.zip file: - - - **installmcc.ps1**: Main installer file. - - **installEflow.ps1**: Installs the necessary prerequisites such as the Linux VM, IoT Edge runtime, and Docker, and makes necessary host OS settings to optimize caching performance. - - **resourceDeploymentForConnectedCache.ps1**: Creates Azure cloud resources required to support MCC control plane. - - **mccdeployment.json**: Deployment manifest used by IoT Edge to deploy the MCC container and configure settings on the container, such as cache drive location sizes. - - **updatemcc.ps1**: The update script used to upgrade MCC to a particular version. - - **mccupdate.json**: Used as part of the update script - -1. Open Windows PowerShell as administrator and navigate to the location of these files. - -> [!NOTE] -> Ensure that Hyper-V is enabled on your device. -> Do not use PowerShell ISE, PowerShell 6.x, or PowerShell 7.x. Only Windows PowerShell version 5.x is supported. - - **Windows 10:** [Enable Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) - - **Windows Server:** [Install the Hyper-V role on Windows Server](/windows-server/virtualization/hyper-v/get-started/install-the-hyper-v-role-on-windows-server) - -#### If you're installing MCC on a local virtual machine: - -1. Enable Nested Virtualization - - ```powershell - Set-VMProcessor -VMName "VM name" -ExposeVirtualizationExtensions $true - ``` -2. Enable Mac Spoofing - ```powershell - Get-VMNetworkAdapter -VMName "VM name" | Set-VMNetworkAdapter -MacAddressSpoofing On - ``` - **Virtual machine should be in the OFF state while enabling Nested Virtualization and Mac Spoofing** - -3. Set the execution policy - - ```powershell - Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process - ``` - > [!NOTE] - > After setting the execution policy, you'll see a warning asking if you wish to change the execution policy. Choose **[A] Yes to All**. - -4. Copy the command from the portal and run it in Windows PowerShell - - ![eMCC img13](images/emcc13.png) - - > [!NOTE] - > After running the command, and multiple times throughout the installation process, you'll receive the following notice. **Please select [R] Run once to proceed**. - >
- >
Security warning - >
Run only scripts that you trust. While scripts from the internet can be useful, this script can potentially harm your computer. If you trust this script, use the Unblock-File cmdlet to allow the script to run without this warning message. Do you want to run C:\\Users\\mccinstaller\\Eflow\\installmcc.ps1? - >
- >
[D] Do not run **[R] Run once** [S] Suspend [?] Help (default is "D"): - -3. Choose whether you would like to create a new virtual switch or select an existing one. Name your switch and select the Net Adapter to use for the switch. A computer restart will be required if you're creating a new switch. - - > [!NOTE] - > Restarting your computer after creating a switch is recommended. You'll notice network delays during installation if the computer has not been restarted. - - If you restarted your computer after creating a switch, start from Step 2 above and skip step 5. - - ![eMCC img14](images/emcc14.png) - -4. Re-run the script after the restart. This time, choose **No** when asked to create a new switch. Enter the number corresponding to the switch you previously created. - - ![eMCC img15](images/emcc15.png) - -5. Decide whether you would like to use dynamic or static address for the Eflow VM - - ![eMCC img16](images/emcc16.png) - - > [!NOTE] - > Choosing a dynamic IP address might assign a different IP address when the MCC restarts. - >
A static IP address is recommended so you do not have to change this value in your management solution when MCC restarts. - -6. Choose where you would like to download, install, and store the virtual hard disk for EFLOW. You'll also be asked how much memory, storage, and cores you would like to allocate for the VM. In this example, we chose the default values for all prompts. - -7. Follow the Azure Device Login link and sign into the Azure portal. - - ![eMCC img17](images/emcc17.png) - -8. If this is your first MCC deployment, please select **n** so that a new IoT Hub can be created. If you have already configured MCC before, choose **y** so that your MCCs are grouped in the same IoT Hub. - - 1. You'll be shown a list of existing IoT Hubs in your Azure Subscription; Enter the number corresponding to the IoT Hub to select it. **You'll likely have only 1 IoT Hub in your subscription, in which case you want to enter “1”** - - ![eMCC img18](images/emcc18.png) - ![eMCC img19](images/emcc19.png) - -9. Your MCC deployment is now complete. - - 1. If you do not see any errors, please continue to the next section to validate your MCC deployment. - 2. After validating your MCC is properly functional, please review your management solution documentation, such as [Intune](/mem/intune/configuration/delivery-optimization-windows), to set the cache host policy to the IP address of your MCC. - 3. If you had errors during your deployment, see the [Troubleshooting](#troubleshooting) section in this article. - -### Verify proper functioning MCC server - -#### Verify Client Side - -Connect to the EFLOW VM and check if MCC is properly running: - -1. Open PowerShell as an Administrator -2. Enter the following commands: - -```powershell -Connect-EflowVm -sudo -s -iotedge list -``` - -![eMCC img20](images/emcc20.png) - -You should see MCC, edgeAgent, and edgeHub running. If you see edgeAgent or edgeHub but not MCC, please try this command in a few minutes. The MCC container can take a few minutes to deploy - -#### Verify server side - -For a validation of properly functioning MCC, execute the following command in the EFLOW VM or any device in the network. Replace with the IP address of the cache server. - -```powershell -wget [http:///mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com] -``` - -A successful test result will look like this: - -![eMCC img21](images/emcc21.png) - -OR - -![eMCC img22](images/emcc22.png) - -Similarly, enter this URL from a browser in the network: - -[http://YourCacheServerIP/mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com]() - -If the test fails, see the common issues section for more information. - -### Intune (or other management software) configuration for MCC - -For an Intune deployment, create a Configuration Profile and include the Cache Host eFlow IP Address or FQDN: - -![eMCC img23](images/emcc23.png) - -### Common Issues - -#### PowerShell issues - -If you're seeing errors similar to this: “The term ‘Get-Something’ isn't recognized as the name of a cmdlet, function, script file, or operable program.” - -1. Ensure you're running Windows PowerShell version 5.x. - -2. Run \$PSVersionTable and ensure you’re running version 5.x and *not version 6 or 7*. - -3. Ensure you have Hyper-V enabled: - - **Windows 10:** [Enable Hyper-V on Windows 10](/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v) - - **Windows Server:** [Install the Hyper-V role on Windows Server](/windows-server/virtualization/hyper-v/get-started/install-the-hyper-v-role-on-windows-server) - -#### Verify Running MCC Container - -Connect to the Connected Cache server and check the list of running IoT Edge modules using the following commands: - -```bash -Connect-EflowVm -sudo iotedge list​ -``` - -![eMCC img24](images/emcc24.png) - -If edgeAgent and edgeHub containers are listed, but not “MCC”, you may view the status of the IoT Edge security manager using the command: - -```bash -sudo journalctl -u iotedge -f -``` - -For example, this command will provide the current status of the starting, stopping of a container, or the container pull and start as is shown in the sample below: - -![eMCC img25](images/emcc25.png) - -Use this command to check the IoT Edge Journal - -```bash -sudo journalctl -u iotedge –f -``` - -Please note: You should consult the IoT Edge troubleshooting guide ([Common issues and resolutions for Azure IoT Edge](/azure/iot-edge/troubleshoot)) for any issues you may encounter configuring IoT Edge, but we have listed a few issues below that we hit during our internal validation. - -## Diagnostics Script - -If you're having issues with your MCC, we included a diagnostics script which will collect all your logs and zip them into a single file. You can then send us these logs via email for the MCC team to debug. - -To run this script: - -1. Navigate to the following folder in the MCC installation files: - - mccinstaller \> Eflow \> Diagnostics - -2. Run the following commands: - -```powershell -Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -.\collectMccDiagnostics.ps1 -``` - -3. The script stores all the debug files into a folder and then creates a tar file. After the script is finished running, it will output the path of the tar file which you can share with us (should be “**\**\\mccdiagnostics\\support_bundle_\$timestamp.tar.gz”) - -4. [Email the MCC team](mailto:mccforenterprise@microsoft.com?subject=Debugging%20Help%20Needed%20for%20MCC%20for%20Enterprise) and attach this file asking for debugging support. Screenshots of the error along with any other warnings you saw will be helpful during out debugging process. - -## Update MCC - -Throughout the private preview phase, we will send you security and feature updates for MCC. Please follow these steps to perform the update. - -Run the following command with the **arguments** we provided in the email to update your MCC: - -```powershell -# .\updatemcc.ps1 version="**\**" tenantid="**\**" customerid="**\**" cachenodeid="**\**" customerkey="**\**" -``` -For example: -```powershell -# .\updatemcc.ps1 version="msconnectedcacheprod.azurecr.io/mcc/linux/iot/mcc-ubuntu-iot-amd64:1.2.1.659" tenantid="799a999aa-99a1-99aa-99aa-9a9aa099db99" customerid="99a999aa-99a1-99aa-99aa-9aaa9aaa0saa" cachenodeid=" aa99aaaa-999a-9aas-99aa99daaa99 " customerkey="a99d999a-aaaa-aa99-0999aaaa99a” -``` - -## Uninstall MCC - -Please contact the MCC Team before uninstalling to let us know if you're facing -issues. - -This script will remove the following: - -1. EFLOW + Linux VM -2. IoT Edge -3. Edge Agent -4. Edge Hub -5. MCC -6. Moby CLI -7. Moby Engine - -To delete MCC, go to Control Panel \> Uninstall a program \> Select Azure IoT -Edge LTS \> Uninstall - -## Appendix - -### Steps to obtain an Azure Subscription ID - -1. Sign in to https://portal.azure.com/ and navigate to the Azure services section. -2. Click on **Subscriptions**. If you do not see **Subscriptions**, click on the **More Services** arrow and search for **Subscriptions**. -3. If you already have an Azure Subscription, skip to step 5. If you do not have an Azure Subscription, select **+ Add** on the top left. -4. Select the **Pay-As-You-Go** subscription. You'll be asked to enter credit card information, but you'll not be charged for using the MCC service. -5. On the **Subscriptions** blade, you'll find details about your current subscription. Click on the subscription name. -6. After you select the subscription name, you'll find the subscription ID in the **Overview** tab. Click on the **Copy to clipboard** icon next to your Subscription ID to copy the value. - -### Troubleshooting - -If you’re not able to sign up for a Microsoft Azure subscription with the error: **Account belongs to a directory that cannot be associated with an Azure subscription. Please sign in with a different account.** See [Can't sign up for a Microsoft Azure subscription](/troubleshoot/azure/general/cannot-sign-up-subscription). - -Also see [Troubleshoot issues when you sign up for a new account in the Azure portal](/azure/cost-management-billing/manage/troubleshoot-azure-sign-up). - -### IoT Edge runtime - -The Azure IoT Edge runtime enables custom and cloud logic on IoT Edge devices. -The runtime sits on the IoT Edge device, and performs management and -communication operations. The runtime performs several functions: - -- Installs and update workloads (Docker containers) on the device. -- Maintains Azure IoT Edge security standards on the device. -- Ensures that IoT Edge modules (Docker containers) are always running. -- Reports module (Docker containers) health to the cloud for remote monitoring. -- Manages communication between an IoT Edge device and the cloud. - -For more information on Azure IoT Edge, please see the [Azure IoT Edge documentation](/azure/iot-edge/about-iot-edge). - -### EFLOW - -- [What is Azure IoT Edge for Linux on Windows](/azure/iot-edge/iot-edge-for-linux-on-windows) -- [Install Azure IoT Edge for Linux on Windows](/azure/iot-edge/how-to-provision-single-device-linux-on-windows-symmetric#install-iot-edge) -- [PowerShell functions for Azure IoT Edge for Linux on Windows](/azure/iot-edge/reference-iot-edge-for-linux-on-windows-functions) -- EFLOW FAQ and Support: [Support · Azure/iotedge-eflow Wiki (github.com)](https://github.com/Azure/iotedge-eflow/wiki/Support#how-can-i-apply-updates-to-eflow) -- [Now ready for Production: Linux IoT Edge Modules on Windows - YouTube](https://www.youtube.com/watch?v=pgqVCg6cxVU&ab_channel=MicrosoftIoTDevelopers) - -### Routing local Windows Clients to an MCC - -#### Get the IP address of your MCC using ifconfig - -There are multiple methods that can be used to apply a policy to PCs that should participate in downloading from the MCC. - -##### Registry Key - -You can either set your MCC IP address or FQDN using: - -1. Registry Key in 1709 and higher - - [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization]
- "DOCacheHost"=" " - - From an elevated command prompt: - - ``` - reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /v DOCacheHost /t REG_SZ /d "10.137.187.38" /f - ``` - -2. MDM Path in 1809 or higher: - - .Vendor/MSFT/Policy/Config/DeliveryOptimization/DOCacheHost - -3. In Windows release version 1809 and later, you can apply the policy via Group Policy Editor. The policy to apply is **DOCacheHost**. To configure the clients to pull content from the MCC using Group Policy, set the Cache Server Hostname (Setting found under Computer Configuration, Administrative Templates, Windows Components, Delivery Optimization) to the IP address of your MCC. For example 10.137.187.38. - - ![eMCC img26](images/emcc26.png) - -**Verify Content using the DO Client** - -To verify that the Delivery Optimization client can download content using MCC, you can use the following steps: - -1. Download a game or application from the Microsoft Store. - - ![eMCC img27](images/emcc27.png) - -2. Verify downloads came from MCC by one of two methods: - - - Using PowerShell Cmdlet Get-DeliveryOptimizationStatus you should see BytesFromCacheServer test - - ![eMCC img28](images/emcc28.png) - - - Looking at the Delivery Optimization Activity Monitor - - ![eMCC img29](images/emcc29.png) - -## Also see - -[Microsoft Connected Cache for ISPs](mcc-isp.md)
-[Introducing Microsoft Connected Cache](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-microsoft-connected-cache-microsoft-s-cloud-managed/ba-p/963898) diff --git a/windows/deployment/do/mcc-isp-cache-node-configuration.md b/windows/deployment/do/mcc-isp-cache-node-configuration.md new file mode 100644 index 0000000000..ae5404b2ae --- /dev/null +++ b/windows/deployment/do/mcc-isp-cache-node-configuration.md @@ -0,0 +1,43 @@ +--- +title: Cache node configuration +manager: aaroncz +description: Configuring a cache node on Azure portal +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +ms.mktglfcycl: deploy +audience: itpro +author: amyzhou +ms.localizationpriority: medium +ms.author: amyzhou +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Cache node configuration + +All cache node configuration will take place within Azure portal. This article outlines all of the settings that you'll be able to configure. + +## Settings + +| Field Name | Expected Value| Description | +| -- | --- | --- | +| **Cache node name** | Alphanumeric string that contains no spaces | The name of the cache node. You may choose names based on location like Seattle-1. This name must be unique and can't be changed later. | +| **Server IP address** | IPv4 address | IP address of your MCC server. This address is used to route end-user devices in your network to the server for Microsoft content downloads. The IP address must be publicly accessible. | +| **Max allowable egress (Mbps)** | Integer in Mbps | The maximum egress (Mbps) of your MCC based on the specifications of your hardware. For example, 10,000 Mbps.| +| **Enable cache node** | Enable or Disable | You can choose to enable or disable a cache node at any time. | + +## Storage + +| Field Name | Expected Value| Description | +| -- | --- | --- | +| **Cache drive** | File path string | Up to 9 drives can be configured for each cache node to configure cache storage. Enter the file path to each drive. For example: /dev/folder/ | +| **Cache drive size in gigabytes** | Integer in GB | Set the size of each drive configured for the cache node. | + +## Client routing + +| Field Name | Expected Value| Description | +| -- | --- | --- | +| **Manual routing - Address range/CIDR blocks** | IPv4 CIDR notation | The IP address range (CIDR blocks) that should be routed to the MCC server as a comma separated list. For example: 2.21.234.0/24, 3.22.235.0/24, 4.23.236.0/24 | +| **BGP - Neighbor ASN** | ASN | When configuring BGP, enter the ASN(s) of your neighbors that you want to establish. | +| **BGP - Neighbor IP address** | IPv4 address | When configuring BGP, enter the IP address(es) of neighbors that you want to establish. | + diff --git a/windows/deployment/do/mcc-isp-create-provision-deploy.md b/windows/deployment/do/mcc-isp-create-provision-deploy.md new file mode 100644 index 0000000000..e41c225b67 --- /dev/null +++ b/windows/deployment/do/mcc-isp-create-provision-deploy.md @@ -0,0 +1,148 @@ +--- +title: Create, provision, and deploy the cache node in Azure portal +manager: aaroncz +description: Instructions for creating, provisioning, and deploying Microsoft Connected Cache for ISP on Azure portal +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +ms.mktglfcycl: deploy +audience: itpro +author: nidos +ms.localizationpriority: medium +ms.author: nidos +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Create, Configure, provision, and deploy the cache node in Azure portal + +**Applies to** + +- Windows 10 +- Windows 11 + +This article outlines how to create, provision, and deploy your Microsoft Connected Cache nodes. The creation and provisioning of your cache node takes place in Azure portal. The deployment of your cache node will require downloading an installer script that will be run on your cache server. + +> [!IMPORTANT] +> Before you can create your Microsoft Connected Cache, you will need to complete the [sign up process](mcc-isp-signup.md). You cannot proceed without signing up for our service. + +## Create cache node + +1. Open [Azure portal](https://www.portal.azure.com) and navigate to the **Microsoft Connected Cache** resource. + +1. Navigate to **Settings** > **Cache nodes** and select **Create Cache Node**. + +1. Provide a name for your cache node and select **Create** to create your cache node. + +## Configure cache node + +During the configuration of your cache node, there are many fields for you to configure your cache node. To learn more about the definitions of each field, review the [Configuration fields](#general-configuration-fields) at the bottom of this article. + +### Client routing + +Before serving traffic to your customers, client routing configuration is needed. During the configuration of your cache node in Azure portal, you'll be able to route your clients to your cache node. + +Microsoft Connected Cache offers two ways for you to route your clients to your cache node. The first method of manual entry involves uploading a comma-separated list of CIDR blocks that represents the clients. The second method of setting BGP (Border Gateway Protocol) is more automatic and dynamic, which is set up by establishing neighborships with other ASNs. All routing methods are set up within Azure portal. + +Once client routing and other settings are configured, your cache node will be able to download content and serve traffic to your customers. + +At this time, only IPv4 addresses are supported. IPv6 addresses aren't supported. + +#### Manual routing + +You can manually upload a list of your CIDR blocks in Azure portal to enable manual routing of your customers to your cache node. + +#### BGP routing + +BGP (Border Gateway Protocol) routing is another method offered for client routing. BGP dynamically retrieves CIDR ranges by exchanging information with routers to understand reachable networks. For an automatic method of routing traffic, you can choose to configure BGP routing in Azure portal. + +1. Navigate to **Settings** > **Cache nodes**. Select the cache node you wish to provision. + + :::image type="content" source="images/mcc-isp-provision-cache-node-numbered.png" alt-text="Screenshot of the Azure portal depicting the cache node configuration page of a cache node. This screenshot shows all of the fields you can choose to configure the cache node." lightbox="./images/mcc-isp-provision-cache-node-numbered.png"::: + +1. Enter the max allowable egress that your hardware can support. + +1. Under **Cache storage**, specify the location of the cache drives to store content along with the size of the cache drives in Gigabytes. +**Note:** Up to nine cache drives are supported. + +1. Under **Routing information**, select the routing method you would like to use. For more information, see [Client routing](#client-routing). + + - If you choose **Manual routing**, enter your address range/CIDR blocks. + - If you choose **BGP routing**, enter the ASN and IP addresses of the neighborship. + > [!NOTE] + > **Prefix count** and **IP Space** will stop displaying `0` when BGP is successfully established. + +## Deploy cache node software to server + +Once the user executes the cache server provisioning script, resources are created behind the scenes resulting in the successful cache node installation. The script takes the input of different IDs outlined below to register the server as an Azure IoT Edge device. Even though Microsoft Connected Cache scenario isn't related to IoT, Azure IoT Edge is installed for container management and communication operation purposes. + +### Components installed during provisioning + +#### IoT Edge + +IoT Edge performs several functions important to manage MCC on your edge device: + +1. Installs and updates MCC on your edge device. +1. Maintains Azure IoT Edge security standards on your edge device. +1. Ensures that MCC is always running. +1. Reports MCC health and usage to the cloud for remote monitoring. + +#### Docker container engine + +Azure IoT Edge relies on an OCI-compatible container runtime. The Moby engine is the only container engine officially supported with IoT Edge and is installed as part of the server provisioning process. + +### Components of the device provisioning script + +There are five IDs that the device provisioning script takes as input in order to successfully provision and install your cache server. The provisioning script will automatically include these keys, with no input necessary from the user. + +| ID | Description | +|---|---| +| Customer ID | A unique alphanumeric ID that the cache nodes are associated with. | +| Cache node ID | The unique alphanumeric ID of the cache node being provisioned. | +| Customer Key | The unique alphanumeric ID that provides secure authentication of the cache node to Delivery Optimization services. | +| Cache node name | The name of the cache node. | +| Tenant ID | The unique ID associated with the Azure account. | + +:::image type="content" source="images/mcc-isp-deploy-cache-node-numbered.png" alt-text="Screenshot of the server provisioning tab within cache node configuration in Azure portal."::: + +1. After completing cache node provisioning, navigate to the **Server provisioning** tab. Select **Download provisioning package** to download the installation package to your server. + +1. Open a terminal window in the directory where you would like to deploy your cache node and run the following command to change the access permission to the Bash script: + + ```bash + sudo chmod +x provisionmcc.sh + ``` + +1. Copy and paste the script command line shown in the Azure portal. + +1. Run the script in your server terminal for your cache node by . The script may take a few minutes to run. If there were no errors, you have set up your cache node successfully. To verify the server is set up correctly, follow the [verification steps](mcc-isp-verify-cache-node.md). + + > [!NOTE] + > The same script can be used to provision multiple cache nodes, but the command line is unique per cache node. Additionally, if you need to reprovision your server or provision a new server or VM for the cache node, you must copy the command line from the Azure portal again as the "registrationkey" value is unique for each successful execution of the provisioning script. + +### General configuration fields + +| Field Name | Expected Value| Description | +|---|---|---| +| **Cache node name** | Alphanumeric string that contains no spaces | The name of the cache node. You may choose names based on location like Seattle-1. This name must be unique and can't be changed later. | +| **Server IP address** | IPv4 address | IP address of your MCC server. This address is used to route end-user devices in your network to the server for Microsoft content downloads. The IP address must be publicly accessible. | +| **Max allowable egress (Mbps)** | Integer in Mbps | The maximum egress (Mbps) of your MCC based on the specifications of your hardware. For example, 10,000 Mbps.| +| **Enable cache node** | Enable or Disable | You can choose to enable or disable a cache node at any time. | + +### Storage fields + +> [!IMPORTANT] +> All cache drives must have read/write permissions set or the cache node will not function. +> For example, in a terminal you can run: `sudo chmod 777 /path/to/cachedrive` + +| Field Name | Expected Value| Description | +|---|---|---| +| **Cache drive** | File path string | Up to 9 drives can be configured for each cache node to configure cache storage. Enter the file path to each drive. For example: `/dev/folder/` Each cache drive should have read/write permissions configured. | +| **Cache drive size in gigabytes** | Integer in GB | Set the size of each drive configured for the cache node. | + +### Client routing fields + +| Field Name | Expected Value| Description | +|---|---|---| +| **Manual routing - Address range/CIDR blocks** | IPv4 CIDR notation | The IP address range (CIDR blocks) that should be routed to the MCC server as a comma separated list. For example: 2.21.234.0/24, 3.22.235.0/24, 4.23.236.0/24 | +| **BGP - Neighbor ASN** | ASN | When configuring BGP, enter the ASN(s) of your neighbors that you want to establish. | +| **BGP - Neighbor IP address** | IPv4 address | When configuring BGP, enter the IP address(es) of neighbors that you want to establish. | diff --git a/windows/deployment/do/mcc-isp-faq.yml b/windows/deployment/do/mcc-isp-faq.yml new file mode 100644 index 0000000000..19f6da7226 --- /dev/null +++ b/windows/deployment/do/mcc-isp-faq.yml @@ -0,0 +1,83 @@ +### YamlMime:FAQ +metadata: + title: Microsoft Connected Cache Frequently Asked Questions + description: The following article is a list of frequently asked questions for Microsoft Connected Cache. + ms.sitesec: library + ms.pagetype: security + ms.localizationpriority: medium + author: amymzhou + ms.author: amymzhou + manager: aaroncz + audience: ITPro + ms.collection: + - M365-security-compliance + - highpri + ms.topic: faq + ms.date: 09/30/2022 + ms.custom: seo-marvel-apr2020 +title: Microsoft Connected Cache Frequently Asked Questions +summary: | + **Applies to** + - Windows 10 + - Windows 11 + +sections: + - name: Ignored + questions: + - question: Is this product a free service? + answer: Yes. Microsoft Connected Cache is a free service. + - question: What will Microsoft Connected Cache do for me? How will it impact our customers? + answer: As an ISP, your network can benefit from reduced load on your backbone and improve customer download experience for supported Microsoft static content. It will also help you save on CDN costs. + - question: Is there a non-disclosure agreement to sign? + answer: No, a non-disclosure agreement isn't required. + - question: What are the prerequisites and hardware requirements? + answer: | + - Azure subscription + - Hardware to host Microsoft Connected Cache: + + + [!INCLUDE [Microsoft Connected Cache Prerequisites](includes/mcc-prerequisites.md)] + + We have one customer who is able to achieve 40-Gbps egress rate using the following hardware specification: + - Dell PowerEdge R330 + - 2 x Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.40 GHz, total 32 core + - 48 GB, Micron Technology 18ASF1G72PDZ-2G1A1, Speed: 2133 MT/s + - 4 - Transcend SSD230s 1 TB SATA Drives + Intel Corporation Ethernet 10G 2P X520 Adapter (Link Aggregated) + - question: Will I need to provide hardware BareMetal server or VM? + answer: Microsoft Connected Cache is a software-only caching solution and will require you to provide your own server to host the software. + - question: Can we use hard drives instead of SSDs? + answer: We highly recommend using SSDs as Microsoft Connected Cache is a read intensive application. We also recommend using multiple drives to improve performance. + - question: Will I need to manually enter the CIDR blocks? If I have multiple cache nodes, should I configure a subset of CIDR blocks to each cache node? + answer: You can choose to route your traffic using manual CIDR blocks or BGP. If you have multiple Microsoft Connected Cache(s), you can allocate subsets of CIDR blocks to each cache node if you wish. However, since Microsoft Connected Cache has automatic load balancing, we recommend adding all of your traffic to all of your cache nodes. + - question: Should I add any load balancing mechanism? + answer: You don't need to add any load balancing. Our service will take care of routing traffic if you have multiple cache nodes serving the same CIDR blocks based on the reported health of the cache node. + - question: How many Microsoft Connected Cache instances will I need? How do we set up if we support multiple countries? + answer: As stated in the table above, the recommended configuration will achieve near the maximum possible egress of 40 Gbps with a two-port link aggregated NIC and four cache drives. We have a feature coming soon that will help you estimate the number of cache nodes needed. If your ISP spans multiple countries, you can set up separate cache nodes per country. + - question: Where should we install Microsoft Connected Cache? + answer: You are in control of your hardware and you can pick the location based on your traffic and end customers. You can choose the location where you have your routers or where you have dense traffic or any other parameters. + - question: How long would a piece of content live within the Microsoft Connected Cache? Is content purged from the cache? + answer: Once a request for said content is made, NGINX will look at the cache control headers from the original acquisition. If that content has expired, NGINX will continue to serve the stale content while it's downloading the new content. We cache the content for 30 days. The content will be in the hot cache path (open handles and such) for 24 hrs, but will reside on disk for 30 days. The drive fills up and nginx will start to delete content based on its own algorithm, probably some combination of least recently used. + - question: What content is cached by Microsoft Connected Cache? + answer: For more information about content cached, see [Delivery Optimization and Microsoft Connected Cache content endpoints - Windows Deployment](delivery-optimization-endpoints.md). + - question: Does Microsoft Connected Cache support Xbox or Teams content? + answer: Currently, Microsoft Connected Cache doesn't support Xbox or Teams content. However, supporting Xbox content is of high priority, and we expect this feature soon. We'll let you know as soon as it becomes available! + - question: Is IPv6 supported? + answer: No, we don't currently support IPV6. We plan to support it in the future. + - question: Is Microsoft Connected Cache stable and reliable? + answer: We have already successfully onboarded ISPs in many countries around the world and have received positive feedback! However, you can always start off with a portion of your CIDR blocks to test out the performance of MCC before expanding to more customers. + - question: How does Microsoft Connected Cache populate its content? + answer: Microsoft Connected Cache is a cold cache warmed by client requests. The client requests content and that is what fills up the cache. There's no off-peak cache fill necessary. Microsoft Connected Cache will reach out to different CDN providers just like a client device would. The traffic flow from Microsoft Connected Cache will vary depending on how you currently transit to each of these CDN providers. The content can come from third party CDNs or from AFD. + - question: What do I do if I need more support and have more questions even after reading this FAQ page? + answer: For further support for Microsoft Connected Cache, visit [Troubleshooting Issues for Microsoft Connected Cache for ISP (public preview)](mcc-isp-support.md). + - question: What CDNs will Microsoft Connected Cache pull content from? + answer: | + Microsoft relies on a dynamic mix of 1st and 3rd party CDN providers to ensure enough capacity, redundancy, and performance for the delivery of Microsoft served content. Though we don't provide lists of the CDN vendors we utilize as they can change without notice, our endpoints are public knowledge. If someone were to perform a series of DNS lookups against our endpoints (tlu.dl.delivery.mp.microsoft.com for example), they would be able to determine which CDN or CDNs were in rotation at a given point in time: + + $ dig +noall +answer tlu.dl.delivery.mp.microsoft.com | grep -P "IN\tA" + + c-0001.c-msedge.net. 20 IN A 13.107.4.50 + + $ whois 13.107.4.50|grep "Organization:" + + Organization: Microsoft Corporation (MSFT) diff --git a/windows/deployment/do/mcc-isp-signup.md b/windows/deployment/do/mcc-isp-signup.md new file mode 100644 index 0000000000..352d4402b4 --- /dev/null +++ b/windows/deployment/do/mcc-isp-signup.md @@ -0,0 +1,86 @@ +--- +title: Operator sign up and service onboarding +manager: aaroncz +description: Service onboarding for Microsoft Connected Cache for ISP +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +ms.mktglfcycl: deploy +audience: itpro +author: nidos +ms.localizationpriority: medium +ms.author: nidos +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Operator sign up and service onboarding for Microsoft Connected Cache + +**Applies to** + +- Windows 10 +- Windows 11 + +This article details the process of signing up for Microsoft Connected Cache for Internet Service Providers (public preview). + +## Resource creation and sign up process + +1. Navigate to the [Azure portal](https://www.portal.azure.com). In the top search bar, search for **Microsoft Connected Cache**. + + :::image type="content" source="./images/mcc-isp-search.png" alt-text="Screenshot of the Azure portal that shows the Microsoft Connected Cache resource in Azure marketplace."::: + +1. Select **Create** to create a **Microsoft Connected Cache**. When prompted, enter a name for your cache resource. + + > [!IMPORTANT] + > After your resource has been created, we need some information to verify your network operator status and approve you to host Microsoft Connected Cache nodes. Please ensure that your [Peering DB](https://www.peeringdb.com/) organization information is up to date as this information will be used for verification. The NOC contact email will be used to send verification information. +1. Navigate to **Settings** > **Sign up**. Enter your organization ASN. Indicate whether you're a transit provider. If so, additionally, include any ASN(s) for downstream network operators that you may transit traffic for. + + :::image type="content" source="./images/mcc-isp-sign-up.png" alt-text="Screenshot of the sign up page in the Microsoft Connected Cache resource page in Azure portal." lightbox="./images/mcc-isp-sign-up.png"::: + +1. Once we verify the information entered, a verification code will be sent to the NOC email address provided on [Peering DB](https://www.peeringdb.com/). Once you receive the email, navigate to your Azure portal > **Microsoft Connected Cache** > **Settings** > **Verify operator**, and enter the verification code sent to the NOC email address. + + > [!NOTE] + > Verification codes expire in 24 hours. You will need to generate a new code if it expires. + + :::image type="content" source="images/mcc-isp-operator-verification.png" alt-text="Screenshot of the sign up verification page on Azure portal for Microsoft Connected Cache." lightbox="./images/mcc-isp-operator-verification.png"::: + +1. Once verified, follow the instructions in [Create, provision, and deploy cache node](mcc-isp-create-provision-deploy.md) to create your cache node. + + + +### Cache performance + +To make sure you're maximizing the performance of your cache node, review the following information: + +#### OS requirements + +The Microsoft Connected Cache module is optimized for Ubuntu 20.04 LTS. Install Ubuntu 20.04 LTS on a physical server or VM of your choice. + +#### NIC requirements + +- Multiple NICs on a single MCC instance are supported using a *link aggregated* configuration. +- 10 Gbps NIC is the minimum speed recommended, but any NIC is supported. + +#### Drive performance + +The maximum number of disks supported is 9. When configuring your drives, we recommend SSD drives as cache read speed of SSD is superior to HDD. In addition, using multiple disks is recommended to improve cache performance. + +RAID disk configurations are discouraged as cache performance will be impacted. If using RAID disk configurations, ensure striping. + +### Hardware configuration example + +There are many hardware configurations that suit Microsoft Connected Cache. As an example, a customer has deployed the following hardware configuration and is able to achieve a peak egress of about 35 Gbps: + +**Dell PowerEdge R330** + +- 2 x Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.40 GHz, total 32 core +- 48 GB, Micron Technology 18ASF1G72PDZ-2G1A1, Speed: 2133 MT/s +- 4 - Transcend SSD230s 1 TB SATA Drives +- Intel Corporation Ethernet 10G 2P X520 Adapter (Link Aggregated) + +### Virtual machines + +Microsoft Connected Cache supports both physical and virtual machines as cache servers. If you're using a virtual machine as your server, refer to [VM performance](mcc-isp-vm-performance.md) for tips on how to improve your VM performance. \ No newline at end of file diff --git a/windows/deployment/do/mcc-isp-support.md b/windows/deployment/do/mcc-isp-support.md new file mode 100644 index 0000000000..a321ac671c --- /dev/null +++ b/windows/deployment/do/mcc-isp-support.md @@ -0,0 +1,51 @@ +--- +title: Support and troubleshooting +manager: aaroncz +description: Troubleshooting issues for Microsoft Connected Cache for ISP +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +audience: itpro +author: nidos +ms.localizationpriority: medium +ms.author: nidos +ms.collection: M365-modern-desktop +ms.topic: reference +--- + +# Support and troubleshooting + +**Applies to** + +- Windows 10 +- Windows 11 + +This article provides information on how to troubleshoot common issues with Microsoft Connected Cache for ISPs. +## Sign up errors + +### Cannot verify account + +During sign-up, we verify the information you provide against what is present in [Peering DB](https://www.peeringdb.com/). Make sure the information for your ISP entry on [Peering DB](https://www.peeringdb.com/) is up to date and matches what you provide during sign-up. + +### Invalid verification code + +During sign-up, a verification code is sent to your NOC email address present in [Peering DB](https://www.peeringdb.com/). This code expires in 24 hours. If it's expired, you'll need to request a new verification code to complete the sign-up. + +## Cache Node Errors + +### Cannot find my cache node + +Did you previously had access to your cache nodes but it's now no longer accessible? If so, it may be because you had a trial subscription, and its trial period ended. To resolve this issue, complete the following two steps: + +1. Create a new Azure Pay-As-You-Go subscription +1. Recreate the cache nodes using the new subscription + +## Steps to obtain an Azure subscription ID + + +[!INCLUDE [Get Azure subscription](includes/get-azure-subscription.md)] + +## Recommended resources + +- [Pay-as-you-go-subscription](https://azure.microsoft.com/offers/ms-azr-0003p/) +- [Azure free account FAQs](https://azure.microsoft.com/free/free-account-faq/) + diff --git a/windows/deployment/do/mcc-isp-update.md b/windows/deployment/do/mcc-isp-update.md new file mode 100644 index 0000000000..c6bdfe27c8 --- /dev/null +++ b/windows/deployment/do/mcc-isp-update.md @@ -0,0 +1,58 @@ +--- +title: Update or uninstall your cache node +manager: aaroncz +description: How to update or uninstall your cache node +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +ms.mktglfcycl: deploy +audience: itpro +author: amyzhou +ms.localizationpriority: medium +ms.author: amyzhou +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Update or uninstall your cache node + +This article details how to update or uninstall your cache node. + +## Update cache node + +Microsoft will release updates for Microsoft Connected Cache periodically to improve performance, functionality, and security. Updates won't require any action from the customer. Instead, when an update is available, your cache node will automatically update during low traffic hours with minimal to no impact to your end customers. + +To view which version your cache nodes are currently on, navigate to the **Cache nodes** tab to view the versions in the list view. + +## Uninstall cache node + +There are two main steps required to uninstall your cache node: + +1. Remove your cache node from Azure portal +1. Run the uninstall script to cleanly remove MCC from your server + +You must complete both steps to ensure a clean uninstall of your cache node. + +### Remove your cache node from Azure portal + +Within the [Azure portal](https://www.portal.azure.com), navigate to **Cache Nodes**, then select the cache node you wish to delete. Once selected, select **Delete** on the top bar to remove this cache node from your account. + +### Run the uninstall script to cleanly remove Microsoft Connected Cache from your server + +In the installer zip file, you'll find the file **uninstallmcc.sh**. This script uninstalls Microsoft Connected Cache and all the related components. Only run it if you're facing issues with Microsoft Connected Cache installation. + +The **uninstallmcc.sh** script removes the following components: + +- IoT Edge +- Edge Agent +- Edge Hub +- MCC +- Moby CLI +- Moby engine + +To run the script, use the following commands: + +```bash +sudo chmod +x uninstallmcc.sh +sudo ./uninstallmcc.sh + +``` diff --git a/windows/deployment/do/mcc-isp-verify-cache-node.md b/windows/deployment/do/mcc-isp-verify-cache-node.md new file mode 100644 index 0000000000..22f8b3de86 --- /dev/null +++ b/windows/deployment/do/mcc-isp-verify-cache-node.md @@ -0,0 +1,80 @@ +--- +title: Verify cache node functionality and monitor health and performance +manager: aaroncz +description: How to verify the functionality of a cache node +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +ms.mktglfcycl: deploy +audience: itpro +author: amyzhou +ms.localizationpriority: medium +ms.author: amyzhou +ms.collection: M365-modern-desktop +ms.topic: article +--- + +# Verify cache node functionality and monitor health and performance + +This article details how to verify that your cache node(s) are functioning properly and serving traffic. This article also details how to monitor your cache nodes. + +## Verify functionality on Azure portal + +Sign into the [Azure portal](https://www.portal.azure.com) and navigate to the **Overview** page. Select the **Monitoring** tab to verify the functionality of your server(s) by validating the number of healthy nodes shown. If you see any **Unhealthy nodes**, select the **Diagnose and Solve** link to troubleshoot and resolve the issue. + +## Verify functionality on the server + +It can take a few minutes for the container to deploy after you've saved the configuration. + +To validate a properly functioning MCC, run the following command in the terminal of the cache server or any device in the network. Replace `` with the IP address of the cache server. + +```bash +wget http:///mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com +``` + +If successful, you'll see a terminal output similar to the following output: + +```bash +HTTP request sent, awaiting response... 200 OK +Length: 969710 (947K) [image/gif] +Saving to: 'wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com' + +wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com 100%[========================] +``` + +Similarly, enter the following URL into a web browser on any device on the network: + +```http +http:///mscomtest/wuidt.gif?cacheHostOrigin=au.download.windowsupdate.com +``` + +If the test fails, for more information, see the [FAQ](mcc-isp-faq.yml) article. + +## Monitor cache node health and performance + +Within Azure portal, there are many charts and graphs that are available to monitor cache node health and performance. + +### Available Metrics + +Within Azure portal, you're able to build your custom charts and graphs using the following available metrics: + +| Metric name | Description | +|---|---| +| **Cache Efficiency** | Cache efficiency is defined as the total cache hit bytes divided by all bytes requested. The higher this value (0 - 100%), the more efficient the cache node is. | +| **Healthy nodes** | The number of cache nodes that are reporting as healthy| +| **Unhealthy nodes**| The number of cache nodes that are reporting as unhealthy| +| **Maximum in**| The maximum egress (in Gbps) of inbound traffic| +| **Maximum out**| The maximum egress (in Gbps) of outbound traffic| +| **Average in**| The average egress (in Gbps) of inbound traffic| +| **Average out**| The average egress (in Gbps) of outbound traffic| + +For more information about how to build your custom charts and graphs, see [Azure Monitor](/azure/azure-monitor/essentials/data-platform-metrics). + +### Monitoring your metrics + +To view the metrics associated with your cache nodes, navigate to the **Overview** > **Monitoring** tab within the Azure portal. + +:::image type="content" source="./images/mcc-isp-metrics.png" alt-text="Screenshot of the Azure portal displaying the metrics view in the Overview tab."::: + +You can choose to monitor the health and performance of all cache nodes or one at a time by using the dropdown menu. The **Egress bits per second** graph shows your inbound and outbound traffic of your cache nodes over time. You can change the time range (1 hour, 12 hours, 1 day, 7 days, 14 days, and 30 days) by selecting the time range of choice on the top bar. + +If you're unable to view metrics for your cache node, it may be that your cache node is unhealthy, inactive, or hasn't been fully configured. diff --git a/windows/deployment/do/mcc-isp-vm-performance.md b/windows/deployment/do/mcc-isp-vm-performance.md new file mode 100644 index 0000000000..6cb5ab9b45 --- /dev/null +++ b/windows/deployment/do/mcc-isp-vm-performance.md @@ -0,0 +1,36 @@ +--- +title: Enhancing VM performance +manager: aaroncz +description: How to enhance performance on a virtual machine used with Microsoft Connected Cache for ISPs +keywords: updates, downloads, network, bandwidth +ms.prod: w10 +ms.mktglfcycl: deploy +audience: itpro +author: amyzhou +ms.localizationpriority: medium +ms.author: amyzhou +ms.collection: M365-modern-desktop +ms.topic: reference +--- + +# Enhancing virtual machine performance + +In virtual environments, the cache server egress peaks at around 1.1 Gbps. If you want to maximize the egress in virtual environments, it's critical to change two settings. + +## Virtual machine settings + +Change the following settings to maximize the egress in virtual environments: + +1. Enable **Single Root I/O Virtualization (SR-IOV)** in the following three locations: + + - The BIOS of the MCC virtual machine + - The network card properties of the MCC virtual machine + - The hypervisor for the MCC virtual machine + + Microsoft has found these settings to double egress when using a Microsoft Hyper-V deployment. + +2. Enable high performance in the BIOS instead of energy savings. Microsoft has found this setting to also nearly double egress in a Microsoft Hyper-V deployment. + +## Next steps + +[Support and troubleshooting](mcc-isp-support.md) diff --git a/windows/deployment/do/mcc-isp.md b/windows/deployment/do/mcc-isp.md index 9ac74d0930..055f86b888 100644 --- a/windows/deployment/do/mcc-isp.md +++ b/windows/deployment/do/mcc-isp.md @@ -5,17 +5,17 @@ ms.prod: windows-client ms.technology: itpro-updates ms.localizationpriority: medium author: amymzhou -ms.author: aaroncz +ms.author: amyzhou ms.reviewer: carmenf -manager: dougeby +manager: aaroncz ms.collection: M365-modern-desktop ms.topic: how-to ms.date: 05/20/2022 --- -# Microsoft Connected Cache for Internet Service Providers (ISPs) +# Microsoft Connected Cache for Internet Service Providers (early preview) -_Applies to_ +*Applies to* - Windows 10 - Windows 11 @@ -23,7 +23,7 @@ _Applies to_ ## Overview > [!IMPORTANT] -> Microsoft Connected Cache is currently a private preview feature. During this phase we invite customers to take part in early access for testing purposes. This phase doesn't include formal support. Instead, you'll be working directly with the product team to provide feedback on Microsoft Connected Cache. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/). +> This document is for Microsoft Connected Cache (early preview). During this phase we invite customers to take part in early access for testing purposes. This phase doesn't include formal support. Instead, you'll be working directly with the product team to provide feedback on Microsoft Connected Cache. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/). Microsoft Connected Cache (MCC) preview is a software-only caching solution that delivers Microsoft content within operator networks. MCC can be deployed to as many physical servers or VMs as needed and is managed from a cloud portal. Microsoft cloud services handle routing of consumer devices to the cache server for content downloads. @@ -31,15 +31,15 @@ Microsoft Connected Cache is a hybrid application, in that it's a mix of on-prem ## How MCC works -:::image type="content" source="images/imcc01.png" alt-text="Data flow diagram of how Microsoft Connected Cache works." lightbox="images/imcc01.png"::: +:::image type="content" source="./images/mcc-isp-diagram.png" alt-text="Data flow diagram of how Microsoft Connected Cache works." lightbox="./images/mcc-isp-diagram.png"::: The following steps describe how MCC is provisioned and used: 1. The Azure Management Portal is used to create and manage MCC nodes. -2. A shell script is used to provision the server and deploy the MCC application. +1. A shell script is used to provision the server and deploy the MCC application. -3. A combination of the Azure Management Portal and shell script is used to configure Microsoft Delivery Optimization Services to route traffic to the MCC server. +1. A combination of the Azure Management Portal and shell script is used to configure Microsoft Delivery Optimization Services to route traffic to the MCC server. - The publicly accessible IPv4 address of the server is configured on the portal. @@ -50,31 +50,31 @@ The following steps describe how MCC is provisioned and used: > [!NOTE] > Only IPv4 addresses are supported at this time. Entering IPv6 addresses will result in an error. -4. Microsoft end-user devices (clients) periodically connect with Microsoft Delivery Optimization Services, and the services match the IP address of the client with the IP address of the corresponding MCC node. +1. Microsoft end-user devices (clients) periodically connect with Microsoft Delivery Optimization Services, and the services match the IP address of the client with the IP address of the corresponding MCC node. -5. Microsoft clients make the range requests for content from the MCC node. +1. Microsoft clients make the range requests for content from the MCC node. -6. A MCC node gets content from the CDN, seeds its local cache stored on disk, and delivers the content to the client. +1. An MCC node gets content from the CDN, seeds its local cache stored on disk, and delivers the content to the client. -7. Subsequent requests from end-user devices for content will be served from cache. +1. Subsequent requests from end-user devices for content will be served from cache. -8. If the MCC node is unavailable, the client gets content from the CDN to ensure uninterrupted service for your subscribers. +1. If the MCC node is unavailable, the client gets content from the CDN to ensure uninterrupted service for your subscribers. ## ISP requirements for MCC ### Azure subscription -The MCC management portal is hosted within Azure. It's used to create the Connected Cache Azure resource and IoT Hub resource. Both are _free_ services. +The MCC management portal is hosted within Azure. It's used to create the Connected Cache Azure resource and IoT Hub resource. Both are *free* services. > [!NOTE] > If you request Exchange or Public peering in the future, business email addresses must be used to register ASNs. Microsoft doesn't accept Gmail or other non-business email addresses. -Your Azure subscription ID is first used to provision MCC services and enable access to the preview. The MCC server requirement for an Azure subscription will cost you nothing. If you don't have an Azure subscription already, you can create an Azure [Pay-As-You-Go](https://azure.microsoft.com/offers/ms-azr-0003p/) account, which requires a credit card for verification purposes. For more information, see the [Azure free account FAQ](https://azure.microsoft.com/free/free-account-faq/). _Don't submit a trial subscription_ as you'll lose access to your Azure resources after the trial period ends. +Your Azure subscription ID is first used to provision MCC services and enable access to the preview. The MCC server requirement for an Azure subscription will cost you nothing. If you don't have an Azure subscription already, you can create an Azure [Pay-As-You-Go](https://azure.microsoft.com/offers/ms-azr-0003p/) account, which requires a credit card for verification purposes. For more information, see the [Azure free account FAQ](https://azure.microsoft.com/free/free-account-faq/). *Don't submit a trial subscription* as you'll lose access to your Azure resources after the trial period ends. The resources used for the preview, and in the future when this product is ready for production, will be free to you - like other caching solutions. > [!IMPORTANT] -> To join the Microsoft Connected Cache private preview, provide your Azure subscription ID by filling out [this survey](https://aka.ms/MCCForISPSurvey). +> To join the Microsoft Connected Cache early preview, provide your Azure subscription ID by filling out [this survey](https://aka.ms/MCCForISPSurvey). ### Hardware to host the MCC @@ -89,7 +89,7 @@ This recommended configuration can egress at a rate of 9 Gbps with a 10 Gbps NIC #### NIC requirements -- Multiple NICs on a single MCC instance are supported using a _link aggregated_ configuration. +- Multiple NICs on a single MCC instance are supported using a *link aggregated* configuration. - 10 Gbps NIC is the minimum speed recommended, but any NIC is supported. ### Sizing recommendations @@ -97,10 +97,10 @@ This recommended configuration can egress at a rate of 9 Gbps with a 10 Gbps NIC The MCC module is optimized for Ubuntu 20.04 LTS. Install Ubuntu 20.04 LTS on a physical server or VM of your choice. The following recommended configuration can egress at a rate of 9 Gbps with a 10 Gbps NIC. | Component | Minimum | Recommended | -| -- | --- | --- | +|---|---|---| | OS | Ubuntu 20.04 LTS VM or physical server | Ubuntu 20.04 LTS VM or physical server (preferred) | | NIC | 10 Gbps| at least 10 Gbps | -| Disk | SSD
1 drive
2 TB each |SSD
2-4 drives
at least 2 TB each | +| Disk | SSD
1 drive
2 TB each |SSD
2-4 drives
at least 2 TB each | | Memory | 8 GB | 32 GB or greater | | Cores | 4 | 8 or more | @@ -110,8 +110,8 @@ To deploy MCC: 1. [Provide Microsoft with your Azure subscription ID](#provide-microsoft-with-your-azure-subscription-id) 2. [Create the MCC Resource in Azure](#create-the-mcc-resource-in-azure) -3. [Create a Cache Node](#create-a-mcc-node-in-azure) -4. [Configure Cache Node Routing](#edit-cache-node-information) +3. [Create a Cache Node](#create-an-mcc-node-in-azure) +4. [Configure Cache Node Routing](#edit-cache-node-information) 5. [Install MCC on a physical server or VM](#install-mcc) 6. [Verify properly functioning MCC server](#verify-properly-functioning-mcc-server) 7. [Review common issues if needed](#common-issues) @@ -135,20 +135,20 @@ Operators who have been given access to the program will be sent a link to the A 1. Choose **Create a resource**. - :::image type="content" source="images/imcc02.png" alt-text="Select the option to 'Create a resource' in the Azure portal."::: + :::image type="content" source="./images/mcc-isp-create-resource.png" alt-text="Screenshot of the option to 'Create a resource' in the Azure portal."::: 1. Type **Microsoft Connected Cache** into the search box and press **Enter** to show the search results. 1. Select **Microsoft Connected Cache**. - :::image type="content" source="images/imcc03.png" alt-text="Search the Azure Marketplace for 'Microsoft Connected Cache'."::: + :::image type="content" source="./images/mcc-isp-search-marketplace.png" alt-text="Screenshot of searching the Azure Marketplace for 'Microsoft Connected Cache'."::: > [!IMPORTANT] - > Don't select _Connected Cache Resources_, which is different from **Microsoft Connected Cache**. + > Don't select *Connected Cache Resources*, which is different from **Microsoft Connected Cache**. 1. Select **Create** on the next screen to start the process of creating the MCC resource. - :::image type="content" source="images/imcc04.png" alt-text="Select the option to Create the Microsoft Connected Cache service."::: + :::image type="content" source="./images/mcc-isp-create.png" alt-text="Screenshot of the Create option for the Microsoft Connected Cache service."::: 1. Fill in the following required fields to create the MCC resource: @@ -163,11 +163,11 @@ Operators who have been given access to the program will be sent a link to the A - Specify a **Connected Cache Resource Name**. - :::image type="content" source="images/imcc05.png" alt-text="Enter the required information to create a Connected Cache in Azure."::: + :::image type="content" source="./images/mcc-isp-location-west.png" alt-text="Screenshot of entering the required information, including the West US location, to create a Connected Cache in Azure."::: 1. Select **Review + Create**. Once validation is complete, select **Create** to start the resource creation. - :::image type="content" source="images/imcc06.png" alt-text="'Your deployment is complete' message displaying deployment details."::: + :::image type="content" source="./images/mcc-isp-deployment-complete.png" alt-text="'Screenshot of the 'Your deployment is complete' message displaying deployment details."::: #### Common Resource Creation Errors @@ -175,58 +175,55 @@ Operators who have been given access to the program will be sent a link to the A If you get the error message "Validation failed" in the Azure portal, it's likely because you selected the **Location** as **US West 2** or another unsupported location. To resolve this error, go to the previous step and choose **(US) West US** for the **Location**. -:::image type="content" source="images/imcc07.png" alt-text="'Validation failed' error message for Connected Cache in an unsupported location."::: - ##### Error: Could not create Marketplace item If you get the error message "Could not create marketplace item" in the Azure portal, use the following steps to troubleshoot: -- Make sure that you've selected **Microsoft Connected Cache** and not _Connected Cache resources_ while trying to create a MCC resource. +- Make sure that you've selected **Microsoft Connected Cache** and not *Connected Cache resources* while trying to create an MCC resource. - Make sure that you're using the same subscription that you provided to Microsoft and you have privileges to create an Azure resource. - If the issue persists, clear your browser cache and start in a new window. -### Create a MCC node in Azure +### Create an MCC node in Azure 1. After you successfully create the resource, select **Go to resource**. 1. Under the **Cache Node Management** section in the left panel, select **Cache Nodes**. - :::image type="content" source="images/imcc08.png" alt-text="The 'Cache Nodes' option in the Cache Node Management menu section."::: + :::image type="content" source="./images/mcc-isp-cache-nodes-option.png" alt-text="Screenshot of the 'Cache Nodes' option in the Cache Node Management menu section."::: 1. On the **Cache Nodes** section, select **Create Cache Node**. - :::image type="content" source="images/imcc09.png" alt-text="Select the 'Create Cache Node' option."::: + :::image type="content" source="./images/mcc-isp-create-cache-node-option.png" alt-text="Screenshot of the selecting the 'Create Cache Node' option."::: 1. This action opens the **Create Cache Node** page. The only required fields are **Cache Node Name** and **Max Allowable Egress (Mbps)**. | Field name | Expected value | Description | |--|--|--| | **Cache Node Name** | Alphanumeric name that includes no spaces. | The name of the cache node. You may choose names based on location like Seattle-1. This name must be unique and can't be changed later. | - | **Server IP Address** | IPv4 Address | IP address of your MCC server. This address is used to route end-user devices in your network to the server for Microsoft content downloads. _The IP address must be publicly accessible._ | + | **Server IP Address** | IPv4 Address | IP address of your MCC server. This address is used to route end-user devices in your network to the server for Microsoft content downloads. *The IP address must be publicly accessible.* | | **Max Allowable Egress (Mbps)** | Integer in Mbps | The maximum egress (Mbps) of your MCC based on the specifications of your hardware. For example, `10,000` Mbps. | | **Address Range/CIDR Blocks** | IPv4 CIDR notation | The IP address range (CIDR blocks) that should be routed to the MCC server as a comma separated list. For example: `2.21.234.0/24, 3.22.235.0/24, 4.23.236.0/24` | - | **Enable Cache Node** | Enable or Disable | **Enable** permits the cache node to receive content requests.
**Disable** prevents the cache node from receiving content requests.
Cache nodes are enabled by default. | + | **Enable Cache Node** | Enable or Disable | **Enable** permits the cache node to receive content requests.
**Disable** prevents the cache node from receiving content requests.
Cache nodes are enabled by default. | - :::image type="content" source="images/imcc10.png" alt-text="Available fields on the Create Cache Node page."::: + :::image type="content" source="./images/mcc-isp-create-cache-node-fields.png" alt-text="Screenshot of the available fields on the Create Cache Node page."::: > [!TIP] > The information icon next to each field provides a description. > - > :::image type="content" source="images/imcc11.png" alt-text="Create Cache Node page showing the description for the Server IP Address field."::: + > :::image type="content" source="./images/mcc-isp-node-server-ip.png" alt-text="Screenshot of the Create Cache Node page showing the description for the Server IP Address field."::: - > [!NOTE] - > After you create the cache node, if you return to this page, it populates the values for the two read-only fields: - > - > | Field name | Description | - > |--|--| - > | **IP Space** | Number of IP addresses that will be routed to your cache server. | - > | **Activation Keys** | Set of keys to activate your cache node with the MCC services. Copy the keys for use during install. The CustomerID is your Azure subscription ID. | + After you create the cache node, if you return to this page, it populates the values for the two read-only fields: + + | Field name | Description | + |--|--| + | **IP Space** | Number of IP addresses that will be routed to your cache server. | + | **Activation Keys** | Set of keys to activate your cache node with the MCC services. Copy the keys for use during install. The CustomerID is your Azure subscription ID. | 1. Enter the information to create the cache node, and then select **Create**. - :::image type="content" source="images/imcc12.png" alt-text="Select 'Create' on the Create Cache Node page."::: + :::image type="content" source="./images/mcc-isp-create-new-node.png" alt-text="Screenshot of selecting 'Create' on the Create Cache Node page."::: If there are errors, the page gives you guidance on how to correct the errors. For example: @@ -236,11 +233,11 @@ If there are errors, the page gives you guidance on how to correct the errors. F See the following example with all information entered: -:::image type="content" source="images/imcc13.png" alt-text="Create Cache Node page with all information entered."::: +:::image type="content" source="./images/mcc-isp-create-node-form.png" alt-text="Screenshot of the Create Cache Node page with all information entered."::: Once you create the MCC node, it will display the installer instructions. For more information on the installer instructions, see the [Install Connected Cache](#install-mcc) section. -:::image type="content" source="images/imcc14.png" alt-text="Cache node successfully created with Connected Cache installer instructions."::: +:::image type="content" source="./images/mcc-isp-success-instructions.png" alt-text="Screenshot of the Cache node successfully created with Connected Cache installer instructions."::: ### IP address space approval @@ -258,15 +255,15 @@ There are three states for IP address space. MCC configuration supports BGP and If your IP address space has this status, contact Microsoft for more information. -:::image type="content" source="images/imcc15.png" alt-text="A list of cache node names with example IP address space statuses."::: +:::image type="content" source="./images/mcc-isp-node-names.png" alt-text="Screenshot of a list of cache node names with example IP address space statuses."::: ## Edit cache node information -:::image type="content" source="images/imcc16.png" alt-text="Cache Nodes list in the Azure portal."::: +:::image type="content" source="./images/mcc-isp-list-nodes.png" alt-text="Screenshot of the Cache Nodes list in the Azure portal."::: To modify the configuration for existing MCC nodes in the portal, select the cache node name in the cache nodes list. This action opens the **Cache Node Configuration** page. You can edit the **Server IP Address** or **Address Range/CIDR Blocks** field. You can also enable or disable the cache node. -:::image type="content" source="images/imcc17.png" alt-text="Cache Node Configuration page, highlighting editable fields."::: +:::image type="content" source="./images/mcc-isp-node-configuration.png" alt-text="Screenshot of the Cache Node Configuration page, highlighting editable fields."::: To delete a cache node, select it in the cache nodes list, and then select **Delete** in the toolbar. If you delete a cache node, there's no way to recover it or any of the information related to the cache node. @@ -298,7 +295,7 @@ Before you start, make sure that you have a data drive configured on your server 1. From either **Create Cache Node** or **Cache Node Configuration** pages, select **Download Installer** to download the installer file. - :::image type="content" source="images/imcc18.png" alt-text="The Create Cache Node page highlighting the Download Installer action."::: + :::image type="content" source="./images/mcc-isp-installer-download.png" alt-text="Screenshot of the Create Cache Node page highlighting the Download Installer action."::: Unzip the **mccinstaller.zip** file, which includes the following installation files and folders: @@ -322,19 +319,19 @@ Before you start, make sure that you have a data drive configured on your server 1. In the Azure portal, in the Connected Cache installer instructions, copy the cache node installer Bash script command. Run the Bash script from the terminal. - :::image type="content" source="images/imcc19.png" alt-text="Copy the cache node installer Bash script in the Connected Cache installer instructions."::: + :::image type="content" source="./images/mcc-isp-copy-install-script.png" alt-text="Screenshot of the Copy option for the cache node installer Bash script in the Connected Cache installer instructions."::: 1. Sign in to the Azure portal with a device code. - :::image type="content" source="images/imcc20.png" alt-text="Bash script prompt to sign in to the Azure portal with a device code."::: + :::image type="content" source="./images/mcc-isp-bash-device-code.png" alt-text="Screenshot of the Bash script prompt to sign in to the Azure portal with a device code." lightbox="./images/mcc-isp-bash-device-code.png"::: 1. Specify the number of drives to configure. Use an integer value less than 10. - :::image type="content" source="images/imcc22.png" alt-text="Bash script prompt to enter the number of cache drives to configure."::: + :::image type="content" source="./images/mcc-isp-bash-drive-number.png" alt-text="Screenshot of the Bash script prompt to enter the number of cache drives to configure." lightbox="./images/mcc-isp-bash-drive-number.png"::: 1. Specify the location of the cache drives. For example, `/datadrive/` - :::image type="content" source="images/imcc23.png" alt-text="Bash script prompt to enter the location for cache drive."::: + :::image type="content" source="./images/mcc-isp-bash-datadrive.png" alt-text="Screenshot of the Bash script prompt to enter the location for cache drive." lightbox="./images/mcc-isp-bash-datadrive.png"::: > [!IMPORTANT] > The script changes the permission and ownership on the cache drive to **everyone** with the command `chmod 777`. @@ -350,15 +347,15 @@ Before you start, make sure that you have a data drive configured on your server 1. Specify an integer value as the size in GB for each cache drive. The minimum is `100` GB. - :::image type="content" source="images/imcc24.png" alt-text="Bash script prompt to enter the amount of space to allocate to the cache drive."::: + :::image type="content" source="./images/mcc-isp-bash-allocate-space.png" alt-text="Screenshot of the Bash script prompt to enter the amount of space to allocate to the cache drive." lightbox="./images/mcc-isp-bash-allocate-space.png"::: 1. Specify whether you have an existing IoT Hub. - - If this process is for your _first MCC deployment_, enter `n`. + - If this process is for your *first MCC deployment*, enter `n`. - - If you already have a MCC deployment, you can use an existing IoT Hub from your previous installation. Select `Y` to see your existing IoT Hubs. You can copy and paste the resulting IoT Hub name to continue. + - If you already have an MCC deployment, you can use an existing IoT Hub from your previous installation. Select `Y` to see your existing IoT Hubs. You can copy and paste the resulting IoT Hub name to continue. - :::image type="content" source="images/imcc25.png" alt-text="Bash script output with steps for existing IoT Hub."::: + :::image type="content" source="./images/mcc-isp-bash-iot-prompt.png" alt-text="Screenshot of the Bash script output with steps for existing IoT Hub." lightbox="./images/mcc-isp-bash-iot-prompt.png"::: 1. If you want to configure BGP, enter `y`. If you want to use manual entered prefixes for routing, enter `n` and skip to Step 16. You can always configure BGP at a later time using the Update Script. @@ -394,7 +391,7 @@ Before you start, make sure that you have a data drive configured on your server 1. To start routing using BGP, change the **Prefix Source** from **Manually Entered** to **Use BGP**. - :::image type="content" source="images/imcc55.PNG" alt-text="Cache node configuration with the Prefix Source set to Use BGP."::: + :::image type="content" source="./images/mcc-isp-use-bgp.png" alt-text="Screenshot of the Cache Node Configuration page with the Prefix Source set to Use BGP."::: 1. If there are no errors, go to the next section to verify the MCC server. @@ -415,7 +412,7 @@ Sign in to the Connected Cache server or use SSH. Run the following command from sudo iotedge list ``` -:::image type="content" source="images/imcc26.png" alt-text="Terminal output of iotedge list command, showing the running containers."::: +:::image type="content" source="./images/mcc-isp-running-containers.png" alt-text="Screenshot of the terminal output of iotedge list command, showing the running containers." lightbox="./images/mcc-isp-running-containers.png"::: If it lists the **edgeAgent** and **edgeHub** containers, but doesn't include **MCC**, view the status of the IoT Edge security manager using the command: @@ -425,7 +422,7 @@ sudo journalctl -u iotedge -f For example, this command provides the current status of the starting and stopping of a container, or the container pull and start: -:::image type="content" source="images/imcc27.png" alt-text="Terminal output of journalctl command for iotedge."::: +:::image type="content" source="./images/mcc-isp-edge-journalctl.png" alt-text="Terminal output of journalctl command for iotedge." lightbox="./images/mcc-isp-edge-journalctl.png"::: ### Verify server side @@ -439,7 +436,7 @@ wget http:///mscomtest/wuidt.gif?cacheHostOrigin=au.download.wind The following screenshot shows a successful test result: -:::image type="content" source="images/imcc28.png" alt-text="Terminal output of successful test result with wget command to validate a MCC."::: +:::image type="content" source="./images/mcc-isp-wget.png" alt-text="Screenshot of the terminal output of successful test result with wget command to validate a Microsoft Connected Cache." lightbox="./images/mcc-isp-wget.png"::: Similarly, enter the following URL into a web browser on any device on the network: @@ -484,7 +481,7 @@ To configure the device to work with your DNS, use the following steps: nmcli device show eno1 ``` - :::image type="content" source="images/imcc30.png" alt-text="Sample output of nmcli command to show network adapter information."::: + :::image type="content" source="images/mcc-isp-nmcli.png" alt-text="Screenshot of a sample output of nmcli command to show network adapter information." lightbox="./images/mcc-isp-nmcli.png"::: 1. Open or create the Docker configuration file used to configure the DNS server. @@ -535,7 +532,7 @@ To run the script: ## Updating your MCC -Throughout the private preview phase, Microsoft will release security and feature updates for MCC. Follow these steps to update your MCC. +Throughout the early preview phase, Microsoft will release security and feature updates for MCC. Follow these steps to update your MCC. Run the following commands, replacing the variables with the values provided in the email to update your MCC: @@ -553,7 +550,7 @@ sudo ./updatemcc.sh version="msconnectedcacheprod.azurecr.io/mcc/linux/iot/mcc-u ### Configure BGP on an Existing MCC -If you have a MCC that's already active and running, follow the steps below to configure BGP. +If you have an MCC that's already active and running, follow the steps below to configure BGP. 1. Run the Update commands as described above. @@ -585,20 +582,12 @@ sudo ./uninstallmcc.sh ``` ## Appendix - + ### Steps to obtain an Azure subscription ID -1. Sign in to the [Azure portal](https://portal.azure.com/) and go to the **Azure services** section. + +[!INCLUDE [Get Azure subscription](includes/get-azure-subscription.md)] -2. Select **Subscriptions**. If you don't see **Subscriptions**, select the **More Services** arrow and search for **Subscriptions**. - -3. If you already have an Azure subscription, skip to step 5. If you don't have an Azure Subscription, select **+ Add** on the top left. - -4. Select the **Pay-As-You-Go** subscription. You'll be asked to enter credit card information, but you won't be charged for using the MCC service. - -5. On the **Subscriptions** section, you'll find details about your current subscription. Select the subscription name. - -6. After you select the subscription name, you'll find the subscription ID in the **Overview** tab. To copy the value, select the **Copy to clipboard** icon next to your subscription ID. ### Performance of MCC in virtual environments @@ -618,7 +607,7 @@ In virtual environments, the cache server egress peaks at around 1.1 Gbps. If yo More users can be given access to manage Microsoft Connected Cache, even if they don't have an Azure account. Once you've created the first cache node in the portal, you can add other users as **Owners** of the Microsoft Connected Cache resource group and the Microsoft Connected Cache resource. -For more information on how to add other users as an owner, see [Grant a user access to Azure resources using the Azure portal](/azure/role-based-access-control/quickstart-assign-role-user-portal). Make sure to do this action for both the _MCC resource_ and _MCC resource group_. +For more information on how to add other users as an owner, see [Grant a user access to Azure resources using the Azure portal](/azure/role-based-access-control/quickstart-assign-role-user-portal). Make sure to do this action for both the *MCC resource* and *MCC resource group*. ### Setting up a VM on Windows Server @@ -631,93 +620,93 @@ You can use hardware that will natively run Ubuntu 20.04 LTS, or you can run an 1. Start the **New Virtual Machine Wizard** in Hyper-V. - :::image type="content" source="images/imcc31.png" alt-text="The Before You Begin page of the Hyper-V New Virtual Machine Wizard."::: + :::image type="content" source="./images/mcc-isp-hyper-v-begin.png" alt-text="Screenshot of the Before You Begin page of the Hyper-V New Virtual Machine Wizard."::: 1. Specify a name and choose a location. - :::image type="content" source="images/imcc32.png" alt-text="The Specify Name and Location page of the Hyper-V New Virtual Machine Wizard."::: + :::image type="content" source="./images/mcc-isp-hyper-v-name.png" alt-text="Screenshot of the Specify Name and Location page in the Hyper-V New Virtual Machine Wizard."::: 1. Select **Generation 2**. You can't change this setting later. - :::image type="content" source="images/imcc33.png" alt-text="The Specify Generation page of the Hyper-V New Virtual Machine Wizard."::: + :::image type="content" source="./images/mcc-isp-hyper-v-generation.png" alt-text="Screenshot of the Specify Generation page in the Hyper-V New Virtual Machine Wizard."::: 1. Specify the startup memory. - :::image type="content" source="images/imcc34.png" alt-text="The Assign Memory page of the Hyper-V New Virtual Machine Wizard."::: + :::image type="content" source="./images/mcc-isp-hyper-v-memory.png" alt-text="Screenshot of the Assign Memory page of the Hyper-V New Virtual Machine Wizard."::: 1. Choose the network adapter connection. - :::image type="content" source="images/imcc35.png" alt-text="The Configure Networking page of the Hyper-V New Virtual Machine Wizard."::: + :::image type="content" source="./images/mcc-isp-hyper-v-networking.png" alt-text="Screenshot of the Configure Networking page of the Hyper-V New Virtual Machine Wizard."::: 1. Set the virtual hard disk parameters. You should specify enough space for the OS and the content that will be cached. For example, `1024` GB is 1 terabyte. - :::image type="content" source="images/imcc36.png" alt-text="The Connect Virtual Hard Disk page of the Hyper-V New Virtual Machine Wizard."::: + :::image type="content" source="./images/mcc-isp-hyper-v-disk.png" alt-text="Screenshot of the Connect Virtual Hard Disk page of the Hyper-V New Virtual Machine Wizard."::: 1. Select **Install an OS from a bootable image file** and browse to the ISO for Ubuntu 20.04 LTS that you previously downloaded. - :::image type="content" source="images/imcc37.png" alt-text="The Installation Options page of the Hyper-V New Virtual Machine Wizard."::: + :::image type="content" source="./images/mcc-isp-hyper-v-installation-options.png" alt-text="Screenshot of the Installation Options page of the Hyper-V New Virtual Machine Wizard."::: 1. Review the settings and select **Finish** to create the Ubuntu VM. - :::image type="content" source="images/imcc38.png" alt-text="Completing the New Virtual Machine Wizard on Hyper-V."::: + :::image type="content" source="./images/mcc-isp-hyper-v-summary.png" alt-text="Screenshot of completing the New Virtual Machine Wizard on Hyper-V."::: 1. Before you start the Ubuntu VM, disable **Secure Boot** and allocate multiple cores to the VM. 1. In Hyper-V Manager, open the **Settings** for the VM. - :::image type="content" source="images/imcc39.png" alt-text="Open Settings for a VM in Hyper-V Manager."::: + :::image type="content" source="./images/mcc-isp-hyper-v-vm-settings.png" alt-text="Screenshot of the settings for a VM in Hyper-V Manager."::: 1. Select **Security**. Disable the option to **Enable Secure Boot**. - :::image type="content" source="images/imcc40.png" alt-text="Security page of VM settings in Hyper-V Manager."::: + :::image type="content" source="./images/mcc-isp-hyper-v-vm-security.png" alt-text="Screenshot of the security page from VM settings in Hyper-V Manager."::: 1. Select **Processor**. Increase the number of virtual processors. This example shows `12`, but your configuration may vary. - :::image type="content" source="images/imcc41.png" alt-text="Processor page of VM settings in Hyper-V Manager."::: + :::image type="content" source="./images/mcc-isp-hyper-v-vm-processor.png" alt-text="Screenshot of the processor page from VM settings in Hyper-V Manager."::: 1. Start the VM and select **Install Ubuntu**. - :::image type="content" source="images/imcc42.png" alt-text="GNU GRUB screen, select Install Ubuntu."::: + :::image type="content" source="./images/mcc-isp-gnu-grub.png" alt-text="Screenshot of the GNU GRUB screen, with Install Ubuntu selected."::: 1. Choose your default language. - :::image type="content" source="images/imcc43.png" alt-text="Ubuntu install, Welcome page, select language."::: + :::image type="content" source="./images/mcc-isp-ubuntu-language.png" alt-text="Screenshot of the Ubuntu install's language selection page."::: 1. Choose the options for installing updates and third party hardware. For example, download updates and install third party software drivers. 1. Select **Erase disk and install Ubuntu**. If you had a previous version of Ubuntu installed, we recommend erasing and installing Ubuntu 16.04. - :::image type="content" source="images/imcc45.png" alt-text="Ubuntu install, Installation type page, Erase disk and install Ubuntu."::: + :::image type="content" source="./images/mcc-isp-ubuntu-erase-disk.png" alt-text="Screenshot of the Ubuntu install Installation type page with the Erase disk and install Ubuntu option selected."::: Review the warning about writing changes to disk, and select **Continue**. - :::image type="content" source="images/imcc46.png" alt-text="Ubuntu install, 'Write the changes to disks' warning."::: + :::image type="content" source="./images/mcc-isp-ubuntu-write-changes.png" alt-text="Screenshot of the Ubuntu install's 'Write the changes to disks' warning."::: 1. Choose the time zone. - :::image type="content" source="images/imcc47.png" alt-text="Ubuntu install, 'Where are you page' to specify time zone."::: + :::image type="content" source="./images/mcc-isp-ubuntu-time-zone.png" alt-text="Screenshot of the Ubuntu install's 'Where are you page' to specify time zone."::: 1. Choose the keyboard layout. - :::image type="content" source="images/imcc48.png" alt-text="Ubuntu install, Keyboard layout page."::: + :::image type="content" source="./images/mcc-isp-ubuntu-keyboard.png" alt-text="Screenshot of the Ubuntu install's Keyboard layout page."::: 1. Specify your name, a name for the computer, a username, and a strong password. Select the option to **Require my password to log in**. > [!TIP] > Everything is case sensitive in Linux. - :::image type="content" source="images/imcc50.png" alt-text="Ubuntu install, 'Who are you' screen."::: + :::image type="content" source="./images/mcc-isp-ubuntu-who.png" alt-text="Screenshot of the Ubuntu install's, 'Who are you' screen."::: 1. To complete the installation, select **Restart now**. - :::image type="content" source="images/imcc51.png" alt-text="Ubuntu install, installation complete, restart now."::: + :::image type="content" source="./images/mcc-isp-ubuntu-restart.png" alt-text="Screenshot of the Ubuntu install's installation complete, restart now screen."::: 1. After the computer restarts, sign in with the username and password. > [!IMPORTANT] > If it shows that an upgrade is available, select **Don't upgrade**. > - > :::image type="content" source="images/imcc52.png" alt-text="Ubuntu install, Upgrade Available prompt, Don't Upgrade."::: + > :::image type="content" source="./images/mcc-isp-ubuntu-upgrade.png" alt-text="Screenshot of the Ubuntu install's Upgrade Available prompt with Don't Upgrade selected."::: Your Ubuntu VM is now ready to [Install MCC](#install-mcc). @@ -735,6 +724,6 @@ For more information on Azure IoT Edge, see the [Azure IoT Edge documentation](/ ## Related articles -[Microsoft Connected Cache for enterprise and education](mcc-enterprise.md) +[Microsoft Connected Cache overview](waas-microsoft-connected-cache.md) [Introducing Microsoft Connected Cache](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-microsoft-connected-cache-microsoft-s-cloud-managed/ba-p/963898) diff --git a/windows/deployment/do/waas-microsoft-connected-cache.md b/windows/deployment/do/waas-microsoft-connected-cache.md index d492d18d11..8888c9ec94 100644 --- a/windows/deployment/do/waas-microsoft-connected-cache.md +++ b/windows/deployment/do/waas-microsoft-connected-cache.md @@ -22,41 +22,40 @@ ms.technology: itpro-updates - Windows 11 > [!IMPORTANT] -> Microsoft Connected Cache is currently a private preview feature. During this phase we invite customers to take part in early access for testing purposes. This phase does not include formal support, and should not be used for production workloads. For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/). +> Microsoft Connected Cache is currently a preview feature. To view our early preview documentation, visit [Microsoft Connected Cache for Internet Service Providers (ISPs)](mcc-isp.md). For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/). Microsoft Connected Cache (MCC) preview is a software-only caching solution that delivers Microsoft content within Enterprise networks. MCC can be deployed to as many bare-metal servers or VMs as needed, and is managed from a cloud portal. Cache nodes are created in the cloud portal and are configured by applying the client policy using management tools such as Intune. -MCC is a hybrid (mix of on-prem and cloud resources) SaaS solution built as an Azure IoT Edge module and Docker compatible Linux container deployed to your Windows devices. The Delivery Optimization team chose IoT Edge for Linux on Windows (EFLOW) as a secure, reliable container management infrastructure. EFLOW is a Linux virtual machine, based on Microsoft's first party CBL-Mariner operating system. It’s built with the IoT Edge runtime and validated as a tier 1 supported environment for IoT Edge workloads. MCC will be a Linux IoT Edge module running on the Windows Host OS. +MCC is a hybrid (mix of on-premises and cloud resources) SaaS solution built as an Azure IoT Edge module and Docker compatible Linux container deployed to your Windows devices. The Delivery Optimization team chose IoT Edge for Linux on Windows (EFLOW) as a secure, reliable container management infrastructure. EFLOW is a Linux virtual machine, based on Microsoft's first party CBL-Mariner operating system. It’s built with the IoT Edge runtime and validated as a tier 1 supported environment for IoT Edge workloads. MCC will be a Linux IoT Edge module running on the Windows Host OS. -Even though your MCC scenario is not related to IoT, Azure IoT Edge is used as a more generic Linux container deployment and management infrastructure. The Azure IoT Edge runtime sits on your designated MCC device and performs management and communication operations. The runtime performs several functions important to manage MCC on your edge device: +Even though your MCC scenario isn't related to IoT, Azure IoT Edge is used as a more generic Linux container deployment and management infrastructure. The Azure IoT Edge runtime sits on your designated MCC device and performs management and communication operations. The runtime performs several functions important to manage MCC on your edge device: 1. Installs and updates MCC on your edge device. -2. Maintains Azure IoT Edge security standards on your edge device. -3. Ensures that MCC is always running. -4. Reports MCC health and usage to the cloud for remote monitoring. +1. Maintains Azure IoT Edge security standards on your edge device. +1. Ensures that MCC is always running. +1. Reports MCC health and usage to the cloud for remote monitoring. To deploy a functional MCC to your device, you must obtain the necessary keys to provision the Connected Cache instance that communicates with Delivery Optimization services, and enable the device to cache and deliver content. The architecture of MCC is described below. -For more details information on Azure IoT Edge, please see the Azure IoT Edge [documentation](/azure/iot-edge/about-iot-edge). +For more information on Azure IoT Edge, see the Azure IoT Edge [documentation](/azure/iot-edge/about-iot-edge). ## How MCC Works 1. The Azure Management Portal is used to create MCC nodes. -2. The MCC container is deployed and provisioned to the server using the installer provided in the portal. -3. Client policy is set in your management solution to point to the IP address or FQDN of the cache server. -4. Microsoft end-user devices make range requests for content from the MCC node. -5. The MCC node pulls content from the CDN, seeds its local cache stored on disk, and delivers the content to the client. -6. Subsequent requests from end-user devices for content will now come from cache. -7. If the MCC node is unavailable, the client will pull content from CDN to ensure uninterrupted service for your subscribers. +1. The MCC container is deployed and provisioned to the server using the installer provided in the portal. +1. Client policy is set in your management solution to point to the IP address or FQDN of the cache server. +1. Microsoft end-user devices make range requests for content from the MCC node. +1. The MCC node pulls content from the CDN, seeds its local cache stored on disk, and delivers the content to the client. +1. Subsequent requests from end-user devices for content will now come from cache. +1. If the MCC node is unavailable, the client will pull content from CDN to ensure uninterrupted service for your subscribers. -See the following diagram. +The following diagram displays and overview of how MCC functions: -![MCC Overview](images/waas-mcc-diag-overview.png#lightbox) +:::image type="content" source="./images/waas-mcc-diag-overview.png" alt-text="Diagram displaying the components of MCC." lightbox="./images/waas-mcc-diag-overview.png"::: -For more information about MCC, see the following articles: -- [Microsoft Connected Cache for Enterprise and Education](mcc-enterprise.md) -- [Microsoft Connected Cache for ISPs](mcc-isp.md) -## Also see -[Introducing Microsoft Connected Cache](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/introducing-microsoft-connected-cache-microsoft-s-cloud-managed/ba-p/963898) \ No newline at end of file +## Next steps + +- [Microsoft Connected Cache for Enterprise and Education](mcc-enterprise-prerequisites.md) +- [Microsoft Connected Cache for ISPs](mcc-isp-signup.md) diff --git a/windows/deployment/do/whats-new-do.md b/windows/deployment/do/whats-new-do.md index 3609de6b15..35b2652d61 100644 --- a/windows/deployment/do/whats-new-do.md +++ b/windows/deployment/do/whats-new-do.md @@ -21,7 +21,7 @@ ms.technology: itpro-updates - Windows 10 - Windows 11 -## Microsoft Connected Cache (private preview) +## Microsoft Connected Cache (early preview) Microsoft Connected Cache (MCC) is a software-only caching solution that delivers Microsoft content within Enterprise networks. MCC can be deployed to as many bare-metal servers or VMs as needed, and is managed from a cloud portal. Cache nodes are created in the cloud portal and are configured by applying the client policy using management tools such as Intune. diff --git a/windows/deployment/windows-10-poc-sc-config-mgr.md b/windows/deployment/windows-10-poc-sc-config-mgr.md index f7ecaa8853..c33a3b8242 100644 --- a/windows/deployment/windows-10-poc-sc-config-mgr.md +++ b/windows/deployment/windows-10-poc-sc-config-mgr.md @@ -277,7 +277,7 @@ This section contains several procedures to support Zero Touch installation with ### Configure the network access account -1. In the Administration workspace, expand **Site Configuration** and select **Sites**. +1. in the **Administration** workspace, expand **Site Configuration** and select **Sites**. 2. On the **Home** ribbon at the top of the console window, select **Configure Site Components** and then select **Software Distribution**. 3. On the **Network Access Account** tab, choose **Specify the account that accesses network locations**. 4. Select the yellow starburst and then select **New Account**. @@ -286,17 +286,17 @@ This section contains several procedures to support Zero Touch installation with ### Configure a boundary group -1. In the Administration workspace, expand **Hierarchy Configuration**, right-click **Boundaries** and then select **Create Boundary**. +1. in the **Administration** workspace, expand **Hierarchy Configuration**, right-click **Boundaries** and then select **Create Boundary**. 2. Next to **Description**, type **PS1**, next to **Type** choose **Active Directory Site**, and then select **Browse**. 3. Choose **Default-First-Site-Name** and then select **OK** twice. -4. In the Administration workspace, right-click **Boundary Groups** and then select **Create Boundary Group**. +4. in the **Administration** workspace, right-click **Boundary Groups** and then select **Create Boundary Group**. 5. Next to **Name**, type **PS1 Site Assignment and Content Location**, select **Add**, select the **Default-First-Site-Name** boundary and then select **OK**. 6. On the **References** tab in the **Create Boundary Group** window, select the **Use this boundary group for site assignment** checkbox. 7. Select **Add**, select the **\\\SRV1.contoso.com** checkbox, and then select **OK** twice. ### Add the state migration point role -1. In the Administration workspace, expand **Site Configuration**, select **Sites**, and then in on the **Home** ribbon at the top of the console select **Add Site System Roles**. +1. in the **Administration** workspace, expand **Site Configuration**, select **Sites**, and then in on the **Home** ribbon at the top of the console select **Add Site System Roles**. 2. In the Add site System Roles Wizard, select **Next** twice and then on the Specify roles for this server page, select the **State migration point** checkbox. 3. Select **Next**, select the yellow starburst, type **C:\MigData** for the **Storage folder**, and select **OK**. 4. Select **Next**, and then verify under **Boundary groups** that **PS1 Site Assignment and Content Location** is displayed. @@ -862,7 +862,7 @@ Set-VMNetworkAdapter -VMName PC4 -StaticMacAddress 00-15-5D-83-26-FF Checkpoint-VM -Name PC1 -SnapshotName BeginState ``` -1. On SRV1, in the Configuration Manager console, in the Administration workspace, expand **Hierarchy Configuration** and select on **Discovery Methods**. +1. On SRV1, in the Configuration Manager console, in the **Administration** workspace, expand **Hierarchy Configuration** and select on **Discovery Methods**. 1. Double-click **Active Directory System Discovery** and on the **General** tab select the **Enable Active Directory System Discovery** checkbox. 1. Select the yellow starburst, select **Browse**, select **contoso\Computers**, and then select **OK** three times. 1. When a popup dialog box asks if you want to run full discovery, select **Yes**. diff --git a/windows/security/threat-protection/auditing/event-4688.md b/windows/security/threat-protection/auditing/event-4688.md index 3de0d6acc5..2416040af7 100644 --- a/windows/security/threat-protection/auditing/event-4688.md +++ b/windows/security/threat-protection/auditing/event-4688.md @@ -14,7 +14,7 @@ ms.author: vinpa ms.technology: itpro-security --- -# 4688(S): A new process has been created. +# 4688(S): A new process has been created. (Windows 10) Event 4688 illustration diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md index 314595bed9..634bbc6d29 100644 --- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -52,7 +52,7 @@ HVCI is labeled **Memory integrity** in the Windows Security app and it can be a ### Enable HVCI using Intune -Enabling in Intune requires using the Code Integrity node in the [AppLocker CSP](/windows/client-management/mdm/applocker-csp). +Enabling in Intune requires using the Code Integrity node in the [VirtualizationBasedTechnology CSP](/windows/client-management/mdm/policy-csp-virtualizationbasedtechnology). You can configure the settings in Windows by using the [settings catalog](/mem/intune/configuration/settings-catalog). ### Enable HVCI using Group Policy diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md index 4c6c5ddd2d..39110f95c1 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md @@ -33,9 +33,9 @@ The **Microsoft network server: Amount of idle time required before suspending s ### Possible values -- A user-defined number of minutes from 0 through 99,999 +- A user-defined number of minutes from 0 through 99,999. - For this policy setting, a value of 0 means to disconnect an idle session as quickly as is reasonably possible. The maximum value is 99999, which is 208 days. In effect, this value disables the policy. + For this policy setting, a value of 0 means to disconnect an idle session as quickly as is reasonably possible. The maximum value is 99999 (8 business hours per day), which is 208 days. In effect, this value disables the policy. - Not defined