deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-28 05:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into ado20683062

Browse Source
This commit is contained in:
Justin Hall 2019-03-05 10:23:31 -08:00
commit 4294ed8ce0
13 changed files with 160 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md
View File

@ -10,43 +10,46 @@ ms.prod: w10
ms.date: 06/16/2016
---
# Microsoft Application Virtualization 5.0 Administrator's Guide
The Microsoft Application Virtualization (App-V) 5.0 Administrators Guide provides information and step-by-step procedures to help you administer the App-V 5.0 system and its components. This information will be valuable for system administrators who manage large installations with many servers and clients and for support personnel who interact directly with the computers or the end users.
<a href="" id="getting-started-with-app-v-5-0"></a>[Getting Started with App-V 5.0](getting-started-with-app-v-50--rtm.md)
[About App-V 5.0](about-app-v-50.md)**|**[About App-V 5.0 SP1](about-app-v-50-sp1.md)**|**[About App-V 5.0 SP2](about-app-v-50-sp2.md)**|**[About App-V 5.0 SP3](about-app-v-50-sp3.md)**|**[Evaluating App-V 5.0](evaluating-app-v-50.md)**|**[High Level Architecture for App-V 5.0](high-level-architecture-for-app-v-50.md)**|**[Accessibility for App-V 5.0](accessibility-for-app-v-50.md)
<a href="" id="planning-for-app-v-5-0"></a>[Planning for App-V 5.0](planning-for-app-v-50-rc.md)
[Preparing Your Environment for App-V 5.0](preparing-your-environment-for-app-v-50.md)**|**[App-V 5.0 Prerequisites](app-v-50-prerequisites.md)**|**[App-V 5.0 SP3 Supported Configurations](app-v-50-sp3-supported-configurations.md)**|**[Planning to Deploy App-V](planning-to-deploy-app-v.md)**|**[App-V 5.0 Supported Configurations](app-v-50-supported-configurations.md)**||**App-V 5.0 SP3 Supported Configurations[App-V 5.0 Planning Checklist](app-v-50-planning-checklist.md)
<a href="" id="deploying-app-v-5-0"></a>[Deploying App-V 5.0](deploying-app-v-50.md)
[Deploying the App-V 5.0 Sequencer and Client](deploying-the-app-v-50-sequencer-and-client.md)**|**[Deploying the App-V 5.0 Server](deploying-the-app-v-50-server.md)**|**[App-V 5.0 Deployment Checklist](app-v-50-deployment-checklist.md)**|**[Deploying Microsoft Office 2013 by Using App-V](deploying-microsoft-office-2013-by-using-app-v.md)**|**[Deploying Microsoft Office 2010 by Using App-V](deploying-microsoft-office-2010-by-using-app-v.md)
<a href="" id="operations-for-app-v-5-0"></a>[Operations for App-V 5.0](operations-for-app-v-50.md)
[Creating and Managing App-V 5.0 Virtualized Applications](creating-and-managing-app-v-50-virtualized-applications.md)**|**[Administering App-V 5.0 Virtual Applications by Using the Management Console](administering-app-v-50-virtual-applications-by-using-the-management-console.md)**|**[Managing Connection Groups](managing-connection-groups.md)**|**[Deploying App-V 5.0 Packages by Using Electronic Software Distribution (ESD)](deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md)**|**[Using the App-V 5.0 Client Management Console](using-the-app-v-50-client-management-console.md)**|**[Migrating from a Previous Version](migrating-from-a-previous-version-app-v-50.md)**|**[Maintaining App-V 5.0](maintaining-app-v-50.md)**|**[Administering App-V by Using PowerShell](administering-app-v-by-using-powershell.md)
<a href="" id="troubleshooting-app-v-5-0"></a>[Troubleshooting App-V 5.0](troubleshooting-app-v-50.md)
<a href="" id="technical-reference-for-app-v-5-0"></a>[Technical Reference for App-V 5.0](technical-reference-for-app-v-50.md)
[Performance Guidance for Application Virtualization 5.0](performance-guidance-for-application-virtualization-50.md)**|**[Application Publishing and Client Interaction](application-publishing-and-client-interaction.md)**|**[Viewing App-V Server Publishing Metadata](viewing-app-v-server-publishing-metadata.md)**|**[Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md)
- [Getting Started with App-V 5.0](getting-started-with-app-v-50--rtm.md)
- [About App-V 5.0](about-app-v-50.md)
- [About App-V 5.0 SP1](about-app-v-50-sp1.md)
- [About App-V 5.0 SP2](about-app-v-50-sp2.md)
- [About App-V 5.0 SP3](about-app-v-50-sp3.md)
- [Evaluating App-V 5.0](evaluating-app-v-50.md)
- [High Level Architecture for App-V 5.0](high-level-architecture-for-app-v-50.md)
- [Accessibility for App-V 5.0](accessibility-for-app-v-50.md)
- [Planning for App-V 5.0](planning-for-app-v-50-rc.md)
- [Preparing Your Environment for App-V 5.0](preparing-your-environment-for-app-v-50.md)
- [Planning to Deploy App-V](planning-to-deploy-app-v.md)
- [App-V 5.0 Planning Checklist](app-v-50-planning-checklist.md)
- [Deploying App-V 5.0](deploying-app-v-50.md)
- [Deploying the App-V 5.0 Sequencer and Client](deploying-the-app-v-50-sequencer-and-client.md)
- [Deploying the App-V 5.0 Server](deploying-the-app-v-50-server.md)
- [App-V 5.0 Deployment Checklist](app-v-50-deployment-checklist.md)
- [Deploying Microsoft Office 2016 by Using App-V](deploying-microsoft-office-2016-by-using-app-v.md)
- [Deploying Microsoft Office 2013 by Using App-V](deploying-microsoft-office-2013-by-using-app-v.md)
- [Deploying Microsoft Office 2010 by Using App-V](deploying-microsoft-office-2010-by-using-app-v.md)
- [Operations for App-V 5.0](operations-for-app-v-50.md)
- [Creating and Managing App-V 5.0 Virtualized Applications](creating-and-managing-app-v-50-virtualized-applications.md)
- [Administering App-V 5.0 Virtual Applications by Using the Management Console](administering-app-v-50-virtual-applications-by-using-the-management-console.md)
- [Managing Connection Groups](managing-connection-groups.md)
- [Deploying App-V 5.0 Packages by Using Electronic Software Distribution (ESD)](deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md)
- [Using the App-V 5.0 Client Management Console](using-the-app-v-50-client-management-console.md)
- [Migrating from a Previous Version](migrating-from-a-previous-version-app-v-50.md)
- [Maintaining App-V 5.0](maintaining-app-v-50.md)
- [Administering App-V by Using PowerShell](administering-app-v-by-using-powershell.md)
- [Troubleshooting App-V 5.0](troubleshooting-app-v-50.md)
- [Technical Reference for App-V 5.0](technical-reference-for-app-v-50.md)
- [Performance Guidance for Application Virtualization 5.0](performance-guidance-for-application-virtualization-50.md)
- [Application Publishing and Client Interaction](application-publishing-and-client-interaction.md)
- [Viewing App-V Server Publishing Metadata](viewing-app-v-server-publishing-metadata.md)
- [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md)
### Got a suggestion for App-V?
Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).
 
 
- Add or vote on suggestions on the ["Microsoft Application Virtualization" forum on UserVoice.com](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
- For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).

65
mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md
View File

@ -10,43 +10,42 @@ ms.prod: w10
ms.date: 06/16/2016
---
# Microsoft Application Virtualization 5.1 Administrator's Guide
The Microsoft Application Virtualization (App-V) 5.1 Administrators Guide provides information and step-by-step procedures to help you administer the App-V 5.1 system and its components. This information will be valuable for system administrators who manage large installations with many servers and clients and for support personnel who interact directly with the computers or the end users.
<a href="" id="getting-started-with-app-v-5-1"></a>[Getting Started with App-V 5.1](getting-started-with-app-v-51.md)
[About App-V 5.1](about-app-v-51.md)**|**[Evaluating App-V 5.1](evaluating-app-v-51.md)**|**[High Level Architecture for App-V 5.1](high-level-architecture-for-app-v-51.md)**|**[Accessibility for App-V 5.1](accessibility-for-app-v-51.md)
<a href="" id="planning-for-app-v-5-1"></a>[Planning for App-V 5.1](planning-for-app-v-51.md)
[Preparing Your Environment for App-V 5.1](preparing-your-environment-for-app-v-51.md)**|**[App-V 5.1 Prerequisites](app-v-51-prerequisites.md)**|**[Planning to Deploy App-V](planning-to-deploy-app-v51.md)**|**[App-V 5.1 Supported Configurations](app-v-51-supported-configurations.md)**|**[App-V 5.1 Planning Checklist](app-v-51-planning-checklist.md)
<a href="" id="deploying-app-v-5-1"></a>[Deploying App-V 5.1](deploying-app-v-51.md)
[Deploying the App-V 5.1 Sequencer and Client](deploying-the-app-v-51-sequencer-and-client.md)**|**[Deploying the App-V 5.1 Server](deploying-the-app-v-51-server.md)**|**[App-V 5.1 Deployment Checklist](app-v-51-deployment-checklist.md)**|**[Deploying Microsoft Office 2013 by Using App-V](deploying-microsoft-office-2013-by-using-app-v51.md)**|**[Deploying Microsoft Office 2010 by Using App-V](deploying-microsoft-office-2010-by-using-app-v51.md)
<a href="" id="operations-for-app-v-5-1"></a>[Operations for App-V 5.1](operations-for-app-v-51.md)
[Creating and Managing App-V 5.1 Virtualized Applications](creating-and-managing-app-v-51-virtualized-applications.md)**|**[Administering App-V 5.1 Virtual Applications by Using the Management Console](administering-app-v-51-virtual-applications-by-using-the-management-console.md)**|**[Managing Connection Groups](managing-connection-groups51.md)**|**[Deploying App-V 5.1 Packages by Using Electronic Software Distribution (ESD)](deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md)**|**[Using the App-V 5.1 Client Management Console](using-the-app-v-51-client-management-console.md)**|**[Migrating to App-V 5.1 from a Previous Version](migrating-to-app-v-51-from-a-previous-version.md)**|**[Maintaining App-V 5.1](maintaining-app-v-51.md)**|**[Administering App-V 5.1 by Using PowerShell](administering-app-v-51-by-using-powershell.md)
<a href="" id="troubleshooting-app-v-5-1"></a>[Troubleshooting App-V 5.1](troubleshooting-app-v-51.md)
<a href="" id="technical-reference-for-app-v-5-1"></a>[Technical Reference for App-V 5.1](technical-reference-for-app-v-51.md)
[Performance Guidance for Application Virtualization 5.1](performance-guidance-for-application-virtualization-51.md)**|**[Application Publishing and Client Interaction](application-publishing-and-client-interaction51.md)**|**[Viewing App-V Server Publishing Metadata](viewing-app-v-server-publishing-metadata51.md)**|**[Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md)
- [Getting Started with App-V 5.1](getting-started-with-app-v-51.md)
- [About App-V 5.1](about-app-v-51.md)
- [Evaluating App-V 5.1](evaluating-app-v-51.md)
- [High Level Architecture for App-V 5.1](high-level-architecture-for-app-v-51.md)
- [Accessibility for App-V 5.1](accessibility-for-app-v-51.md)
- [Planning for App-V 5.1](planning-for-app-v-51.md)
- [Preparing Your Environment for App-V 5.1](preparing-your-environment-for-app-v-51.md)
- [Planning to Deploy App-V](planning-to-deploy-app-v51.md)
- [Deploying App-V 5.1](deploying-app-v-51.md)
- [Deploying the App-V 5.1 Sequencer and Client](deploying-the-app-v-51-sequencer-and-client.md)
- [Deploying the App-V 5.1 Server](deploying-the-app-v-51-server.md)
- [App-V 5.1 Deployment Checklist](app-v-51-deployment-checklist.md)
- [Deploying Microsoft Office 2016 by Using App-V](deploying-microsoft-office-2016-by-using-app-v51.md)
- [Deploying Microsoft Office 2013 by Using App-V](deploying-microsoft-office-2013-by-using-app-v51.md)
- [Deploying Microsoft Office 2010 by Using App-V](deploying-microsoft-office-2010-by-using-app-v51.md)
- [Operations for App-V 5.1](operations-for-app-v-51.md)
- [Creating and Managing App-V 5.1 Virtualized Applications](creating-and-managing-app-v-51-virtualized-applications.md)
- [Administering App-V 5.1 Virtual Applications by Using the Management Console](administering-app-v-51-virtual-applications-by-using-the-management-console.md)
- [Managing Connection Groups](managing-connection-groups51.md)
- [Deploying App-V 5.1 Packages by Using Electronic Software Distribution (ESD)](deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md)
- [Using the App-V 5.1 Client Management Console](using-the-app-v-51-client-management-console.md)
- [Migrating to App-V 5.1 from a Previous Version](migrating-to-app-v-51-from-a-previous-version.md)
- [Maintaining App-V 5.1](maintaining-app-v-51.md)
- [Administering App-V 5.1 by Using PowerShell](administering-app-v-51-by-using-powershell.md)
- [Troubleshooting App-V 5.1](troubleshooting-app-v-51.md)
- [Technical Reference for App-V 5.1](technical-reference-for-app-v-51.md)
- [Performance Guidance for Application Virtualization 5.1](performance-guidance-for-application-virtualization-51.md)
- [Application Publishing and Client Interaction](application-publishing-and-client-interaction51.md)
- [Viewing App-V Server Publishing Metadata](viewing-app-v-server-publishing-metadata51.md)
- [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md)
### Got a suggestion for App-V?
Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).
 
 
- Add or vote on suggestions on the ["Microsoft Application Virtualization" forum on UserVoice.com](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
- For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv).

2
windows/client-management/mdm/configuration-service-provider-reference.md
View File

@ -2672,7 +2672,7 @@ The following list shows the configuration service providers supported in Window
| Configuration service provider | Windows Holographic edition | Windows Holographic for Business edition |
|--------|--------|------------|
| [AccountManagement CSP](accountmanagement-csp.md) | ![cross mark](images/crossmark.png) | ![check mark](images/checkmark.png)4 |
| [Accounts CSP](accounts-csp) | ![check mark](images/checkmark.png) | ![check mark](images/checkmark.png)
| [Accounts CSP](accounts-csp.md) | ![check mark](images/checkmark.png) | ![check mark](images/checkmark.png)
| [AppLocker CSP](applocker-csp.md) | ![cross mark](images/crossmark.png) | ![check mark](images/checkmark.png) |
| [AssignedAccess CSP](assignedaccess-csp.md) | ![cross mark](images/crossmark.png) | ![check mark](images/checkmark.png)4 |
| [CertificateStore CSP](certificatestore-csp.md) | ![check mark](images/checkmark.png) | ![check mark](images/checkmark.png)|

20
windows/client-management/mdm/enable-admx-backed-policies-in-mdm.md
View File

@ -14,7 +14,7 @@ ms.date: 11/01/2017
This is a step-by-step guide to configuring ADMX-backed policies in MDM.
Starting in Windows 10 version 1703, Mobile Device Management (MDM) policy configuration support expanded to allow access of select Group Policy administrative templates (ADMX-backed policies) for Windows PCs via the [Policy configuration service provider (CSP)](policy-configuration-service-provider.md). Configuring ADMX-backed policies in Policy CSP is different from the typical way you configure a traditional MDM policy.
Starting in Windows 10 version 1703, Mobile Device Management (MDM) policy configuration support was expanded to allow access of select Group Policy administrative templates (ADMX-backed policies) for Windows PCs via the [Policy configuration service provider (CSP)](policy-configuration-service-provider.md). Configuring ADMX-backed policies in Policy CSP is different from the typical way you configure a traditional MDM policy.
Summary of steps to enable a policy:
- Find the policy from the list ADMX-backed policies.
@ -22,6 +22,11 @@ Summary of steps to enable a policy:
- Use the Group Policy Editor to determine whether there are parameters necessary to enable the policy.
- Create the data payload for the SyncML.
See [Support Tip: Ingesting Office ADMX-backed policies using Microsoft Intune](https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Ingesting-Office-ADMX-Backed-policies-using/ba-p/354824) for a walk-through using Intune.
>[!TIP]
>Intune has added a number of ADMX-backed administrative templates in public preview. Check if the policy settings you need are available in a template before using the SyncML method described below. [Learn more about Intune's administrative templates.](https://docs.microsoft.com/intune/administrative-templates-windows)
## Enable a policy
1. Find the policy from the list [ADMX-backed policies](policy-configuration-service-provider.md#admx-backed-policies). You need the following information listed in the policy description.
@ -50,7 +55,7 @@ Summary of steps to enable a policy:
![Enable App-V client](images/admx-appv-enableapp-vclient.png)
3. Create the SyncML to enable the policy that does not require any parameter.
3. Create the SyncML to enable the policy that does not require any parameter.
In this example you configure **Enable App-V Client** to **Enabled**.
@ -82,7 +87,7 @@ Summary of steps to enable a policy:
## Enable a policy that requires parameters
1. Create the SyncML to enable the policy that requires parameters.
1. Create the SyncML to enable the policy that requires parameters.
In this example, the policy is in **Administrative Templates > System > App-V > Publishing**.
@ -299,12 +304,3 @@ The \<Data> payload is empty. Here an example to set AppVirtualization/Publishin
</SyncML>
```
## Video walkthrough
Here is a video of how to create a custom xml to enable an ADMX-backed policy and deploy the XML in Intune.
> [!VIDEO https://www.microsoft.com/showcase/video.aspx?uuid=bdc9b54b-11b0-4bdb-a022-c339d16e7121]
Here is a video of how to import a custom ADMX file to a device using Intune.
> [!VIDEO https://www.microsoft.com/showcase/video.aspx?uuid=a59888b1-429f-4a49-8570-c39a143d9a73]

4
windows/client-management/mdm/policy-configuration-service-provider.md
View File

@ -5030,7 +5030,7 @@ The following diagram shows the Policy configuration service provider in tree fo
- [Update/ScheduledInstallDay](#update-scheduledinstallday)
- [Update/ScheduledInstallTime](#update-scheduledinstalltime)
- [Update/UpdateServiceUrl](#update-updateserviceurl)
- [Wifi/AllowManualWiFiConfiguration](policy-csp-wifi#wifi-allowmanualwificonfiguration)
- [Wifi/AllowManualWiFiConfiguration](policy-csp-wifi.md#wifi-allowmanualwificonfiguration)
## <a href="" id="hololenspolicies"></a>Policies supported by Windows Holographic
@ -5076,7 +5076,7 @@ The following diagram shows the Policy configuration service provider in tree fo
- [Update/ScheduledInstallTime](#update-scheduledinstalltime)
- [Update/UpdateServiceUrl](#update-updateserviceurl)
- [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
- [Wifi/AllowManualWiFiConfiguration](policy-csp-wifi#wifi-allowmanualwificonfiguration)
- [Wifi/AllowManualWiFiConfiguration](policy-csp-wifi.md#wifi-allowmanualwificonfiguration)
<!--EndHoloLens-->

11
windows/client-management/mdm/understanding-admx-backed-policies.md
View File

@ -30,15 +30,8 @@ An ADMX file can either be shipped with Windows (located at `%SystemRoot%\policy
Windows maps the name and category path of a Group Policy to a MDM policy area and policy name by parsing the associated ADMX file, finding the specified Group Policy, and storing the definition (metadata) in the MDM Policy CSP client store. When the MDM policy is referenced by a SyncML command and the Policy CSP URI, `.\[device|user]\vendor\msft\policy\[config|result]\<area>\<policy>`, this metadata is referenced and determines which registry keys are set or removed. For a list of ADMX-backed policies supported by MDM, see [Policy CSP - ADMX-backed policies](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#admx-backed-policies).
## Video walkthrough
Here is a video of how to create a custom xml to enable an ADMX-backed policy and deploy the XML in Intune.
> [!VIDEO https://www.microsoft.com/showcase/video.aspx?uuid=bdc9b54b-11b0-4bdb-a022-c339d16e7121]
Here is a video of how to import a custom ADMX file to a device using Intune.
> [!VIDEO https://www.microsoft.com/showcase/video.aspx?uuid=a59888b1-429f-4a49-8570-c39a143d9a73]
>[!TIP]
>Intune has added a number of ADMX-backed administrative templates in public preview. Check if the policy settings you need are available in a template before using the SyncML method described below. [Learn more about Intune's administrative templates.](https://docs.microsoft.com/intune/administrative-templates-windows)
## <a href="" id="admx-files-and-the-group-policy-editor"></a>ADMX files and the Group Policy Editor

5
windows/deployment/windows-autopilot/TOC.md
View File

@ -13,14 +13,15 @@
### [Windows Autopilot Reset](windows-autopilot-reset.md)
#### [Remote reset](windows-autopilot-reset-remote.md)
#### [Local reset](windows-autopilot-reset-local.md)
## Administering Autopilot
## [Administering Autopilot](administer.md)
### [Configuring](configure-autopilot.md)
#### [Adding devices](add-devices.md)
#### [Creating profiles](profiles.md)
#### [Enrollment status page](enrollment-status.md)
#### [BitLocker encryption](bitlocker.md)
### [Administering Autopilot via Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles)
### [Administering Autopilot via Partner Center](https://docs.microsoft.com/en-us/partner-center/autopilot)
### [Administering Autopilot via Microsoft Intune](https://docs.microsoft.com/intune/enrollment-autopilot)
### [Administering Autopilot via Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles)
### [Administering Autopilot via Microsoft 365 Business & Office 365 Admin portal](https://support.office.com/article/Create-and-edit-Autopilot-profiles-5cf7139e-cfa1-4765-8aad-001af1c74faa)
## Getting started
### [Demonstrate Autopilot deployment on a VM](demonstrate-deployment-on-vm.md)

66
windows/deployment/windows-autopilot/administer.md Normal file
View File

@ -0,0 +1,66 @@
---
title: Administering Autopilot
description: A short description of methods for configuring Autopilot
keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
ms.prod: w10
ms.mktglfcycl: deploy
ms.localizationpriority: low
ms.sitesec: library
ms.pagetype: deploy
author: greg-lindsay
ms.author: greg-lindsay
---
# Administering Autopilot
**Applies to: Windows 10**
Several platforms are available to register devices with Windows Autopilot. A summary of each platform's capabilities is provided below.
<table>
<tr>
<td BGCOLOR="#a0e4fa"><B>Platform/Portal</th>
<td BGCOLOR="#a0e4fa"><B>Register devices?</th>
<td BGCOLOR="#a0e4fa"><B>Create/Assign profile</th>
<td BGCOLOR="#a0e4fa"><B>Acceptable DeviceID</th>
</tr>
<tr>
<td>OEM Direct API</td>
<td>YES - 1000 at a time max</td>
<td>NO</td>
<td>Tuple or PKID</td>
</tr>
<tr>
<td><a href="https://docs.microsoft.com/en-us/partner-center/autopilot">Partner Center</a></td>
<td>YES - 1000 at a time max<b>\*</b></td>
<td>YES</td>
<td>Tuple or PKID or 4K HH</td>
</tr>
<tr>
<td><a href="https://docs.microsoft.com/en-us/intune/enrollment-autopilot">Intune</a></td>
<td>YES - 175 at a time max</td>
<td>YES<b>\*</b></td>
<td>4K HH</td>
</tr>
<tr>
<td><a href="https://docs.microsoft.com/en-us/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles">Microsoft Store for Business</a></td>
<td>YES - 1000 at a time max</td>
<td>YES</td>
<td>4K HH</td>
</tr>
<tr>
<td><a href="https://docs.microsoft.com/en-us/microsoft-365/business/create-and-edit-autopilot-profiles?redirectSourcePath=%252farticle%252fCreate-and-edit-Autopilot-profiles-5cf7139e-cfa1-4765-8aad-001af1c74faa">Microsoft Business 365</a></td>
<td>YES - 1000 at a time max</td>
<td>YES</td>
<td>4K HH</td>
</tr>
</table>
><b>*</b>Microsoft recommended platform to use

70
windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md
View File

@ -2637,75 +2637,6 @@ The following fields are available:
## Diagnostic data events
### TelClientSynthetic.AbnormalShutdown_0
This event sends data about boot IDs for which a normal clean shutdown was not observed, to help keep Windows up to date.
The following fields are available:
- **AbnormalShutdownBootId** BootId of the abnormal shutdown being reported by this event.
- **AcDcStateAtLastShutdown** Identifies if the device was on battery or plugged in.
- **BatteryLevelAtLastShutdown** The last recorded battery level.
- **BatteryPercentageAtLastShutdown** The battery percentage at the last shutdown.
- **CrashDumpEnabled** Indicates whether crash dumps are enabled.
- **CumulativeCrashCount** Cumulative count of operating system crashes since the BootId reset.
- **CurrentBootId** BootId at the time the abnormal shutdown event was being reported.
- **Firmwaredata->ResetReasonEmbeddedController** The reset reason that was supplied by the firmware.
- **Firmwaredata->ResetReasonEmbeddedControllerAdditional** Additional data related to reset reason provided by the firmware.
- **Firmwaredata->ResetReasonPch** The reset reason that was supplied by the hardware.
- **Firmwaredata->ResetReasonPchAdditional** Additional data related to the reset reason supplied by the hardware.
- **Firmwaredata->ResetReasonSupplied** Indicates whether the firmware supplied any reset reason or not.
- **FirmwareType** ID of the FirmwareType as enumerated in DimFirmwareType.
- **HardwareWatchdogTimerGeneratedLastReset** Indicates whether the hardware watchdog timer caused the last reset.
- **HardwareWatchdogTimerPresent** Indicates whether hardware watchdog timer was present or not.
- **LastBugCheckBootId** bootId of the last captured crash.
- **LastBugCheckCode** Code that indicates the type of error.
- **LastBugCheckContextFlags** Additional crash dump settings.
- **LastBugCheckOriginalDumpType** The type of crash dump the system intended to save.
- **LastBugCheckOtherSettings** Other crash dump settings.
- **LastBugCheckParameter1** The first parameter with additional info on the type of the error.
- **LastBugCheckProgress** Progress towards writing out the last crash dump.
- **LastBugCheckVersion** The version of the information struct written during the crash.
- **LastSuccessfullyShutdownBootId** BootId of the last fully successful shutdown.
- **LongPowerButtonPressDetected** Identifies if the user was pressing and holding power button.
- **OOBEInProgress** Identifies if the Out-Of-Box-Experience is running.
- **OSSetupInProgress** Identifies if the operating system setup is running.
- **PowerButtonCumulativePressCount** Indicates the number of times the power button has been pressed ("pressed" not to be confused with "released").
- **PowerButtonCumulativeReleaseCount** Indicates the number of times the power button has been released ("released" not to be confused with "pressed").
- **PowerButtonErrorCount** Indicates the number of times there was an error attempting to record Power Button metrics (e.g.: due to a failure to lock/update the bootstat file).
- **PowerButtonLastPressBootId** BootId of the last time the Power Button was detected to have been pressed ("pressed" not to be confused with "released").
- **PowerButtonLastPressTime** Date/time of the last time the Power Button was pressed ("pressed" not to be confused with "released").
- **PowerButtonLastReleaseBootId** The Boot ID of the last time the Power Button was released ("released" not to be confused with "pressed").
- **PowerButtonLastReleaseTime** The date and time the Power Button was most recently released ("released" not to be confused with "pressed").
- **PowerButtonPressCurrentCsPhase** Represents the phase of Connected Standby exit when the power button was pressed.
- **PowerButtonPressIsShutdownInProgress** Indicates whether a system shutdown was in progress at the last time the power button was pressed.
- **PowerButtonPressLastPowerWatchdogStage** The last stage completed when the Power Button was most recently pressed.
- **PowerButtonPressPowerWatchdogArmed** Indicates whether or not the watchdog for the monitor was active at the time of the last power button press.
- **ShutdownDeviceType** Identifies who triggered a shutdown. Is it because of battery, thermal zones, or through a Kernel API.
- **SleepCheckpoint** Provides the last checkpoint when there is a failure during a sleep transition.
- **SleepCheckpointSource** Indicates whether the source is the EFI variable or bootstat file.
- **SleepCheckpointStatus** Indicates whether the checkpoint information is valid.
- **StaleBootStatData** Identifies if the data from bootstat is stale.
- **TransitionInfoBootId** The Boot ID of the captured transition information.
- **TransitionInfoCSCount** The total number of times the system transitioned from "Connected Standby" mode to "On" when the last marker was saved.
- **TransitionInfoCSEntryReason** Indicates the reason the device last entered "Connected Standby" mode ("entered" not to be confused with "exited").
- **TransitionInfoCSExitReason** Indicates the reason the device last exited "Connected Standby" mode ("exited" not to be confused with "entered").
- **TransitionInfoCSInProgress** Indicates whether the system was in or entering Connected Standby mode when the last marker was saved.
- **TransitionInfoLastReferenceTimeChecksum** The checksum of TransitionInfoLastReferenceTimestamp.
- **TransitionInfoLastReferenceTimestamp** The date and time that the marker was last saved.
- **TransitionInfoLidState** Describes the state of the laptop lid.
- **TransitionInfoPowerButtonTimestamp** The most recent date and time when the Power Button was pressed (collected via a different mechanism than PowerButtonLastPressTime).
- **TransitionInfoSleepInProgress** Indicates whether the system was in or entering Sleep mode when the last marker was saved.
- **TransitionInfoSleepTranstionsToOn** The total number of times the system transitioned from Sleep mode to on, when the last marker was saved.
- **TransitionInfoSystemRunning** Indicates whether the system was running when the last marker was saved.
- **TransitionInfoSystemShutdownInProgress** Indicates whether a device shutdown was in progress when the power button was pressed.
- **TransitionInfoUserShutdownInProgress** Indicates whether a user shutdown was in progress when the power button was pressed.
- **TransitionLatestCheckpointId** Represents a unique identifier for a checkpoint during the device state transition.
- **TransitionLatestCheckpointSeqNumber** Represents the chronological sequence number of the checkpoint.
- **TransitionLatestCheckpointType** Represents the type of the checkpoint, which can be the start of a phase, end of a phase, or just informational.
- **VirtualMachineId** If the operating system is on a virtual Machine, it gives the virtual Machine ID (GUID) that can be used to correlate events on the host.
### TelClientSynthetic.AuthorizationInfo_RuntimeTransition
This event sends data indicating that a device has undergone a change of telemetry opt-in level detected at UTC startup, to help keep Windows up to date. The telemetry opt-in level signals what data we are allowed to collect.
@ -4127,7 +4058,6 @@ The following fields are available:
- **ProductVersion** The version associated with the Office add-in.
- **ProgramId** The unique program identifier of the Microsoft Office add-in.
- **Provider** Name of the provider for this add-in.
- **Usage** Data about usage for the add-in.
### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove

BIN
windows/security/threat-protection/intelligence/images/wdatp-pillars2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 360 KiB

4
windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md
View File

@ -112,6 +112,4 @@ It is important to remember that Microsoft sees a wider and broader set of threa
The capabilities within [Windows Defender ATP](https://www.microsoft.com/en-us/windowsforbusiness?ocid=cx-docs-avreports) provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into industry tests, and address some of the latest and most sophisticated threats. Isolating AV from the rest of Windows Defender ATP creates a partial picture of how our security stack operates in the real world. For example, attack surface reduction and endpoint detection & response capabilities can help prevent malware from getting onto devices in the first place. We have proven that [Windows Defender ATP components catch samples](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports) that Windows Defender Antivirus missed in these industry tests, which is more representative of how effectively our security suite protects customers in the real world.
Using independent tests, customers can view one aspect of their security suite but can't assess the complete protection of all the security features. Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports).
![ATP](./images/wdatp-pillars2.png)
Using independent tests, customers can view one aspect of their security suite but can't assess the complete protection of all the security features. Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports).

4
windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
View File

@ -11,7 +11,6 @@ ms.pagetype: security
ms.localizationpriority: medium
author: andreabichsel
ms.author: v-anbic
ms.date: 09/03/2018
---
# Configure Windows Defender Antivirus exclusions on Windows Server
@ -159,6 +158,9 @@ This section lists the default exclusions for all Windows Server 2016 roles.
- The Distributed File System Replication (DFSR) database and working folders. These folders are specified by the registry key `HKEY_LOCAL_MACHINE\System\Currentcontrolset\Services\DFSR\Parameters\Replication Groups\GUID\Replica Set Configuration File`
> [!NOTE]
> For custom locations, see [Opt out of automatic exclusions](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus#opt-out-of-automatic-exclusions).
- *%systemdrive%*\System Volume Information\DFSR\\$db_normal$
- *%systemdrive%*\System Volume Information\DFSR\FileIDTable_*

12
windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
View File

@ -19,7 +19,7 @@ ms.author: v-anbic
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
Attack surface reduction rules help prevent behaviors malware often uses to infect computers with malicious code. You can set attack surface reduction rules for computers running Windows 10, version 1803 or later, or Windows Server 2019.
Attack surface reduction rules help prevent behaviors malware often uses to infect computers with malicious code. You can set attack surface reduction rules for computers running Windows 10, version 1709 or later, Windows Server 2016 1803 or later, or Windows Server 2019.
To use attack surface reduction rules, you need a Windows 10 Enterprise E3 license or higher. A Windows E5 license gives you the advanced management capabilities to power them. These include monitoring, analytics, and workflows available in [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md), as well as reporting and configuration capabilities in the M365 Security Center. These advanced capabilities aren't available with an E3 license, but you can use attack surface reduction rule events in Event Viewer to help facilitate deployment.
@ -31,13 +31,13 @@ Attack surface reduction rules target behaviors that malware and malicious apps
You can use [audit mode](audit-windows-defender-exploit-guard.md) to evaluate how attack surface reduction rules would impact your organization if they were enabled. It's best to run all rules in audit mode first so you can understand their impact on your line-of-business applications. Many line-of-business applications are written with limited security concerns, and they may perform tasks similar to malware. By monitoring audit data and [adding exclusions](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction#exclude-files-and-folders-from-asr-rules) for necessary applications, you can deploy attack surface reduction rules without impacting productivity.
Triggered rules display a notification on the device. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. The notification also displays in the Windows Defender ATP Security Center and on the M365 console.
Triggered rules display a notification on the device. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. The notification also displays in the Windows Defender Security Center and in the Microsoft 365 securty center.
For information about configuring attack surface reduction rules, see [Enable attack surface reduction rules](enable-attack-surface-reduction.md).
## Attack surface reduction rules
The following sections describe each of the 15 attack surface reduction rules. This table shows their corresponding GUIDs, which you use if you're configuring the rules with Group Policy:
The following sections describe each of the 15 attack surface reduction rules. This table shows their corresponding GUIDs, which you use if you're configuring the rules with Group Policy or PowerShell. If you use System Center Configuration Manager or Microsoft Intune, you do not need the GUIDs:
Rule name | GUID
-|-
@ -219,7 +219,7 @@ This rule prevents Outlook from creating child processes. It protects against so
>[!NOTE]
>This rule applies to Outlook and Outlook.com only.
Intune name: Not yet available
Intune name: Process creation from Office communication products (beta)
SCCM name: Not yet available
@ -229,7 +229,7 @@ GUID: 26190899-1602-49e8-8b27-eb1d0a1ce869
Through social engineering or exploits, malware can download and launch additional payloads and break out of Adobe Reader. This rule prevents attacks like this by blocking Adobe Reader from creating additional processes.
Intune name: Not applicable
Intune name: Process creation from Adobe Reader (beta)
SCCM name: Not applicable
@ -238,4 +238,4 @@ GUID: 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c
## Related topics
- [Enable attack surface reduction rules](enable-attack-surface-reduction.md)
- [Evaluate attack surface reduction rules](evaluate-attack-surface-reduction.md)
- [Evaluate attack surface reduction rules](evaluate-attack-surface-reduction.md)