diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md index 5d0635344e..fe3ef6c693 100644 --- a/devices/hololens/TOC.md +++ b/devices/hololens/TOC.md @@ -10,15 +10,24 @@ ## [Enroll HoloLens in MDM](hololens-enroll-mdm.md) ## [Manage updates to HoloLens](hololens-updates.md) ## [Restore HoloLens 2 using Advanced Recovery Companion](hololens-recovery.md) +## [Use the HoloLens Clicker](hololens-clicker.md) +## [Restart or recover the HoloLens clicker](hololens-clicker-restart-recover.md) # Application Management ## [Install apps on HoloLens](hololens-install-apps.md) ## [Share HoloLens with multiple people](hololens-multiple-users.md) +## [Cortana on HoloLens](hololens-cortana.md) +## [Get apps for HoloLens](hololens-get-apps.md) +## [Use apps on HoloLens](hololens-use-apps.md) +## [Use HoloLens offline](hololens-offline.md) +## [Spaces on HoloLens](hololens-spaces-on-hololens.md) # User/Access Management ## [Set up single application access](hololens-kiosk.md) ## [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md) ## [How HoloLens stores data for spaces](hololens-spaces.md) +## [Find and save files](hololens-find-and-save-files.md) # [Insider preview for Microsoft HoloLens](hololens-insider.md) -# [Change history for Microsoft HoloLens documentation](change-history-hololens.md) \ No newline at end of file +# [Change history for Microsoft HoloLens documentation](change-history-hololens.md) + diff --git a/devices/hololens/hololens-clicker-restart-recover.md b/devices/hololens/hololens-clicker-restart-recover.md new file mode 100644 index 0000000000..8559ec009a --- /dev/null +++ b/devices/hololens/hololens-clicker-restart-recover.md @@ -0,0 +1,46 @@ +--- +title: Restart or recover the HoloLens clicker +description: Things to try if the HoloLens clicker is unresponsive or isn’t working well. +ms.assetid: 13406eca-e2c6-4cfc-8ace-426ff8f837f4 +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Restart or recover the HoloLens clicker + +Here are some things to try if the HoloLens clicker is unresponsive or isn’t working well. + +## Restart the clicker + +Use the tip of a pen to press and hold the [pairing button](https://support.microsoft.com/en-us/help/12646). + +![Hold the pairing button](images/recover-clicker-1.png) + +At the same time, click and hold the clicker for 15 seconds. If the clicker was already paired with your HoloLens, it will stay paired after it restarts. + +![Hold the clicker](images/recover-clicker-2.png) + +If the clicker won't turn on or restart, try charging it using the HoloLens charger. If the battery is very low, it might take a few minutes for the white indicator light to turn on. + +## Re-pair the clicker + +Go to Settings > Devices and select the clicker. Select Remove, wait a few seconds, then pair the clicker again. + +## Recover the clicker + +If restarting and re-pairing the clicker don’t fix the problem, the Windows Device Recovery Tool can help you recover it. The recovery process may take some time, and the latest version of the clicker software will be installed. To use the tool, you’ll need a computer running Windows 10 or later with at least 4 GB of free storage space. + +To recover the clicker: + +1. Download and install the [Windows Device Recovery Tool](https://dev.azure.com/ContentIdea/ContentIdea/_queries/query/8a004dbe-73f8-4a32-94bc-368fc2f2a895/) on your computer. +1. Connect the clicker to your computer using the Micro USB cable that came with your HoloLens. +1. Run the Windows Device Recovery Tool and follow the instructions. + +If the clicker isn’t automatically detected, select **My device was not detected** and follow the instructions to put your device into recovery mode. diff --git a/devices/hololens/hololens-clicker.md b/devices/hololens/hololens-clicker.md new file mode 100644 index 0000000000..576637493f --- /dev/null +++ b/devices/hololens/hololens-clicker.md @@ -0,0 +1,64 @@ +--- +title: Use the HoloLens Clicker +description: +ms.assetid: 7d4a30fd-cf1d-4c9a-8eb1-1968ccecbe59 +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Use the HoloLens Clicker + +The clicker was designed specifically for HoloLens and gives you another way to interact with holograms. It comes with HoloLens, in a separate box. Use it in place of hand gestures to select, scroll, move, and resize. + +![The HoloLens Clicker](images/use-hololens-clicker-1.png) + +## Hold the clicker + +To put on the clicker, slide the loop over your ring or middle finger with the Micro USB port toward your wrist. Rest your thumb in the indentation. + +![How to hold the Clicker](images/use-hololens-clicker-2.png) + +## Clicker gestures + +Clicker gestures are small wrist rotations, not the larger movements used for HoloLens hand gestures. And HoloLens will recognize your gestures and clicks even if the clicker is outside the [gesture frame](https://support.microsoft.com/help/12644), so you can hold the clicker in the position that's most comfortable for you​. + +- **Select**. To select a hologram, button, or other element, gaze at it, then click. + +- **Click and hold**. Click and hold your thumb down on the button to do some of the same things you would with tap and hold, like move or resize a hologram. + +- **Scroll**. On the app bar, select **Scroll Tool**. Click and hold, then rotate the clicker up, down, left, or right. To scroll faster, move your hand farther from the center of the scroll tool. + +- **Zoom**. On the app bar, select **Zoom Tool**. Click and hold, then rotate the clicker up to zoom in, or down to zoom out. + +>[!TIP] +>In Microsoft Edge, gaze at a page and double-click to zoom in or out. + +## Pair and charge the clicker + +To pair the clicker with your HoloLens, see [Pair Bluetooth devices](https://support.microsoft.com/help/12636). + +When the clicker battery is low, the battery indicator will blink amber. Plug the Micro USB cable into a USB power supply to charge the device. + +## Indicator lights + +Here's what the lights on the clicker mean. + +- **Blinking white**. The clicker is in pairing mode. + +- **Fast-blinking white**. Pairing was successful. + +- **Solid white**. The clicker is charging. + +- **Blinking amber**. The battery is low. + +- **Solid amber**. The clicker ran into an error and you'll need to restart it. While pressing the pairing button, click and hold for 15 seconds. + +>[!NOTE] +>If the clicker doesn't respond or won't start, see [Restart or recover the HoloLens clicker](https://support.microsoft.com/help/15555/hololens-restart-or-recover-the-hololens-clicker). diff --git a/devices/hololens/hololens-cortana.md b/devices/hololens/hololens-cortana.md new file mode 100644 index 0000000000..db38dfe10d --- /dev/null +++ b/devices/hololens/hololens-cortana.md @@ -0,0 +1,49 @@ +--- +title: Cortana on HoloLens +description: Cortana can help you do all kinds of things on your HoloLens +ms.assetid: fd96fb0e-6759-4dbe-be1f-58bedad66fed +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Cortana on HoloLens + +Cortana can help you do all kinds of things on your HoloLens, from searching the web to shutting down your device. To get her attention, select Cortana on Start or say "Hey Cortana" anytime. + +![Hey Cortana!](images/cortana-on-hololens.png) + +## What do I say to Cortana + +Here are some things you can try saying (remember to say "Hey Cortana" first): + +- What can I say? +- Increase the volume. +- Decrease the brightness. +- Shut down. +- Restart. +- Go to sleep. +- Mute. +- Launch . +- Move here (gaze at the spot you want the app to move to). +- Go to Start. +- Take a picture. +- Start recording. (Starts recording a video.) +- Stop recording. (Stops recording a video.) +- Call . (Requires Skype.) +- What time is it? +- Show me the latest NBA scores. +- How much battery do I have left? +- Tell me a joke. + +>[!NOTE] +>- Some Cortana features you're used to from Windows on your PC or phone (for example, reminders and notifications) aren't supported in Microsoft HoloLens Development Edition. Cortana on HoloLens is English only, and the Cortana experience may vary among regions. +>- Cortana is on the first time you use HoloLens. You can turn her off in Cortana's settings. In the All apps list, select Cortana > Settings. Then turn off Cortana can give you suggestions, ideas, reminders, alerts, and more. +>- If Cortana isn't responding to "Hey Cortana," go to Cortana's settings and check to make sure she's on. +>- If you turn Cortana off, "Hey Cortana" voice commands won't be available, but you'll still be able to use other commands (like "Select" and "Place"). diff --git a/devices/hololens/hololens-find-and-save-files.md b/devices/hololens/hololens-find-and-save-files.md new file mode 100644 index 0000000000..61d53e606d --- /dev/null +++ b/devices/hololens/hololens-find-and-save-files.md @@ -0,0 +1,43 @@ +--- +title: Find and save files on HoloLens +description: Use File Explorer on HoloLens to view and manage files on your device +ms.assetid: 77d2e357-f65f-43c8-b62f-6cd9bf37070a +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Find and save files on HoloLens + +Files you create on HoloLens, including Office documents, photos, and videos, are saved to your HoloLens. To view and manage them, you can use the File Explorer app on HoloLens or File Explorer on your PC. To sync photos and other files to the cloud, use the OneDrive app on HoloLens. + +## View files on HoloLens + +Use File Explorer on HoloLens to view and manage files on your device, including 3D objects, documents, and pictures. Go to Start > All apps > File Explorer on HoloLens to get started. + +>[!TIP] +>If there are no files listed in File Explorer, select **This Device** in the top left pane. + +## View HoloLens files on your PC + +To see your HoloLens files in File Explorer on your PC: + +1. Sign in to HoloLens, then plug it into the PC using the USB cable that came with the HoloLens. + +1. Select **Open Device to view files with File Explorer**, or open File Explorer on the PC and navigate to the device. + +>[!TIP] +>To see info about your HoloLens, right-click the device name in File Explorer on your PC, then select **Properties**. + +## Sync to the cloud + +To sync photos and other files from your HoloLens to the cloud, install and set up OneDrive on HoloLens. To get OneDrive, search for it in the Microsoft Store on your HoloLens. + +>[!TIP] +>HoloLens doesn't back up app files and data, so it's a good idea to save your important stuff to OneDrive. That way, if you reset your device or uninstall an app, your info will be backed up. diff --git a/devices/hololens/hololens-get-apps.md b/devices/hololens/hololens-get-apps.md new file mode 100644 index 0000000000..4f1542e495 --- /dev/null +++ b/devices/hololens/hololens-get-apps.md @@ -0,0 +1,36 @@ +--- +title: Get apps for HoloLens +description: The Microsoft Store is your source for apps and games that work with HoloLens. +ms.assetid: cbe9aa3a-884f-4a92-bf54-8d4917bc3435 +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Get apps for HoloLens + +The Microsoft Store is your source for apps and games that work with HoloLens. When you go to the Store on your HoloLens, any apps you see there will run on it. + +Apps on HoloLens use either 2D view or holographic view. Apps with 2D view look like windows and can be positioned all around you. Apps that use holographic view surround you and become the only app you see. + +## Get apps + +Open the Microsoft Store from the Start menu. Then browse for apps and games (or use your voice to search​), select the microphone on the HoloLens keyboard, and start talking. + +To download apps, you'll need to be signed in with a Microsoft account. To buy them, you'll need a payment method associated with the Microsoft account you use on your HoloLens. To set up a payment method, go to [account.microsoft.com](http://account.microsoft.com/) and select **Payment & billing** > **Payment options** > **Add a payment option**. + +## Find your apps + +Once you've installed an app, you'll find it in the All apps list​ (Start > All apps ). Keep apps handy by [pinning them to Start](https://support.microsoft.com/help/12638). + +App updates are automatic, and they're free. + +>[!NOTE] +>- To purchase apps in the Store, the billing address for your payment method must match the country or region your HoloLens is set to. +>- Some apps may not be available in all countries and regions. diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index 37362f8958..b648efe898 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -16,7 +16,7 @@ manager: dansimp -In Windows 10, version 1803, you can configure your HoloLens devices to run as multi-app or single-app kiosks. You can also configure guest access for a HoloLens kiosk device by [designating a SpecialGroup account in your XML file.](#guest) +In Windows 10, version 1803, you can configure your HoloLens devices to run as multi-app or single-app kiosks. You can also configure guest access for a HoloLens kiosk device by [designating a SpecialGroup account in your XML file.](#add-guest-access-to-the-kiosk-configuration-optional) When HoloLens is configured as a multi-app kiosk, only the allowed apps are available to the user. The benefit of a multi-app kiosk, or fixed-purpose device, is to provide an easy-to-understand experience for individuals by putting in front of them only the things they need to use, and removing from their view the things they don’t need to access. @@ -40,15 +40,15 @@ The [AssignedAccess Configuration Service Provider (CSP)](https://docs.microsoft >Be aware that voice commands are enabled for kiosk mode configured in Microsoft Intune or provisioning packages, even if the Cortana app is not selected as a kiosk app. For HoloLens devices running Windows 10, version 1803, there are three methods that you can use to configure the device as a kiosk: -- You can use [Microsoft Intune or other mobile device management (MDM) service](#intune-kiosk) to configure single-app and multi-app kiosks. -- You can [use a provisioning package](#ppkg-kiosk) to configure single-app and multi-app kiosks. -- You can [use the Windows Device Portal](#portal-kiosk) to configure single-app kiosks. This method is recommended only for demonstrations, as it requires that developer mode be enabled on the device. +- You can use [Microsoft Intune or other mobile device management (MDM) service](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) to configure single-app and multi-app kiosks. +- You can [use a provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure single-app and multi-app kiosks. +- You can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks. This method is recommended only for demonstrations, as it requires that developer mode be enabled on the device. -For HoloLens devices running Windows 10, version 1607, you can [use the Windows Device Portal](#portal-kiosk) to configure single-app kiosks. +For HoloLens devices running Windows 10, version 1607, you can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks. -## Start layout for HoloLens +## Start layout for HoloLens -If you use [MDM, Microsoft Intune](#intune-kiosk), or a [provisioning package](#ppkg-kiosk) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout. +If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803), or a [provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout. >[!NOTE] >Because a single-app kiosk launches the kiosk app when a user signs in, there is no Start screen displayed. @@ -78,7 +78,7 @@ Save the following sample as an XML file. You will select this file when you con ### Start layout for a provisioning package -You will [create an XML file](#ppkg-kiosk) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file. +You will [create an XML file](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file. ```xml @@ -98,28 +98,27 @@ You will [create an XML file](#ppkg-kiosk) to define the kiosk configuration to ]]> -``` +``` ## Set up kiosk mode using Microsoft Intune or MDM (Windows 10, version 1803) For HoloLens devices that are managed by Microsoft Intune, you [create a device profile](https://docs.microsoft.com/intune/device-profile-create) and configure the [Kiosk settings](https://docs.microsoft.com/intune/kiosk-settings). -For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, [create an XML file that defines the kiosk configuration](#create-xml-file), and make sure to include the [Start layout](#start-layout-for-a-provisioning-package) in the XML file. - +For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, [create an XML file that defines the kiosk configuration](#create-a-kiosk-configuration-xml-file), and make sure to include the [Start layout](#start-layout-for-a-provisioning-package) in the XML file. ## Setup kiosk mode using a provisioning package (Windows 10, version 1803) Process: -1. [Create an XML file that defines the kiosk configuration.](#create-xml-file) -2. [Add the XML file to a provisioning package.](#add-xml) -3. [Apply the provisioning package to HoloLens.](#apply-ppkg) +1. [Create an XML file that defines the kiosk configuration.](#create-a-kiosk-configuration-xml-file) +2. [Add the XML file to a provisioning package.](#add-the-kiosk-configuration-xml-file-to-a-provisioning-package) +3. [Apply the provisioning package to HoloLens.](#apply-the-provisioning-package-to-hololens) ### Create a kiosk configuration XML file Follow [the instructions for creating a kiosk configuration XML file for desktop](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps#configure-a-kiosk-using-a-provisioning-package), with the following exceptions: - Do not include Classic Windows applications (Win32) since they aren't supported on HoloLens. -- Use the [placeholder Start XML](#start-kiosk) for HoloLens. +- Use the [placeholder Start XML](#start-layout-for-hololens) for HoloLens. #### Add guest access to the kiosk configuration (optional) diff --git a/devices/hololens/hololens-offline.md b/devices/hololens/hololens-offline.md new file mode 100644 index 0000000000..f55b6d68f9 --- /dev/null +++ b/devices/hololens/hololens-offline.md @@ -0,0 +1,22 @@ +--- +title: Use HoloLens offline +description: To set up HoloLens, you'll need to connect to a Wi-Fi network +ms.assetid: b86f603c-d25f-409b-b055-4bbc6edcd301 +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Use HoloLens offline + +To set up HoloLens, you'll need to connect to a Wi-Fi network—the setup tutorial will show you how. + +## HoloLens limitations + +After your HoloLens is set up, you can use it without a Wi-Fi connection, but apps that use Internet connections may have limited capabilities when you use HoloLens offline. diff --git a/devices/hololens/hololens-spaces-on-hololens.md b/devices/hololens/hololens-spaces-on-hololens.md new file mode 100644 index 0000000000..a0d70ecd96 --- /dev/null +++ b/devices/hololens/hololens-spaces-on-hololens.md @@ -0,0 +1,39 @@ +--- +title: Spaces on HoloLens +description: HoloLens blends holograms with your world +ms.assetid: bd55ecd1-697a-4b09-8274-48d1499fcb0b +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Spaces on HoloLens + +HoloLens blends holograms with your world, mapping your surroundings to remember where you place your apps and content. + +>[!NOTE] +>For your HoloLens to work properly, HoloLens Wi-Fi needs to be turned on, though it doesn't have to be connected to a network. + +## Tips for setting up your space + +HoloLens works best in certain kinds of environments. Choose a room with adequate light and plenty of space. Avoid dark spaces and rooms with a lot of dark, shiny, or translucent surfaces (for instance, mirrors or gauzy curtains). + +>[!NOTE] +>HoloLens is optimized for indoor use. Use it in a safe place with no tripping hazards. [More on safety](https://support.microsoft.com/help/4023454/safety-information). + +## Mapping your space + +When HoloLens starts mapping your surroundings, you'll see a mesh graphic spreading over the space. + +To help HoloLens learn a space, walk around the space and gaze around you. Air tap in a space to light up the mesh and see what's been mapped. + +If your space changes significantly—for example, if a piece of furniture is moved—you might need to walk around the space and gaze around you so HoloLens can relearn it. + +>[!NOTE] +>If HoloLens is having trouble mapping your space or you're have difficulty placing holograms, see [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq). diff --git a/devices/hololens/hololens-use-apps.md b/devices/hololens/hololens-use-apps.md new file mode 100644 index 0000000000..9ea95c1da9 --- /dev/null +++ b/devices/hololens/hololens-use-apps.md @@ -0,0 +1,39 @@ +--- +title: Use apps on HoloLens +description: Apps on HoloLens use either 2D view or holographic view. +ms.assetid: 6bd124c4-731c-4bcc-86c7-23f9b67ff616 +ms.reviewer: jarrettrenshaw +manager: v-miegge +keywords: hololens +ms.prod: hololens +ms.sitesec: library +author: v-miegge +ms.author: v-miegge +ms.topic: article +ms.localizationpriority: medium +--- + +# Use apps on HoloLens + +Apps on HoloLens use either 2D view or holographic view. Apps with 2D view look like windows, and apps with holographic view surround you and become the only app you see. + +## Open apps + +You'll find your apps either pinned to Start or in the All apps list. To get to the All apps list, use the bloom gesture to go to Start, then select **All apps**. + +On Start or in the All apps list, select an app. It will open in a good position for viewing. + +>[!NOTE] +>- Up to three 2D app windows can be active at a time. You can open more, but only three will remain active. +>- Each open app can have one active window at a time, except Microsoft Edge, which can have up to three. +>- If you're having problems with apps, make sure there's enough light in your space, and walk around so HoloLens has a current scan. If you keep having trouble, see [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq) for more info. + +## Move, resize, and rotate apps + +After opening an app, you can [change its position and size](https://support.microsoft.com/help/12634). + +## Close apps + +To close an app that uses 2D view, gaze at it, then select **Close**. + +To close an app that uses holographic view, use the bloom gesture to leave holographic view, then select **Close**. diff --git a/devices/hololens/images/cortana-on-hololens.png b/devices/hololens/images/cortana-on-hololens.png new file mode 100644 index 0000000000..6205d3d2fd Binary files /dev/null and b/devices/hololens/images/cortana-on-hololens.png differ diff --git a/devices/hololens/images/recover-clicker-1.png b/devices/hololens/images/recover-clicker-1.png new file mode 100644 index 0000000000..ad54e6ee09 Binary files /dev/null and b/devices/hololens/images/recover-clicker-1.png differ diff --git a/devices/hololens/images/recover-clicker-2.png b/devices/hololens/images/recover-clicker-2.png new file mode 100644 index 0000000000..d7a9d6fd0d Binary files /dev/null and b/devices/hololens/images/recover-clicker-2.png differ diff --git a/devices/hololens/images/use-hololens-clicker-1.png b/devices/hololens/images/use-hololens-clicker-1.png new file mode 100644 index 0000000000..ad54e6ee09 Binary files /dev/null and b/devices/hololens/images/use-hololens-clicker-1.png differ diff --git a/devices/hololens/images/use-hololens-clicker-2.png b/devices/hololens/images/use-hololens-clicker-2.png new file mode 100644 index 0000000000..d7a9d6fd0d Binary files /dev/null and b/devices/hololens/images/use-hololens-clicker-2.png differ diff --git a/devices/surface-hub/TOC.md b/devices/surface-hub/TOC.md index b11da0acf8..d582bf11b0 100644 --- a/devices/surface-hub/TOC.md +++ b/devices/surface-hub/TOC.md @@ -20,7 +20,7 @@ ### [Configure Easy Authentication for Surface Hub 2S](surface-hub-2s-phone-authenticate.md) ## Deploy -### [First run setup for Surface Hub 2S](surface-hub-2s-setup.md) +### [First time setup for Surface Hub 2S](surface-hub-2s-setup.md) ### [Surface Hub 2S deployment checklist](surface-hub-2s-deploy-checklist.md) ### [Create Surface Hub 2S device account](surface-hub-2s-account.md) ### [Create provisioning packages for Surface Hub 2S](surface-hub-2s-deploy.md) diff --git a/devices/surface-hub/local-management-surface-hub-settings.md b/devices/surface-hub/local-management-surface-hub-settings.md index 4d09394933..810691dfe8 100644 --- a/devices/surface-hub/local-management-surface-hub-settings.md +++ b/devices/surface-hub/local-management-surface-hub-settings.md @@ -7,7 +7,7 @@ ms.sitesec: library author: dansimp ms.author: dansimp ms.topic: article -ms.date: 06/20/2019 +ms.date: 07/08/2019 ms.reviewer: manager: dansimp ms.localizationpriority: medium @@ -29,7 +29,6 @@ Surface Hubs have many settings that are common to other Windows devices, but al | Change admin account password | Surface Hub > Accounts | Change the password for the local admin account. This is only available if you configured the device to use a local admin during first run. | | Device Management | Surface Hub > Device management | Manage policies and business applications using mobile device management (MDM). | | Provisioning packages | Surface Hub > Device management | Set or change provisioning packages installed on the Surface Hub. | -| Configure Operations Management Suite (OMS) | Surface Hub > Device management | Set up monitoring for your Surface Hub using OMS. | | Open the Microsoft Store app | Surface Hub > Apps & features | The Microsoft Store app is only available to admins through the Settings app. | | Skype for Business domain name | Surface Hub > Calling & Audio | Configure a domain name for your Skype for Business server. | | Default Speaker volume | Surface Hub > Calling & Audio | Configure the default speaker volume for the Surface Hub when it starts a session. | diff --git a/devices/surface-hub/save-bitlocker-key-surface-hub.md b/devices/surface-hub/save-bitlocker-key-surface-hub.md index aeff0b3763..acd4207515 100644 --- a/devices/surface-hub/save-bitlocker-key-surface-hub.md +++ b/devices/surface-hub/save-bitlocker-key-surface-hub.md @@ -10,7 +10,7 @@ ms.sitesec: library author: levinec ms.author: ellevin ms.topic: article -ms.date: 06/20/2019 +ms.date: 07/08/2019 ms.localizationpriority: medium --- @@ -27,7 +27,7 @@ There are several ways to manage your BitLocker key on the Surface Hub. 2. If you’ve joined the Surface Hub to Azure Active Directory (Azure AD), the BitLocker key will be stored under the account that was used to join the device. -3. If you’re using an admin account to manage the device, you can save the BitLocker key by going to the **Settings** app and navigating to **Update & security** > **Recovery**. Insert a USB drive and select the option to save the BitLocker key. The key will be saved to a text file on the USB drive. +3. If you’re using a local admin account to manage the device, you can save the BitLocker key by going to the **Settings** app and navigating to **Update & security** > **Recovery**. Insert a USB drive and select the option to save the BitLocker key. The key will be saved to a text file on the USB drive. ## Related topics diff --git a/devices/surface-hub/surface-hub-2s-setup.md b/devices/surface-hub/surface-hub-2s-setup.md index 6e9b7a9df3..610cdcc697 100644 --- a/devices/surface-hub/surface-hub-2s-setup.md +++ b/devices/surface-hub/surface-hub-2s-setup.md @@ -8,6 +8,7 @@ author: robmazz ms.author: robmazz audience: Admin ms.topic: article +ms.date: 07/03/2019 ms.localizationpriority: Normal --- diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md index 6c3f67896b..15a51ed349 100644 --- a/devices/surface/TOC.md +++ b/devices/surface/TOC.md @@ -30,7 +30,7 @@ ### [Surface System SKU reference](surface-system-sku-reference.md) ## Manage -### [Maintain optimal power settings on Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) +### [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) ### [Battery Limit setting](battery-limit.md) ### [Surface Brightness Control](microsoft-surface-brightness-control.md) ### [Surface Asset Tag](assettag.md) @@ -49,7 +49,7 @@ ## Support ### [Fix common Surface problems using the Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-for-business-intro.md) -### [Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) +### [Deploy Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) ### [Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md) ### [Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md) ### [Surface Data Eraser](microsoft-surface-data-eraser.md) diff --git a/devices/surface/change-history-for-surface.md b/devices/surface/change-history-for-surface.md index 312c8a39b2..14eea5c91d 100644 --- a/devices/surface/change-history-for-surface.md +++ b/devices/surface/change-history-for-surface.md @@ -15,19 +15,27 @@ ms.topic: article This topic lists new and updated topics in the Surface documentation library. +## July 2019 + +| **New or changed topic** | **Description** | +| ------------------------ | --------------- | +| [Deploy Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) | Renamed to reflect focus on deployment guidance for IT professionals. Covers minor changes in Version 2.41.139.0. | + + + ## June 2019 -New or changed topic | Description ---- | --- +| **New or changed topic** | **Description** | +| ------------------------ | --------------- | +|[Fix common Surface problems using the Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-for-business-intro.md) | New introductory page for the Surface Diagnostic Toolkit for Business. | +| [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) |Updated with summary of recommendations for managing power settings and optimizing battery life. | -[Fix common Surface problems using the Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-for-business-intro.md) | New ## March 2019 -New or changed topic | Description ---- | --- - -[Surface System SKU reference](surface-system-sku-reference.md) | New +| **New or changed topic** | **Description** | +| ------------------------ | --------------- | +| [Surface System SKU reference](surface-system-sku-reference.md) | New | ## February 2019 diff --git a/devices/surface/surface-diagnostic-toolkit-business.md b/devices/surface/surface-diagnostic-toolkit-business.md index ae7582a08f..8b78717d6c 100644 --- a/devices/surface/surface-diagnostic-toolkit-business.md +++ b/devices/surface/surface-diagnostic-toolkit-business.md @@ -123,10 +123,9 @@ Creating a custom package allows you to target the tool to specific known issues *Figure 3. Create custom package* -### Language and telemetry page +### Language and telemetry settings - -When you start creating the custom package, you’re asked whether you agree to send data to Microsoft to help improve the application. For more information, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). This setting is limited to only sharing data generated while running packages. Sharing is on by default; if you wish to decline, clear the check box. + When creating a package, you can select language settings or opt out of sending telemetry information to Microsoft. By default, SDT sends telemetry to Microsoft that is used to improve the application in accordance with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). If you wish to decline, clear the check box when creating a custom package, as shown below. Or clear the **Send telemetry to Microsoft** check box on the **Install Options** page during SDT Setup. >[!NOTE] >This setting does not affect the minimal telemetry automatically stored on Microsoft servers when running tests and repairs that require an Internet connection, such as Windows Update and Software repair, or providing feedback using the Smile or Frown buttons in the app toolbar. diff --git a/windows/application-management/manage-windows-mixed-reality.md b/windows/application-management/manage-windows-mixed-reality.md index 674be1f86a..56d7147923 100644 --- a/windows/application-management/manage-windows-mixed-reality.md +++ b/windows/application-management/manage-windows-mixed-reality.md @@ -22,7 +22,7 @@ ms.topic: article [Windows Mixed Reality](https://blogs.windows.com/windowsexperience/2017/10/03/the-era-of-windows-mixed-reality-begins-october-17/) was introduced in Windows 10, version 1709 (also known as the Fall Creators Update), as a [Windows 10 Feature on Demand (FOD)](https://docs.microsoft.com/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities). Features on Demand are Windows feature packages that can be added at any time. When a Windows 10 PC needs a new feature, it can request the feature package from Windows Update. -Organizations that use Windows Server Update Services (WSUS) must take action to [enable Windows Mixed Reality](#enable). Any organization that wants to prohibit use of Windows Mixed Reality can [block the installation of the Mixed Reality Portal](#block). +Organizations that use Windows Server Update Services (WSUS) must take action to [enable Windows Mixed Reality](#enable-windows-mixed-reality-in-wsus). Any organization that wants to prohibit use of Windows Mixed Reality can [block the installation of the Mixed Reality Portal](#block-the-mixed-reality-portal). ## Enable Windows Mixed Reality in WSUS diff --git a/windows/client-management/mdm/TOC.md b/windows/client-management/mdm/TOC.md index 4ec8751db6..2777f01ddd 100644 --- a/windows/client-management/mdm/TOC.md +++ b/windows/client-management/mdm/TOC.md @@ -45,28 +45,6 @@ ## [DMProcessConfigXMLFiltered](dmprocessconfigxmlfiltered.md) ## [Using PowerShell scripting with the WMI Bridge Provider](using-powershell-scripting-with-the-wmi-bridge-provider.md) ## [WMI providers supported in Windows 10](wmi-providers-supported-in-windows.md) -## [Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) -### [Design a custom configuration service provider](design-a-custom-windows-csp.md) -### [IConfigServiceProvider2](iconfigserviceprovider2.md) -#### [IConfigServiceProvider2::ConfigManagerNotification](iconfigserviceprovider2configmanagernotification.md) -#### [IConfigServiceProvider2::GetNode](iconfigserviceprovider2getnode.md) -### [ICSPNode](icspnode.md) -#### [ICSPNode::Add](icspnodeadd.md) -#### [ICSPNode::Clear](icspnodeclear.md) -#### [ICSPNode::Copy](icspnodecopy.md) -#### [ICSPNode::DeleteChild](icspnodedeletechild.md) -#### [ICSPNode::DeleteProperty](icspnodedeleteproperty.md) -#### [ICSPNode::Execute](icspnodeexecute.md) -#### [ICSPNode::GetChildNodeNames](icspnodegetchildnodenames.md) -#### [ICSPNode::GetProperty](icspnodegetproperty.md) -#### [ICSPNode::GetPropertyIdentifiers](icspnodegetpropertyidentifiers.md) -#### [ICSPNode::GetValue](icspnodegetvalue.md) -#### [ICSPNode::Move](icspnodemove.md) -#### [ICSPNode::SetProperty](icspnodesetproperty.md) -#### [ICSPNode::SetValue](icspnodesetvalue.md) -### [ICSPNodeTransactioning](icspnodetransactioning.md) -### [ICSPValidate](icspvalidate.md) -### [Samples for writing a custom configuration service provider](samples-for-writing-a-custom-configuration-service-provider.md) ## [Configuration service provider reference](configuration-service-provider-reference.md) ### [AccountManagement CSP](accountmanagement-csp.md) #### [AccountManagement DDF file](accountmanagement-ddf.md) diff --git a/windows/client-management/mdm/create-a-custom-configuration-service-provider.md b/windows/client-management/mdm/create-a-custom-configuration-service-provider.md deleted file mode 100644 index cb8579e827..0000000000 --- a/windows/client-management/mdm/create-a-custom-configuration-service-provider.md +++ /dev/null @@ -1,97 +0,0 @@ ---- -title: Create a custom configuration service provider -description: Create a custom configuration service provider -ms.assetid: 0cb37f03-5bf2-4451-8276-23f4a1dee33f -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# Create a custom configuration service provider - -Mobile device OEMs can create custom configuration service providers to manage their devices. A configuration service provider includes an interface for creating, editing, and deleting nodes, and the nodes themselves. Each node contains data for one registry value and can optionally support get, set, and delete operations. - -To design a custom configuration service provider, the OEM must perform the following steps: - -1. Establish node semantics -2. Shape the configuration service provider's subtree -3. Choose a transactioning scheme for each node -4. Determine node operations - -For more information, see [Designing a custom configuration service provider](design-a-custom-windows-csp.md). - -To write a custom configuration service provider, the OEM must implement the following interfaces: - -- [IConfigServiceProvider2](iconfigserviceprovider2.md) (one per configuration service provider) - -- [ICSPNode](icspnode.md) (one per node) - -- [ICSPNodeTransactioning](icspnodetransactioning.md) (optional, for internally transactioned nodes only) - -- [ICSPValidate](icspvalidate.md) (optional, for UI only) - -This code must be compiled into a single .dll file and added to a package by using the instructions found in "Adding content to a package" in [Creating packages](https://msdn.microsoft.com/library/windows/hardware/dn756642). While writing this code, OEMs can store registry settings and files in the following locations. - - ---- - - - - - - - - - - -

File location

%DataDrive%\SharedData\OEM\CSP</p>

Registry location

$(HKLM.SOFTWARE)\OEM\CSP</p>

- - -For examples of how to perform common tasks such as adding a node, replacing a node's value, querying a node's value, or enumerating a node's children, see [Samples for writing a custom configuration service provider](samples-for-writing-a-custom-configuration-service-provider.md). - -To register the configuration service provider as a COM object, you must add the following registry setting to your package. This step is required. In the following sample, replace *uniqueCSPguid* with a new, unique CLSID generated for this purpose. Replace *dllName* with the name of the .dll file that contains the code for your configuration service provider. - -``` syntax - - - - - -``` - -To register the configuration service provider with ConfigManager2, you must add the following registry setting to your package. This step is required. In the following sample, replace *dllName* with the name of the configuration service provider (the name of the root node). Replace *uniqueCSPguid* with the same *uniqueCSPguid* value as in the preceding example. - -``` syntax - - - - - -``` - -To make the configuration service provider accessible from WAP XML, you must register it with the WAP data processing unit by setting the following registry key in your package. Replace *Name* with the name of the configuration service provider. Leave the GUID value exactly as written here. - -``` syntax - - - - - -``` - - - - - - - - diff --git a/windows/client-management/mdm/design-a-custom-windows-csp.md b/windows/client-management/mdm/design-a-custom-windows-csp.md deleted file mode 100644 index 583e098cdc..0000000000 --- a/windows/client-management/mdm/design-a-custom-windows-csp.md +++ /dev/null @@ -1,169 +0,0 @@ ---- -title: Design a custom configuration service provider -description: Design a custom configuration service provider -MS-HAID: -- 'p\_phDeviceMgmt.designing\_a\_custom\_configuration\_service\_provider' -- 'p\_phDeviceMgmt.design\_a\_custom\_windows\_csp' -ms.assetid: 0fff9516-a71a-4036-a57b-503ef1a81a37 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# Design a custom configuration service provider - -To design a custom configuration service provider, the OEM must perform the following steps: - -1. Establish node semantics -2. Shape the configuration service provider's subtree -3. Choose a transactioning scheme for each node -4. Determine node operations - -For more information about the larger process of writing a new configuration service provider, see [Create a custom configuration service provider](create-a-custom-configuration-service-provider.md). - -## Establish node semantics - -First, determine the nodes you need based on the kind of data to be stored in the registry. - -Nodes can represent anything from abstract concepts or collections (such as email accounts or connection settings) to more concrete objects (such as registry keys and values, directories, and files). - -### Example - -For example, a hypothetical Email configuration service provider might have these nodes: - -- Account: The name of the email account (such as "Hotmail") - -- Username: The user name or email address ("exampleAccount@hotmail.com") - -- Password: The user's password - -- Server: The DNS address of the server ("mail-serv1-example.mail.hotmail.com") - -The `Account`, `Username`, and `Server` nodes would hold text-based information about the email account, the user's email address, and the server address associated with that account. The `Password` node, however, might hold a binary hash of the user's password. - -## Shape the configuration service provider's subtree - -After determining what the nodes represent, decide where each node fits in the settings hierarchy. - -The root node of a configuration service provider's subtree must be the name of the configuration service provider. In this example, the root node is `Email`. - -All of the nodes defined in the previous step must reside under the configuration service provider's root node. Leaf nodes should be used to store data, and interior nodes should be used to group the data into logical collections. Node URIs must be unique. In other words, no two nodes can have both the same parent and the same name. - -There are three typical scenarios for grouping and structuring the nodes: - -- If all of the data belongs to the same component and no further categorizing or grouping is required, you can build a flat tree in which all values are stored directly under the root node. For examples of this design, see [DevInfo configuration service provider](devinfo-csp.md), [HotSpot configuration service provider](hotspot-csp.md), and [w4 APPLICATION configuration service provider](w4-application-csp.md). - -- If the configuration service provider's nodes represent a preexisting set of entities whose structure is well-defined (such as directories and files), the configuration service provider's nodes can simply mirror the existing structure. - -- If the data must be grouped by type or component, a more complex structure is required. This is especially true when there can be multiple instances of the dataset on the device, and each set is indexed by an ID, account name, or account type. In this case, you must build a more complex tree structure. For examples, see [ActiveSync configuration service provider](activesync-csp.md), [CertificateStore configuration service provider](certificatestore-csp.md), and [CMPolicy configuration service provider](cmpolicy-csp.md). - -### Example - -The following image shows an incorrect way to structure the hypothetical `Email` configuration service provider. The interior `Account` nodes group the account data (server name, user name, and user password). - -![provisioning\-customcsp\-example1](images/provisioning-customcsp-example1.png) - -However, the account nodes in this design are not unique. Even though the nodes are grouped sensibly, the path for each of the leaf nodes is ambiguous. There is no way to disambiguate the two `Username` nodes, for example, or to reliably access the same node by using the same path. This structure will not work. The easiest solution to this problem is usually to replace an interior node (the grouping node) by: - -1. Promoting a child node. - -2. Using the node value as the name of the new interior node. - -The following design conveys the same amount of information as the first design, but all nodes have a unique path, and therefore it will work. - -![provisioning\-customcsp\-example2](images/provisioning-customcsp-example2.png) - -In this case, the `Server` nodes have been promoted up one level to replace the `Account` nodes, and their values are now used as the node names. For example, you could have two different email accounts on the phone, with server names "www.hotmail.com" and "exchange.microsoft.com", each of which stores a user name and a password. - -Note that the process of shaping the configuration service provider’s subtree influences the choice of transactioning schemes for each node. If possible, peer nodes should not have dependencies on each other. Internode dependencies other than parent/child relationships create mandatory groups of settings, which makes configuration service provider development more difficult. - -## Choose a transactioning scheme for each node - -For each node, decide whether to use *external transactioning* or *internal transactioning* to manage the transaction phases (rollback persistence, rollback, and commitment) for the node. - -External transactioning is the simplest option because it allows ConfigManager2 to automatically handle the node's transactioning. - -However, you must use internal transactioning for the following types of nodes: - -- A node that supports the **Execute** method. - -- A node that contains sensitive information (such as a password) that must not be saved in plain text in the ConfigManager2 rollback document. - -- A node that has a dependency on another node that is not a parent. For example, if a parent node has two children that are both required, the configuration service provider could use internal transactioning to defer provisioning the account until both values are set. - -You can choose to mix transactioning modes in your configuration service provider, using internal transactioning for some operations but external transactioning for others. For more information about writing an internally transactioned node, see the [ICSPNodeTransactioning](icspnodetransactioning.md) interface. - -## Determine node operations - -The operations available for each node can vary depending on the purpose of the configuration service provider. The configuration service provider will be easier to use if the operations are consistent. For more information about the supported operations, see the [ICSPNode](icspnode.md) interface. - -For externally transactioned nodes, an operation implementation must include the contrary operations shown in the following table to allow rollback of the operation. - -For internally transactioned nodes, the practice of implementing the contrary commands for each command is recommended, but not required. - - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Node operationContrary node operation

Add

Clear and DeleteChild

Copy

To copy to a new node: Clear and DeleteChild

-

To copy to an existing node: Add and SetValue

Clear

To restore the state of the deleted node: SetValue and SetProperty

DeleteChild

To restore the old node: Add

DeleteProperty

To restore the deleted property: SetProperty

Execute

Externally transactioned nodes do not support the Execute command.

GetValue

None

Move

To restore a source node: Move

-

To restore an overwritten target node: Add and SetValue

SetValue

To restore the previous value: SetValue

- - - - - - - - - diff --git a/windows/client-management/mdm/iconfigserviceprovider2.md b/windows/client-management/mdm/iconfigserviceprovider2.md deleted file mode 100644 index c73e0ce0b4..0000000000 --- a/windows/client-management/mdm/iconfigserviceprovider2.md +++ /dev/null @@ -1,57 +0,0 @@ ---- -title: IConfigServiceProvider2 -description: IConfigServiceProvider2 -ms.assetid: 8deec0fb-59a6-4d08-8ddb-6d0d3d868a10 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# IConfigServiceProvider2 - - -OEMs are required to implement this interface once per configuration service provider. ConfigManager2 clients use this interface to instantiate the configuration service provider, to communicate general state information to the configuration service provider, and often to access or create nodes. - -The following table shows the methods defined by this interface that OEMs must implement. - - ---- - - - - - - - - - - - - - - - - -
MethodDescription

IConfigServiceProvider2::ConfigManagerNotification

Enables ConfigManager2 to send notifications to a configuration service provider of events such as when the configuration service provider is loaded or unloaded, when rollbacks are performed, and when actions are called on nodes.

IConfigServiceProvider2::GetNode

Returns a node from the configuration service provider based on the path relative to the root node.

- - - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/iconfigserviceprovider2configmanagernotification.md b/windows/client-management/mdm/iconfigserviceprovider2configmanagernotification.md deleted file mode 100644 index 67ed91ca36..0000000000 --- a/windows/client-management/mdm/iconfigserviceprovider2configmanagernotification.md +++ /dev/null @@ -1,146 +0,0 @@ ---- -title: IConfigServiceProvider2 ConfigManagerNotification -description: IConfigServiceProvider2 ConfigManagerNotification -ms.assetid: b1f0fe0f-afbe-4b36-a75d-34239a86a75c -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# IConfigServiceProvider2::ConfigManagerNotification - - -This method enables ConfigManager2 to send notifications of events to a configuration service provider, such as when the configuration service provider is loaded or unloaded, when rollbacks are performed, and when actions are called on nodes. - -## Syntax - - -``` syntax -HRESULT ConfigManagerNotification([in] CFGMGR_NOTIFICATION cmnfyState, - [in] LPARAM lpParam); -``` - -## Parameters - - -*cmnfyState* -
    -
  • -The following events are supported by all configuration service providers. - - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    EventDescription

    CFGMGR_NOTIFICATION_LOAD

    First time the configuration service provider is loaded/instantiated.

    CFGMGR_NOTIFICATION_BEGINCOMMANDPROCESSING

    About to run the first command of a transaction.

    CFGMGR_NOTIFICATION_ENDCOMMANDPROCESSING

    Last command of transaction has executed. This event is always raised if BEGINCOMMANDPROCESSING was raised, even if the handling of BEGINCOMMANDPROCESSING failed.

    CFGMGR_NOTIFICATION_BEGINCOMMIT

    About to commit the first command of a transaction.

    CFGMGR_NOTIFICATION_ENDCOMMIT

    Last command of a transaction has been committed. This event is always raised if BEGINCOMMIT was raised, even if the handling of BEGINCOMMIT failed.

    CFGMGR_NOTIFICATION_BEGINROLLBACK

    About to roll back the first command of the transaction.

    CFGMGR_NOTIFICATION_ENDROLLBACK

    Last command of the transaction has been rolled back. This event is always raised if BEGINROLLBACK was raised, even if the handling of BEGINROLLBACK failed.

    CFGMGR_NOTIFICATION_UNLOAD

    The configuration service provider is about to be unloaded/deleted.

    CFGMGR_NOTIFICATION_SETSESSIONOBJ

    Session object is available for use; lpParam can be cast to an IConfigSession2 pointer.

    CFGMGR_NOTIFICATION_BEGINTRANSACTIONING

    Primarily used for compatibility with v1 configuration service providers. Signals the beginning of a transactioning sequence.

    CFGMGR_NOTIFICATION_ENDTRANSACTIONING

    Primarily used for compatibility with v1 configuration service providers. Signals the end of a transactioning sequence.

    -
    • -
-
- - -*lpParam* -
    -
  • -Normally NULL, but contains a pointer to an IConfigSession2 instance if cmnfState is CFGMGR_NOTIFICATION_SETSESSIONOBJ. -
    • -
-
- -## Return Value - -A value of S\_OK indicates success. - -## Remarks - -ConfigManager2 guarantees that if it raised one of the BEGIN events - -- CFGMGR\_NOTIFICATION\_BEGINCOMMANDPROCESSING -- CFGMGR\_NOTIFICATION\_BEGINCOMMIT -- CFGMGR\_NOTIFICATION\_BEGINROLLBACK - -then the corresponding END event will be raised, even if the handling of the BEGIN notification failed. -For each transaction, the sequence of notifications is: - -1. BEGINCOMMANDPROCESSING - -2. BEGINTRANSACTIONING - -3. ENDTRANSACTIONING - -4. ENDCOMMANDPROCESSING - -5. Either BEGINCOMMIT or BEGINROLLBACK, depending on whether the transaction succeeded or failed. - -6. Either ENDCOMMIT or ENDROLLBACK, depending on whether the transaction succeeded or failed. - -Each configuration service provider will receive the relevant BEGIN/END notifications exactly once per each transaction that ConfigManager2 executes. - -## Requirements - -**Header:** None - - - - - - - - diff --git a/windows/client-management/mdm/iconfigserviceprovider2getnode.md b/windows/client-management/mdm/iconfigserviceprovider2getnode.md deleted file mode 100644 index b1ed4618c7..0000000000 --- a/windows/client-management/mdm/iconfigserviceprovider2getnode.md +++ /dev/null @@ -1,106 +0,0 @@ ---- -title: IConfigServiceProvider2 GetNode -description: IConfigServiceProvider2 GetNode -ms.assetid: 4dc10a59-f6a2-45c0-927c-d594afc9bb91 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# IConfigServiceProvider2::GetNode - - -This method returns a node from the configuration service provider based on the path that was passed in. The returned node is a descendent of the root node. - -## Syntax - - -``` syntax -HRESULT GetNode([in] IConfigManager2URI* pURI, - [out] ICSPNode** ppNode, - [in, out] DWORD* pgrfNodeOptions); -``` - -## Parameters - -*pUri* -
    -
  • -URI of the child node, relative to the root node. For example, to access the "./Vendor/Contoso/SampleCSP/ContainerA/UserName" node, ConfigManager2 calls the configuration service provider's GetNode method and passes in an IConfigManager2URI instance representing the URI “SampleCSP/ContainerA/UserName”. -
    • -
-
-ppNode -
    -
  • -If the query is successful, this returns the ICSPNode instance at the pUri location in the configuration service provider's tree. -
    • -
-
-pgrfNodeOptions -
    -
  • -Nodes support the following features. - - ----- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Feature nameBit value (in hex)Notes

    CSPNODE_OPTION_NATIVESECURITY

    0x01

    The native security option signifies that the node handles its own security checking, and that ConfigManager2 does not have to manage security for this node.

    CSPNODE_OPTION_INTERNALTRANSACTION

    0x02

    The internal transactioning option tells ConfigManager2 that the configuration service provider handles the transactioning (rollback and commitment) for the node. To handle internal transactioning, the node must implement the ICSPNodeTransactioning.

    CSPNODE_OPTION_HANDLEALLPROPERTIES

    0x04

    Unused.

    CSPNODE_OPTION_SECRETDATA

    0x08

    Unused.

    -
    • -
-
- -## Return Value - -This method returns an ICSPNode. If the function returns null, call GetLastError to get the error value. - -A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_NODENOTFOUND indicates that the node does not exist. Note that this may be normal, as in the case of optional nodes. - -## Requirements - -**Header:** None - - - - - - - - diff --git a/windows/client-management/mdm/icspnode.md b/windows/client-management/mdm/icspnode.md deleted file mode 100644 index bb66997ee8..0000000000 --- a/windows/client-management/mdm/icspnode.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: ICSPNode -description: ICSPNode -ms.assetid: 023466e6-a8ab-48ad-8548-291409686ac2 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode - -This interface does most of the work in a configuration service provider. Each individual node in a configuration service provider tree is represented by a separate implementation of this interface. The actions of a ConfigManager2 client are typically translated into calls to an instance of an ICSPNode. - -These methods must be implemented so that, if they fail, the node's state at the end of the method matches the state before the method was called. - -Some nodes will not be able to perform certain actions, and can return CFGMGR\_E\_COMMANDNOTALLOWED for those methods. For each method that is implemented for externally–transactioned nodes, the contrary method must also be implemented, as defined by "Determine node operations" in [Designing a custom configuration service provider](design-a-custom-windows-csp.md). - -The following table shows the methods defined by this interface that OEMs must implement. - - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
MethodDescription

ICSPNode::Add

Adds an immediate child to a configuration service provider node and returns a pointer to the new child node.

ICSPNode::Clear

Deletes the contents and children of the current configuration service provider node. Called before ICSPNode::DeleteChild.

ICSPNode::Copy

Makes a copy of the current node at the specified path within the configuration service provider. If the target node exists, it should be overwritten.

ICSPNode::DeleteChild

Deletes the specified child node from the configuration service provider node.

ICSPNode::DeleteProperty

Deletes a property from a configuration service provider node.

ICSPNode::Execute

Runs a task on an internally-transactioned configuration service provider node by passing in the specified user data and returning a result.

ICSPNode::GetChildNodeNames

Returns the list of children for a configuration service provider node.

ICSPNode::GetProperty

Returns a property value from a configuration service provider node.

ICSPNode::GetPropertyIdentifiers

Returns a list of non-standard properties supported by the node. The returned array must be allocated with CoTaskMemAlloc.

ICSPNode::GetValue

Gets the value and data type for the node. Interior (non-leaf) nodes may not have a value.

ICSPNode::Move

Moves this node to a new location within the configuration service provider. If the target node already exists, it should be overwritten.

ICSPNode::SetProperty

Sets a property value for a configuration service provider node.

ICSPNode::SetValue

Sets the value for the configuration service provider node. It is an error to attempt to set the value of an interior node.

- - - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodeadd.md b/windows/client-management/mdm/icspnodeadd.md deleted file mode 100644 index 81f5b2cce5..0000000000 --- a/windows/client-management/mdm/icspnodeadd.md +++ /dev/null @@ -1,118 +0,0 @@ ---- -title: ICSPNode Add -description: ICSPNode Add -ms.assetid: 5f03d350-c82b-4747-975f-385fd8b5b3a8 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::Add - -This method adds an immediate child node to a configuration service provider node and returns a pointer to the new node. - -## Syntax - -``` syntax -HRESULT Add([in] IConfigManager2URI* pChildName, - [in] CFG_DATATYPE DataType, - [in] VARIANT varValue, - [in, out] ICSPNode** ppNewNode, - [in, out] DWORD* pgrfNodeOptions); -``` - -## Parameters - -*pChildName* -      Name of child node to add. - -*DataType* -      Data type of the child node to add. Supported types include: -- CFG\_DATATYPE\_NODE - -- CFG\_DATATYPE\_NULL - -- CFG\_DATATYPE\_BINARY - -- CFG\_DATATYPE\_INTEGER - -- CFG\_DATATYPE\_STRING - -- CFG\_DATATYPE\_MULTIPLE\_STRING - -*varValue* -      Value of the child node to add. - -*ppNewNode* -      New child node to return. - -*pgrfNodeOptions* -      Features supported on the new child node. - ----- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Feature nameBit value (in hex)Notes

CSPNODE_OPTION_NATIVESECURITY

0x01

The native security option signifies that the node handles its own security checking, and that ConfigManager2 does not have to manage security for this node.

CSPNODE_OPTION_INTERNALTRANSACTION

0x02

The internal transactioning option tells ConfigManager2 that the configuration service provider handles the transactioning (rollback and commitment) for the node. To handle internal transactioning, the node must implement the ICSPNodeTransactioning.

CSPNODE_OPTION_HANDLEALLPROPERTIES

0x04

Unused.

CSPNODE_OPTION_SECRETDATA

0x08

Unused.

- - -## Return Value - -This method returns an ICSPNode and the feature options supported on that child node. If the method returns null, call GetLastError to get the error value. - -A value of S\_OK indicates that a node was successfully found. CMN\_E\_ALREADY\_EXISTS indicates that a child node with the same name already exists. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **Add** method. - -## Remarks - -For externally–transactioned nodes, if this method is implemented, then [ICSPNode::Clear](icspnodeclear.md) and [ICSPNode::DeleteChild](icspnodedeletechild.md) must also be implemented or rollback will fail. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodeclear.md b/windows/client-management/mdm/icspnodeclear.md deleted file mode 100644 index 89db169b0f..0000000000 --- a/windows/client-management/mdm/icspnodeclear.md +++ /dev/null @@ -1,53 +0,0 @@ ---- -title: ICSPNode Clear -description: ICSPNode Clear -ms.assetid: b414498b-110a-472d-95c0-2d5b38cd78a6 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - - -# ICSPNode::Clear - -This method deletes the contents and child nodes of the current configuration service provider node. This method is always called on the child node before [ICSPNode::DeleteChild](icspnodedeletechild.md) is called on the parent node. - - -## Syntax - -``` syntax -HRESULT Clear(); -``` - - -## Return Value - -A value of S\_OK indicates that the node was successfully cleared. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **Clear** method. - - -## Remarks - -For externally–transactioned nodes, if this method is implemented, then [ICSPNode::SetValue](icspnodesetvalue.md) and [ICSPNode::SetProperty](icspnodesetproperty.md) must also be implemented or rollback will fail. - -Before calling **Clear** on the target node, ConfigManager2 attempts to gather the current state of the node; the parent node does not have to preserve the state of its child nodes if they are externally-transactioned. - -## Requirements - -**Header:** None - - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - -  - - - - - diff --git a/windows/client-management/mdm/icspnodecopy.md b/windows/client-management/mdm/icspnodecopy.md deleted file mode 100644 index 1771aad0fa..0000000000 --- a/windows/client-management/mdm/icspnodecopy.md +++ /dev/null @@ -1,96 +0,0 @@ ---- -title: ICSPNode Copy -description: ICSPNode Copy -ms.assetid: cd5ce0bc-a08b-4f82-802d-c7ff8701b41f -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::Copy - -This method makes a copy of the current node at the specified path within the configuration service provider. If the target node exists, it should be overwritten. - -## Syntax - -``` syntax -HRESULT Copy([in] IConfigManager2URI* puriDestination, - [in, out] ICSPNode** ppNewNode, - [in, out] DWORD* pgrfNodeOptions); -``` - -## Parameters - -*puriDestination* -      Path and name of new node's location, relative to the configuration service provider's root node. - -*ppNewNode* -      New node created by the copy operation. - -*pgrfNodeOptions* -      Features supported on the new node. - - ----- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Feature nameBit value (in hex)Notes

CSPNODE_OPTION_NATIVESECURITY

0x01

The native security option signifies that the node handles its own security checking, and that ConfigManager2 does not have to manage security for this node.

CSPNODE_OPTION_INTERNALTRANSACTION

0x02

The internal transactioning option tells ConfigManager2 that the configuration service provider handles the transactioning (rollback and commitment) for the node. To handle internal transactioning, the node must implement the ICSPNodeTransactioning.

CSPNODE_OPTION_HANDLEALLPROPERTIES

0x04

Unused.

CSPNODE_OPTION_SECRETDATA

0x08

Unused.

- - -## Return Value - -A value of S\_OK indicates that the node was successfully copied to the new location. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **Copy** method. - -## Remarks - -For externally–transactioned nodes, if this method is implemented, then [ICSPNode::Add](icspnodeadd.md), [ICSPNode::SetValue](icspnodesetvalue.md), [ICSPNode::Clear](icspnodeclear.md), and [ICSPNode::DeleteChild](icspnodedeletechild.md) must also be implemented or rollback will fail. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - diff --git a/windows/client-management/mdm/icspnodedeletechild.md b/windows/client-management/mdm/icspnodedeletechild.md deleted file mode 100644 index e08d2b025d..0000000000 --- a/windows/client-management/mdm/icspnodedeletechild.md +++ /dev/null @@ -1,59 +0,0 @@ ---- -title: ICSPNode DeleteChild -description: ICSPNode DeleteChild -ms.assetid: 8cf3663d-a4cf-4d11-b03a-f1d096ad7f9c -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::DeleteChild - -Deletes the specified child node from the configuration service provider node. [ICSPNode::Clear](icspnodeclear.md) must always be called first on the child node that is to be deleted. - -## Syntax - -``` syntax -HRESULT DeleteChild([in] IConfigManager2URI* puriChildToDelete); -``` - -## Parameters - -*puriChildToDelete* -      The name of the child node to delete. - -## Return Values - -| Return Value | Description | -|------------------------------|--------------------------------------------------| -| CFGMGR\_E\_NODENOTFOUND | The child node does not exist | -| CFGMGR\_E\_COMMANDNOTALLOWED | The child node to be deleted is a read-only node | -| S\_OK | Success. | - -  -A value of S\_OK indicates that a node was successfully deleted. CFGMGR\_E\_NODENOTFOUND indicates that the child node does not exist. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::DeleteChild** method, or that the child node to be deleted is a read-only node. - -## Remarks - -For externally–transactioned nodes, if this method is implemented, then [ICSPNode::Add](icspnodeadd.md) must also be implemented or rollback will fail. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - -  - - - - - - diff --git a/windows/client-management/mdm/icspnodedeleteproperty.md b/windows/client-management/mdm/icspnodedeleteproperty.md deleted file mode 100644 index 6bcd73cc62..0000000000 --- a/windows/client-management/mdm/icspnodedeleteproperty.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: ICSPNode DeleteProperty -description: ICSPNode DeleteProperty -ms.assetid: 7e21851f-d663-4558-b3e8-590d24b4f6c4 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::DeleteProperty - -This method deletes a property from a configuration service provider node. - -## Syntax - -``` syntax -HRESULT DeleteProperty([in] REFGUID guidProperty); -``` - -## Parameters - -*guidProperty* -      The GUID of the property to delete. - -## Return Value - -A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_PROPERTYNOTSUPPORTED indicates that this node does not manage or implement the property itself, but delegates it to ConfigManager2. E\_NOTIMPL indicates this method is not supported by this node. - -## Remarks - -For externally–transactioned nodes, if this method is implemented, then [ICSPNode::SetProperty](icspnodesetproperty.md) must also be implemented or rollback will fail. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - -  - - - - - - diff --git a/windows/client-management/mdm/icspnodeexecute.md b/windows/client-management/mdm/icspnodeexecute.md deleted file mode 100644 index b5008f4972..0000000000 --- a/windows/client-management/mdm/icspnodeexecute.md +++ /dev/null @@ -1,50 +0,0 @@ ---- -title: ICSPNode Execute -description: ICSPNode Execute -ms.assetid: 5916e7b7-256d-49fd-82b6-db0547a215ec -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::Execute - -This method runs a task on an internally-transactioned configuration service provider node by passing in the specified user data and returning a result. The exact meaning of **Execute** and whether it is even supported depends on the purpose of the node. For example, **Execute** called on a node that represents a file should probably **ShellExecute** the file, whereas calling **Execute** on a registry node generally does not make sense. - -## Syntax - -``` syntax -HRESULT Execute([in] VARIANT varUserData); -``` - -## Parameters - -*varUserData* -    Data to pass into the execution. - -## Return Value - -A value of S\_OK indicates that the operation was performed successfully on the node. E\_NOTIMPL should be returned if this method is not implemented. - -## Remarks - -Externally–transactioned nodes do not support this method. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - -  - - - - diff --git a/windows/client-management/mdm/icspnodegetchildnodenames.md b/windows/client-management/mdm/icspnodegetchildnodenames.md deleted file mode 100644 index 176e294eb1..0000000000 --- a/windows/client-management/mdm/icspnodegetchildnodenames.md +++ /dev/null @@ -1,56 +0,0 @@ ---- -title: ICSPNode GetChildNodeNames -description: ICSPNode GetChildNodeNames -ms.assetid: dc057f2b-282b-49ac-91c4-bb83bd3ca4dc -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::GetChildNodeNames - -This method returns the list of child nodes for a configuration service provider node. - -## Syntax - -``` syntax -HRESULT GetChildNodeNames([out] ULONG* pulCount, - [out,size_is(,*pulCount)] BSTR** pbstrNodeNames); -``` - -## Parameters - -*pulCount* -

The number of child nodes to return.

- -*pbstrNodeNames* -

The array of child node names. The returned array must be allocated with CoTaskMemAlloc. Each element of the array must be a valid, non-NULL BSTR, allocated by SysAllocString or SysAllocStringLen. The names returned must not be encoded in any way, including URI-encoding, for canonicalization reasons.

- -## Return Value - -A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this was called on a leaf node (no children will be returned). - -## Remarks - -For externally–transactioned nodes, no additional methods are required for successful rollback. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodegetproperty.md b/windows/client-management/mdm/icspnodegetproperty.md deleted file mode 100644 index e617650c97..0000000000 --- a/windows/client-management/mdm/icspnodegetproperty.md +++ /dev/null @@ -1,58 +0,0 @@ ---- -title: ICSPNode GetProperty -description: ICSPNode GetProperty -ms.assetid: a2bdc158-72e0-4cdb-97ce-f5cf1a44b7db -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::GetProperty - -This method returns a property value from a configuration service provider node. - -## Syntax - -``` syntax -HRESULT GetProperty([in] REFGUID guidProperty, - [in,out] VARIANT* pvarValue); -``` - -## Parameters - -*guidProperty* -

GUID that specifies the property to return.

- -*pvarValue* -

Value to return.

- -## Return Value - -A value of S\_OK indicates that the value was successfully returned. CFGMGR\_E\_COMMANDNOTSUPPORTED indicates that the node does not implement the property itself, but delegates the management of the property to ConfigManager2. - -## Remarks - -Every node must handle the CFGMGR\_PROPERTY\_DATATYPE property. - -For externally–transactioned nodes, no additional methods are required for successful rollback. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodegetpropertyidentifiers.md b/windows/client-management/mdm/icspnodegetpropertyidentifiers.md deleted file mode 100644 index 479913e683..0000000000 --- a/windows/client-management/mdm/icspnodegetpropertyidentifiers.md +++ /dev/null @@ -1,55 +0,0 @@ ---- -title: ICSPNode GetPropertyIdentifiers -description: ICSPNode GetPropertyIdentifiers -ms.assetid: 8a052cd3-d74c-40c4-845f-f804b920deb4 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::GetPropertyIdentifiers - -This method returns a list of non-standard properties supported by the node. The returned array must be allocated with `CoTaskMemAlloc`. - -## Syntax - -``` syntax -HRESULT GetPropertyIdentifiers([out] ULONG* pulCount, - [out,size_is(,*pulCount)] GUID** pguidProperties); -``` - -## Parameters - -*pulCount* -

The number of non-standard properties to return.

- -*pguidProperties* -

The array of property GUIDs to return. This array must be allocated with CoTaskMemAlloc.

- -## Return Value - -A value of S\_OK indicates that the properties were successfully returned. E\_NOTIMPL indicates that this method is not supported by the node. - -## Remarks - -For externally–transactioned nodes, no additional methods are required for successful rollback. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - diff --git a/windows/client-management/mdm/icspnodegetvalue.md b/windows/client-management/mdm/icspnodegetvalue.md deleted file mode 100644 index 0e8d591f35..0000000000 --- a/windows/client-management/mdm/icspnodegetvalue.md +++ /dev/null @@ -1,53 +0,0 @@ ---- -title: ICSPNode GetValue -description: ICSPNode GetValue -ms.assetid: c684036d-98be-4659-8ce8-f72436a39b90 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::GetValue - -This method gets the value and data type for the node. Interior (non-leaf) nodes may not have a value. - -## Syntax - -``` syntax -HRESULT GetValue([in,out] VARIANT* pvarValue); -``` - -## Parameters - -*pvarValue* -

Data value to return. A node containing a password value returns 16 asterisks (‘*’) for this method. A leaf node whose value has not been set returns a variant whose type is VT_NULL. -

- -## Return Value - -A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::GetValue** methods, or that this is an interior node. - -## Remarks - -For externally–transactioned nodes, this node is not required to implement any other methods for a successful rollback. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodemove.md b/windows/client-management/mdm/icspnodemove.md deleted file mode 100644 index 40d917ca2f..0000000000 --- a/windows/client-management/mdm/icspnodemove.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: ICSPNode Move -description: ICSPNode Move -ms.assetid: efb359c3-5c86-4975-bf6f-a1c33922442a -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::Move - -This method moves the node to a new location within the configuration service provider. If the target node already exists, it should be overwritten. - -## Syntax - -``` syntax -HRESULT Move([in] IConfigManager2URI* puriDestination); -``` - -## Parameters - -*puriDestination* -

Path and name of the node's new location, relative to the configuration service provider's root node.

- -## Return Value - -A value of S\_OK indicates that the node was successfully moved. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::Move** method. - -## Remarks - -For externally–transactioned nodes, if this method is implemented, then [ICSPNode::Add](icspnodeadd.md) and [ICSPNode::SetValue](icspnodesetvalue.md) must also be implemented or rollback will fail. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodesetproperty.md b/windows/client-management/mdm/icspnodesetproperty.md deleted file mode 100644 index 8052bf2d5d..0000000000 --- a/windows/client-management/mdm/icspnodesetproperty.md +++ /dev/null @@ -1,58 +0,0 @@ ---- -title: ICSPNode SetProperty -description: ICSPNode SetProperty -ms.assetid: e235c38f-ea04-4cd8-adec-3c6c0ce7172d -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::SetProperty - -This method sets a property value for a configuration service provider node. - -## Syntax - -``` syntax -HRESULT SetProperty([in] REFGUID guidProperty, - [in] VARIANT varValue); -``` - -## Parameters - -*guidProperty* -

The GUID of the property.

- -*varValue* -

The value to return.

- -## Return Value - -A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_COMMANDNOTSUPPORTED indicates that this node delegates the management of the property to ConfigManager2. - -## Remarks - -Every node must properly handle the CFGMGR\_PROPERTY\_DATATYPE property. - -For externally–transactioned nodes, no additional methods are required for successful rollback. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodesetvalue.md b/windows/client-management/mdm/icspnodesetvalue.md deleted file mode 100644 index afcbc3b99d..0000000000 --- a/windows/client-management/mdm/icspnodesetvalue.md +++ /dev/null @@ -1,52 +0,0 @@ ---- -title: ICSPNode SetValue -description: ICSPNode SetValue -ms.assetid: b218636d-fe8b-4a0f-b4e8-a621f65619d3 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNode::SetValue - -This method sets the value for the configuration service provider node. It is an error to attempt to set the value of an interior node. - -## Syntax - -``` syntax -HRESULT SetValue([in] VARIANT varValue); -``` - -## Parameters - -*varValue* -

Value to set. To clear a leaf node’s value, set varValue’s type to VT_NULL.

- -## Return Value - -A value of S\_OK indicates that the value was set successfully. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::SetValue** method, or that it's an internal node. - -## Remarks - -For externally–transactioned nodes, no additional methods must be implemented to support rollback. - -## Requirements - -**Header:** None - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - - - - - - - - diff --git a/windows/client-management/mdm/icspnodetransactioning.md b/windows/client-management/mdm/icspnodetransactioning.md deleted file mode 100644 index 93b4a35b7b..0000000000 --- a/windows/client-management/mdm/icspnodetransactioning.md +++ /dev/null @@ -1,83 +0,0 @@ ---- -title: ICSPNodeTransactioning -description: ICSPNodeTransactioning -ms.assetid: 24dc518a-4a8d-41fe-9bc6-217bbbdf6a3f -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPNodeTransactioning - -This is an optional interface that enables a configuration service provider to define its own transactioning scheme (internal transactioning) for an individual node. Transactioning supports the ability to roll back previous actions on a node. The majority of nodes use external transactioning, which is handled automatically, and do not need to implement this interface. For more information about internal and external transactioning, including how to handle the `RollbackAction` functions, see "Determine node operations" in [Designing a custom configuration service provider](design-a-custom-windows-csp.md). - -``` syntax -interface ICSPNodeTransactioning : IUnknown -{ - HRESULT PersistRollbackAddState([in] IConfigManager2URI* puriChild, - [in] CFG_DATATYPE DataType, - [in] VARIANT varValue, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackCopyState([in] IConfigManager2URI* puriDestination, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackDeleteChildState([in] IConfigManager2URI* puriChild, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackClearState([in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackExecuteState([in] VARIANT varUserData, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackMoveState([in] IConfigManager2URI* puriDestination, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackSetValueState([in] VARIANT varValue, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackSetPropertyState([in] REFGUID guidProperty, - [in] VARIANT varValue, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT PersistRollbackDeletePropertyState([in] REFGUID guidProperty, - [in] ISequentialStream* pRollbackStream, - [in] ISequentialStream* pUninstallStream); - HRESULT RollbackAdd([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackCopy([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackDeleteChild([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackClear([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackExecute([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackMove([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackSetValue([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackSetProperty([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - HRESULT RollbackDeleteProperty([in] ISequentialStream* pUndoStream, - [in] BOOL fRecoveryRollback); - - HRESULT Commit(); -}; -``` - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - -  - - - - - diff --git a/windows/client-management/mdm/icspvalidate.md b/windows/client-management/mdm/icspvalidate.md deleted file mode 100644 index 3d59448e68..0000000000 --- a/windows/client-management/mdm/icspvalidate.md +++ /dev/null @@ -1,54 +0,0 @@ ---- -title: ICSPValidate -description: ICSPValidate -ms.assetid: b0993f2d-6269-412f-a329-af25fff34ca2 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# ICSPValidate - -This interface is optional. It is called by ConfigManager2 as it batches commands before transactioning begins. This allows the configuration service provider to validate the node before performing specific actions. It is generally only used for configuration service providers that need to expose UI. - -``` syntax -interface ICSPValidate : IUnknown -{ - HRESULT ValidateAdd([in] IConfigNodeState* pNodeState, - [in] IConfigManager2URI* puriChild, - [in] CFG_DATATYPE DataType, - [in] VARIANT varValue); - HRESULT ValidateCopy([in] IConfigNodeState* pNodeState, - [in] IConfigManager2URI* puriDestination); - HRESULT ValidateDeleteChild([in] IConfigNodeState* pNodeState, - [in] IConfigManager2URI* puriChild); - HRESULT ValidateClear([in] IConfigNodeState* pNodeState); - HRESULT ValidateExecute([in] IConfigNodeState* pNodeState, - [in] VARIANT varUserData); - HRESULT ValidateMove([in] IConfigNodeState* pNodeState, - [in] IConfigManager2URI* puriDestination); - HRESULT ValidateSetValue([in] IConfigNodeState* pNodeState, - [in] VARIANT varValue); - HRESULT ValidateSetProperty([in] IConfigNodeState* pNodeState, - [in] REFGUID guidProperty, - [in] VARIANT varValue); - HRESULT ValidateDeleteProperty([in] IConfigNodeState* pNodeState, - [in] REFGUID guidProperty); -``` - -## Related topics - -[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md) - -  - - - - - - diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index f224b4242c..3ca4486f3b 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -12,7 +12,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: manikadhiman -ms.date: 05/15/2019 +ms.date: 07/01/2019 --- # What's new in mobile device enrollment and management @@ -56,6 +56,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s - [What is dmwappushsvc?](#what-is-dmwappushsvc) - **Change history in MDM documentation** + - [July 2019](#july-2019) - [June 2019](#june-2019) - [May 2019](#may-2019) - [April 2019](#april-2019) @@ -1880,6 +1881,13 @@ How do I turn if off? | The service can be stopped from the "Services" console o ## Change history in MDM documentation +### July 2019 + +|New or updated topic | Description| +|--- | ---| +|Create a custom configuration service provider|Deleted the following documents from the CSP reference because extensibility via CSPs is not currently supported:
Create a custom configuration service provider
Design a custom configuration service provider
IConfigServiceProvider2
IConfigServiceProvider2::ConfigManagerNotification
IConfigServiceProvider2::GetNode
ICSPNode
ICSPNode::Add
ICSPNode::Clear
ICSPNode::Copy
ICSPNode::DeleteChild
ICSPNode::DeleteProperty
ICSPNode::Execute
ICSPNode::GetChildNodeNames
ICSPNode::GetProperty
ICSPNode::GetPropertyIdentifiers
ICSPNode::GetValue
ICSPNode::Move
ICSPNode::SetProperty
ICSPNode::SetValue
ICSPNodeTransactioning
ICSPValidate
Samples for writing a custom configuration service provider| + + ### June 2019 |New or updated topic | Description| diff --git a/windows/client-management/mdm/samples-for-writing-a-custom-configuration-service-provider.md b/windows/client-management/mdm/samples-for-writing-a-custom-configuration-service-provider.md deleted file mode 100644 index 0ee7ef78f1..0000000000 --- a/windows/client-management/mdm/samples-for-writing-a-custom-configuration-service-provider.md +++ /dev/null @@ -1,51 +0,0 @@ ---- -title: Samples for writing a custom configuration service provider -description: Samples for writing a custom configuration service provider -ms.assetid: ccda4d62-7ce1-483b-912f-25d50c974270 -ms.reviewer: -manager: dansimp -ms.author: dansimp -ms.topic: article -ms.prod: w10 -ms.technology: windows -author: manikadhiman -ms.date: 06/26/2017 ---- - -# Samples for writing a custom configuration service provider - -The following example shows how to retrieve Integrated Circuit Card Identifier (ICCID) and International Mobile Subscriber Identity (IMSI) for a dual SIM phone. - -## Retrieving ICCID and IMSI for a dual SIM phone - -The following sample is used in the [IConfigServiceProvider2::ConfigManagerNotification](iconfigserviceprovider2configmanagernotification.md) method implementation. It first retrieves the IConfigSession2 object, and then queries the ICCID with the IConfigSession2::GetSessionVariable method. To retrieve the IMSI, replace L”ICCID” with L”IMSI”. - -``` syntax -case CFGMGR_NOTIFICATION_SETSESSIONOBJ: - if (NULL != lpParam) - { - m_pSession = reinterpret_cast(lpParam); -        m_pSession->AddRef(); -    } - -    bstrContext = SysAllocString(L"ICCID"); -    if (NULL == bstrContext) -    { -    hr = E_OUTOFMEMORY; -    goto Error; -    } - -    hr = m_pSession->GetSessionVariable(bstrContext, &varValue); -    if (FAILED(hr)) -    { -     goto Error; -    } -    break; -``` - -  - - - - - diff --git a/windows/configuration/customize-and-export-start-layout.md b/windows/configuration/customize-and-export-start-layout.md index 60108ae542..2fd51caeeb 100644 --- a/windows/configuration/customize-and-export-start-layout.md +++ b/windows/configuration/customize-and-export-start-layout.md @@ -171,9 +171,9 @@ If the Start layout is applied by Group Policy or MDM, and the policy is removed **To configure a partial Start screen layout** -1. [Customize the Start layout](#bmk-customize-start). +1. [Customize the Start layout](#customize-the-start-screen-on-your-test-computer). -2. [Export the Start layout](#bmk-exportstartscreenlayout). +2. [Export the Start layout](#export-the-start-layout). 3. Open the layout .xml file. There is a `` element. Add `LayoutCustomizationRestrictionType="OnlySpecifiedGroups"` to the **DefaultLayoutOverride** element as follows: ``` syntax diff --git a/windows/configuration/start-secondary-tiles.md b/windows/configuration/start-secondary-tiles.md index 5c93aacf5e..fd49af9302 100644 --- a/windows/configuration/start-secondary-tiles.md +++ b/windows/configuration/start-secondary-tiles.md @@ -64,7 +64,7 @@ In Windows 10, version 1703, by using the PowerShell cmdlet `export-StartLayoutE ## Export Start layout and assets -1. Follow the instructions in [Customize and export Start layout](customize-and-export-start-layout.md#bkmkcustomizestartscreen) to customize the Start screen on your test computer. +1. Follow the instructions in [Customize and export Start layout](customize-and-export-start-layout.md#customize-the-start-screen-on-your-test-computer) to customize the Start screen on your test computer. 2. Open Windows PowerShell as an administrator and enter the following command: ``` diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md index b3903e691b..e8bd2af8db 100644 --- a/windows/deployment/update/windows-analytics-get-started.md +++ b/windows/deployment/update/windows-analytics-get-started.md @@ -75,6 +75,12 @@ To enable data sharing, configure your proxy server to whitelist the following e > [!IMPORTANT] > For privacy and data integrity, Windows checks for a Microsoft SSL certificate when communicating with the diagnostic data endpoints. SSL interception and inspection aren't possible. To use Desktop Analytics, exclude these endpoints from SSL inspection. +>[!NOTE] +>Microsoft has a strong commitment to providing the tools and resources that put you in control of your privacy. As a result, Microsoft doesn't collect the following data from devices located in European countries (EEA and Switzerland): +>- Windows diagnostic data from Windows 8.1 devices +>- App usage data for Windows 7 devices + + ### Configuring endpoint access with SSL inspection To ensure privacy and data integrity Windows checks for a Microsoft SSL certificate when communicating with the diagnostic data endpoints. Accordingly SSL interception and inspection is not possible. To use Windows Analytics services you should exclude the above endpoints from SSL inspection. @@ -205,3 +211,4 @@ Note that it is possible to intiate a full inventory scan on a device by calling - CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun ent For details on how to run these and how to check results, see the deployment script. + diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml index 1c510dd2e2..fcb44369bb 100644 --- a/windows/release-information/resolved-issues-windows-10-1507.yml +++ b/windows/release-information/resolved-issues-windows-10-1507.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -52,6 +53,15 @@ sections:
" +- title: June 2019 +- items: + - type: markdown + text: " +
SummaryOriginating updateStatusDate resolved
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		July 09, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >		OS Build 10240.18215

May 14, 2019
KB4499154		Resolved
KB4505051		May 19, 2019
02:00 PM PT
MSXML6 may cause applications to stop responding
MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode().

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Resolved
KB4493475		April 09, 2019
10:00 AM PT
Custom URI schemes may not start corresponding application
Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.

See details >		OS Build 10240.18158

March 12, 2019
KB4489872		Resolved
KB4493475		April 09, 2019
10:00 AM PT
+ +
DetailsOriginating updateStatusHistory
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4507458.

Back to top		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		Resolved:
July 09, 2019
10:00 AM PT

Opened:
June 12, 2019
11:11 AM PT
+ " + - title: May 2019 - items: - type: markdown diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 49d7c93e32..3ad444b3d0 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -80,6 +81,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		June 27, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4503294		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4503267		June 11, 2019
10:00 AM PT
+ diff --git a/windows/release-information/resolved-issues-windows-10-1703.yml b/windows/release-information/resolved-issues-windows-10-1703.yml index 0d6b415ad8..57777605fe 100644 --- a/windows/release-information/resolved-issues-windows-10-1703.yml +++ b/windows/release-information/resolved-issues-windows-10-1703.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: "
DetailsOriginating updateStatusHistory
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507460.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		Resolved:
July 09, 2019
10:00 AM PT

Opened:
May 21, 2019
08:50 AM PT
Update not showing as applicable through WSUS or SCCM or when manually installed
KB4494440 or later updates may not show as applicable through WSUS or SCCM to the affected platforms. When manually installing the standalone update from Microsoft Update Catalog, it may fail to install with the error, \"The update is not applicable to your computer.\"


Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016

Resolution: The servicing stack update (SSU) (KB4498947) must be installed before installing the latest cumulative update (LCU). The LCU will not be reported as applicable until the SSU is installed. For more information, see Servicing stack updates.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4498947		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 24, 2019
04:20 PM PT
Unable to access some gov.uk websites
After installing the May 14, 2019 update, some gov.uk websites that don’t support HTTP Strict Transport Security (HSTS) may not be accessible through Internet Explorer 11 or Microsoft Edge.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10, version 1507; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: We have released an \"optional, out-of-band\" update for Windows 10 (KB4505052) to resolve this issue. If you are affected, we recommend you apply this update by installing KB4505052 from Windows Update and then restarting your device.

This update will not be applied automatically. To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates. To get the standalone package for KB4505052, search for it in the Microsoft Update Catalog.
 

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4505052		Resolved:
May 19, 2019
02:00 PM PT

Opened:
May 16, 2019
01:57 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. For example, the layout and cell size of Microsoft Excel sheets may change when using MS UI Gothic.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue has been resolved.

Back to top		OS Build 14393.2941

April 25, 2019
KB4493473		Resolved
KB4494440		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 10, 2019
10:35 AM PT
+ @@ -75,6 +76,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4507450		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved
KB4503289		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4503279		June 11, 2019
10:00 AM PT
+
DetailsOriginating updateStatusHistory
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4499181 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507450.

Back to top		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4507450		Resolved:
July 09, 2019
10:00 AM PT

Opened:
May 21, 2019
08:50 AM PT
Unable to access some gov.uk websites
After installing the May 14, 2019 update, some gov.uk websites that don’t support HTTP Strict Transport Security (HSTS) may not be accessible through Internet Explorer 11 or Microsoft Edge.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10, version 1507; Windows 8.1; Windows 7 SP1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1
Resolution: We have released an \"optional, out-of-band\" update for Windows 10 (KB4505055) to resolve this issue. If you are affected, we recommend you apply this update by installing KB4505055 from Windows Update and then restarting your device.

This update will not be applied automatically. To download and install this update, go to Settings > Update & Security > Windows Update and select Check for updates. To get the standalone package for KB4505055, search for it in the Microsoft Update Catalog.
 

Back to top		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4505055		Resolved:
May 19, 2019
02:00 PM PT

Opened:
May 16, 2019
01:57 PM PT
Layout and cell size of Excel sheets may change when using MS UI Gothic
When using the MS UI Gothic or MS PGothic fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. For example, the layout and cell size of Microsoft Excel sheets may change when using MS UI Gothic.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue has been resolved.

Back to top		OS Build 15063.1784

April 25, 2019
KB4493436		Resolved
KB4499181		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 10, 2019
10:35 AM PT
diff --git a/windows/release-information/status-windows-10-1507.yml b/windows/release-information/status-windows-10-1507.yml index 038724ee59..e81ad9523c 100644 --- a/windows/release-information/status-windows-10-1507.yml +++ b/windows/release-information/status-windows-10-1507.yml @@ -60,8 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- +
SummaryOriginating updateStatusLast updated
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Mitigated
June 13, 2019
02:21 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 10240.18094

January 08, 2019
KB4480962		Mitigated
April 25, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		July 09, 2019
10:00 AM PT
" @@ -77,7 +77,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Workaround: To mitigate this issue, see KB4508640.

Next steps: We are working on a resolution and estimate a solution will be available in late June.

Back to top		OS Build 10240.18244

June 11, 2019
KB4503291		Mitigated
Last updated:
June 13, 2019
02:21 PM PT

Opened:
June 12, 2019
11:11 AM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4507458.

Back to top		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		Resolved:
July 09, 2019
10:00 AM PT

Opened:
June 12, 2019
11:11 AM PT
" diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index db44883cf7..0136063415 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -60,12 +60,12 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -97,7 +97,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Mitigated
June 24, 2019
10:46 AM PT
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

See details >		OS Build 14393.2941

April 25, 2019
KB4493473		Mitigated
June 07, 2019
04:25 PM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 14393.2724

January 08, 2019
KB4480961		Mitigated
April 25, 2019
02:00 PM PT
Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM
Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.

See details >		OS Build 14393.2608

November 13, 2018
KB4467691		Mitigated
February 19, 2019
10:00 AM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		June 27, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4503294		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4503267		June 11, 2019
10:00 AM PT
- +
DetailsOriginating updateStatusHistory
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
  1. Retrieve the 48-digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
  2. From the recovery screen, press the enter key and enter the recovery password when prompted.
  3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
  4. Select Advanced options then Troubleshoot then Advanced options then Command Prompt.
  5. Unlock drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
  6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
  7. Exit the command window using the command: exit
  8. Select Continue from recovery environment.
  9. The device should now start Windows.
  10. Once started, launch an elevated Command Prompt (i.e. run Command Prompt as administrator) and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
Note The steps in this workaround need to be followed on every system start unless BitLocker is suspended before restarting.

To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
Note This command will suspend BitLocker for one restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Mitigated
Last updated:
June 24, 2019
10:46 AM PT

Opened:
May 21, 2019
08:50 AM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507460.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		Resolved:
July 09, 2019
10:00 AM PT

Opened:
May 21, 2019
08:50 AM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index 761911bdc5..99416c1cc3 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -60,8 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -91,7 +91,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Mitigated
June 24, 2019
10:46 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4507450		July 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved
KB4503289		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4503279		June 11, 2019
10:00 AM PT
- +
DetailsOriginating updateStatusHistory
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4499181 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
  1. Retrieve the 48-digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
  2. From the recovery screen, press the enter key and enter the recovery password when prompted.
  3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
  4. Select Advanced options then Troubleshoot then Advanced options then Command Prompt.
  5. Unlock drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
  6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
  7. Exit the command window using the command: exit
  8. Select Continue from recovery environment.
  9. The device should now start Windows.
  10. Once started, launch an elevated Command Prompt (i.e. run Command Prompt as administrator) and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
Note The steps in this workaround need to be followed on every system start unless BitLocker is suspended before restarting.

To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
Note This command will suspend BitLocker for one restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 15063.1805

May 14, 2019
KB4499181		Mitigated
Last updated:
June 24, 2019
10:46 AM PT

Opened:
May 21, 2019
08:50 AM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4499181 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507450.

Back to top		OS Build 15063.1805

May 14, 2019
KB4499181		Resolved
KB4507450		Resolved:
July 09, 2019
10:00 AM PT

Opened:
May 21, 2019
08:50 AM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 98f91cde7b..2ab20e2c38 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -79,9 +79,6 @@ sections:
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >OS Build 18362.116

May 21, 2019
KB4505057Mitigated
May 21, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >OS Build 18362.175

June 11, 2019
KB4503293Resolved
KB4501375June 27, 2019
10:00 AM PT
Duplicate folders and documents showing in user profile directory
If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4497935May 29, 2019
02:00 PM PT -
Older versions of BattlEye anti-cheat software incompatible
Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
June 07, 2019
04:26 PM PT -
AMD RAID driver incompatibility
Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
June 06, 2019
11:06 AM PT -
D3D applications and games may fail to enter full-screen mode on rotated displays
Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4497935May 29, 2019
02:00 PM PT " @@ -118,8 +115,5 @@ sections:
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:

\"Close other apps, error code: 0XA00F4243.”


To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: To temporarily resolve this issue, perform one of the following:

  • Unplug your camera and plug it back in.

or

  • Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press Enter. In the Device Manager dialog box, expand Cameras, then right-click on any RealSense driver listed and select Disable device. Right click on the driver again and select Enable device.

or

  • Restart the RealSense service. In the Search box, type \"Task Manager\" and hit Enter. In the Task Manager dialog box, click on the Services tab, right-click on RealSense, and select Restart
Note This workaround will only resolve the issue until your next system restart.

Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until this issue has been resolved.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Mitigated
Last updated:
May 21, 2019
04:47 PM PT

Opened:
May 21, 2019
07:20 AM PT
Intermittent loss of Wi-Fi connectivity
Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Download and install an updated Wi-Fi driver from your device manufacturer (OEM).
 
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Mitigated
Last updated:
May 21, 2019
04:46 PM PT

Opened:
May 21, 2019
07:13 AM PT
Duplicate folders and documents showing in user profile directory
If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.

To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4497935 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Window 10, version 1903.
(Posted June 11, 2019)

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4497935Resolved:
May 29, 2019
02:00 PM PT

Opened:
May 21, 2019
07:16 AM PT -
Older versions of BattlEye anti-cheat software incompatible
Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.

To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device. 

Affected platforms:
  • Client: Windows 10, version 1903
Workaround: Before updating your machine, we recommend you do one or more of the following:

  • Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.
  • Restart your system and open the game again.
  • Uninstall BattlEye using https://www.battleye.com/downloads/UninstallBE.exe, and then reopen your game.
  • Uninstall and reinstall your game.
Resolution: This issue was resolved externally by BattlEye for all known impacted games. For a list of recent games that use BattlEye, go to https://www.battleye.com/. We recommend following the workaround before updating to Windows 10, version 1903, as games with incompatible versions of BattleEye may fail to open after updating Windows. If you have confirmed your game is up to date and you have any issues with opening games related to a BattlEye error, please see https://www.battleye.com/support/faq/.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
Resolved:
June 07, 2019
04:26 PM PT

Opened:
May 21, 2019
07:34 AM PT -
AMD RAID driver incompatibility
Microsoft and AMD have identified an incompatibility with AMD RAID driver versions earlier than 9.2.0.105. When you attempt to install the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:

AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.

“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”

 
To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue has been resolved externally by AMD. To resolve this issue, you will need to download the latest AMD RAID drivers directly from AMD at https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399. The drivers must be version 9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.
 
Note The safeguard hold will remain in place on machines with the older AMD RAID drivers. We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
Resolved:
June 06, 2019
11:06 AM PT

Opened:
May 21, 2019
07:12 AM PT -
D3D applications and games may fail to enter full-screen mode on rotated displays
Some Direct3D (D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4497935

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4497935Resolved:
May 29, 2019
02:00 PM PT

Opened:
May 21, 2019
07:05 AM PT " diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 7b03312ac6..31946a06a8 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -51,8 +51,8 @@ sections: - - + + diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index e054a66443..9535492f02 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -421,6 +421,11 @@ #### [Troubleshoot Microsoft Defender ATP service issues](microsoft-defender-atp/troubleshoot-mdatp.md) ##### [Check service health](microsoft-defender-atp/service-status.md) + +#### [Troubleshoot live response issues]() +##### [Troubleshoot issues related to live response](microsoft-defender-atp/troubleshoot-live-response.md) + + ####Troubleshoot attack surface reduction ##### [Network protection](windows-defender-exploit-guard/troubleshoot-np.md) ##### [Attack surface reduction rules](windows-defender-exploit-guard/troubleshoot-asr.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/TOC.md b/windows/security/threat-protection/microsoft-defender-atp/TOC.md index 881293505c..44f14073d3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/TOC.md +++ b/windows/security/threat-protection/microsoft-defender-atp/TOC.md @@ -417,10 +417,14 @@ ### [Troubleshoot Microsoft Defender ATP service issues](troubleshoot-mdatp.md) #### [Check service health](service-status.md) + +### [Troubleshoot live response issues]() +#### [Troubleshoot issues related to live response](troubleshoot-live-response.md) + ### Troubleshoot attack surface reduction #### [Network protection](../windows-defender-exploit-guard/troubleshoot-np.md) #### [Attack surface reduction rules](../windows-defender-exploit-guard/troubleshoot-asr.md) -#### [Collect diagnostic data for files](../windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md) +#### [Collect diagnostic data for files](../windows-defender-exploit-guard/troubleshoot-np.md) ### [Troubleshoot next generation protection](../windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md index a09b2f556d..a3d83d4880 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md +++ b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md @@ -1,5 +1,5 @@ --- -title: Advanced Hunting API +title: Hello World ms.reviewer: description: Use this API to run advanced queries keywords: apis, supported apis, advanced hunting, query @@ -19,10 +19,9 @@ ms.topic: article # Microsoft Defender ATP API - Hello World -**Applies to:** -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## Get Alerts using a simple PowerShell script @@ -33,68 +32,60 @@ It only takes 5 minutes done in two steps: - Use examples: only requires copy/paste of a short PowerShell script ### Do I need a permission to connect? -For the App registration stage, you must have a Global administrator role in your Azure Active Directory (Azure AD) tenant. +For the Application registration stage, you must have a **Global administrator** role in your Azure Active Directory (Azure AD) tenant. ### Step 1 - Create an App in Azure Active Directory -1. Log on to [Azure](https://portal.azure.com) with your Global administrator user. +1. Log on to [Azure](https://portal.azure.com) with your **Global administrator** user. -2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**. +2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. - ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app.png) + ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png) -3. In the registration form, enter the following information, then click **Create**. +3. In the registration form, choose a name for your application and then click **Register**. - - **Name:** Choose your own name. - - **Application type:** Web app / API - - **Redirect URI:** `https://127.0.0.1` +4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission: - ![Image of Create application window](images/webapp-create.png) + - On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**. -4. Allow your App to access Microsoft Defender ATP and assign it 'Read all alerts' permission: + - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. - - Click **Settings** > **Required permissions** > **Add**. + ![Image of API access and API selection](images/add-permission.png) - ![Image of new app in Azure](images/webapp-add-permission.png) + - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions** - - Click **Select an API** > **WindowsDefenderATP**, then click **Select**. + ![Image of API access and API selection](images/application-permissions.png) - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. + **Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example! - ![Image of API access and API selection](images/webapp-add-permission-2.png) + For instance, - - Click **Select permissions** > **Read all alerts** > **Select**. + - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission + - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission + - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. - ![Image of API access and API selection](images/webapp-add-permission-readalerts.png) +5. Click **Grant consent** - - Click **Done** + - **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect. - ![Image of add permissions completion](images/webapp-add-permission-end.png) + ![Image of Grant permissions](images/grant-consent.png) - - Click **Grant permissions** +6. Add a secret to the application. - **Note**: Every time you add permission you must click on **Grant permissions**. + - Click **Certificates & secrets**, add description to the secret and click **Add**. - ![Image of Grant permissions](images/webapp-grant-permissions.png) + **Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave! -5. Create a key for your App: + ![Image of create app key](images/webapp-create-key2.png) - - Click **Keys**, type a key name and click **Save**. +7. Write down your application ID and your tenant ID: - ![Image of create app key](images/webapp-create-key.png) + - On your application page, go to **Overview** and copy the following: -6. Write down your App ID and your Tenant ID: - - - App ID: - - ![Image of created app id](images/webapp-app-id1.png) - - - Tenant ID: Navigate to **Azure Active Directory** > **Properties** - - ![Image of create app key](images/api-tenant-id.png) + ![Image of created app id](images/app-and-tenant-ids.png) -Done! You have successfully registered an application! +Done! You have successfully registered an application! ### Step 2 - Get a token using the App and use this token to access the API. @@ -106,8 +97,8 @@ Done! You have successfully registered an application! # Paste below your Tenant ID, App ID and App Secret (App key). $tenantId = '' ### Paste your tenant ID here -$appId = '' ### Paste your app ID here -$appSecret = '' ### Paste your app key here +$appId = '' ### Paste your Application ID here +$appSecret = '' ### Paste your Application secret here $resourceAppIdUri = 'https://api.securitycenter.windows.com' $oAuthUri = "https://login.windows.net/$TenantId/oauth2/token" diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md index ab927de17d..6d064aed64 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md @@ -1,7 +1,7 @@ --- title: Use Microsoft Defender Advanced Threat Protection APIs ms.reviewer: -description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph. +description: Use the exposed data and actions using a set of programmatic APIs that are part of the Microsoft Intelligence Security Graph. keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query search.product: eADQiWindows 10XVcnh ms.prod: w10 @@ -19,10 +19,9 @@ ms.topic: article # Use Microsoft Defender ATP APIs -**Applies to:** -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) This page describes how to create an application to get programmatic access to Microsoft Defender ATP on behalf of a user. @@ -40,7 +39,7 @@ In general, you’ll need to take the following steps to use the APIs: This page explains how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token. >[!NOTE] -> When accessing Microsoft Defender ATP API on behalf of a user, you will need the correct App permission and user permission. +> When accessing Microsoft Defender ATP API on behalf of a user, you will need the correct Application permission and user permission. > If you are not familiar with user permissions on Microsoft Defender ATP, see [Manage portal access using role-based access control](rbac.md). >[!TIP] @@ -48,60 +47,50 @@ This page explains how to create an AAD application, get an access token to Micr ## Create an app -1. Log on to [Azure](https://portal.azure.com) with user that has Global Administrator role. +1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role. -2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**. +2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. - ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app.png) + ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png) -3. In the Create window, enter the following information then click **Create**. +3. In the registration from, enter the following information then click **Register**. - ![Image of Create application window](images/nativeapp-create.png) + ![Image of Create application window](images/nativeapp-create2.png) - - **Name:** -Your app name- - - **Application type:** Native - - **Redirect URI:** `https://127.0.0.1` + - **Name:** -Your application name- + - **Application type:** Public client +4. Allow your Application to access Microsoft Defender ATP and assign it 'Read alerts' permission: -4. Click **Settings** > **Required permissions** > **Add**. + - On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**. - ![Image of new app in Azure](images/nativeapp-add-permission.png) + - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. -5. Click **Select an API** > **WindowsDefenderATP**, then click **Select**. - - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. + ![Image of API access and API selection](images/add-permission.png) - ![Image of API access and API selection](images/webapp-add-permission-2.png) + - Choose **Delegated permissions** > **Alert.Read** > Click on **Add permissions** -6. Click **Select permissions** > **Check the desired permissions** > **Select**. - - >[!IMPORTANT] - >You need to select the relevant permissions. 'Read alerts' and 'Collect forensics' are only an example. - For instance, + ![Image of API access and API selection](images/application-permissions-public-client.png) - - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission - - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission + - **Important note**: You need to select the relevant permissions. 'Read alerts' is only an example! - To determine which permission you need, look at the **Permissions** section in the API you are interested to call. + For instance, - ![Image of select permissions](images/nativeapp-select-permissions.png) + - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission + - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission + - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. + - Click **Grant consent** -7. Click **Done** + **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect. - ![Image of add permissions completion](images/nativeapp-add-permissions-end.png) + ![Image of Grant permissions](images/grant-consent.png) -8. Click **Grant permissions** +6. Write down your application ID and your tenant ID: - In order to add the new selected permissions to the app, the Admin's tenant must press on the **Grant permissions** button. + - On your application page, go to **Overview** and copy the following: - If in the future you will want to add more permission to the app, you will need to press on the **Grant permissions** button again so the changes will take effect. - - ![Image of Grant permissions](images/webapp-grant-permissions.png) - -9. Write down your application ID. - - ![Image of app ID](images/nativeapp-get-appid.png) + ![Image of created app id](images/app-and-tenant-ids.png) ## Get an access token @@ -156,7 +145,7 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co Sanity check to make sure you got a correct token: - Copy/paste into [JWT](https://jwt.ms) the token you got in the previous step in order to decode it - Validate you get a 'scp' claim with the desired app permissions -- In the screenshot below you can see a decoded token acquired from the app in the tutorial: +- In the screen shot below you can see a decoded token acquired from the app in the tutorial: ![Image of token validation](images/nativeapp-decoded-token.png) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md index 4b2377c9a3..880b4e2b38 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md @@ -1,7 +1,7 @@ --- -title: Create an app to access Microsoft Defender ATP without a user +title: Create an Application to access Microsoft Defender ATP without a user ms.reviewer: -description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph. +description: Use the exposed data and actions using a set of programmatic APIs that are part of the Microsoft Intelligence Security Graph. keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query search.product: eADQiWindows 10XVcnh ms.prod: w10 @@ -19,11 +19,9 @@ ms.topic: article # Create an app to access Microsoft Defender ATP without a user -**Applies to:** +**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user. @@ -31,7 +29,7 @@ If you need programmatic access Microsoft Defender ATP on behalf of a user, see If you are not sure which access you need, see [Get started](apis-intro.md). -Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate workflows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). +Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate work flows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). In general, you’ll need to take the following steps to use the APIs: - Create an AAD application @@ -42,75 +40,65 @@ This page explains how to create an AAD application, get an access token to Micr ## Create an app -1. Log on to [Azure](https://portal.azure.com) with user that has Global Administrator role. +1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role. -2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**. +2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. - ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app.png) + ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png) -3. In the Create window, enter the following information then click **Create**. +3. In the registration form, choose a name for your application and then click **Register**. - ![Image of Create application window](images/webapp-create.png) +4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission: - - **Name:** Choose your own name. - - **Application type:** Web app / API - - **Redirect URI:** `https://127.0.0.1` + - On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**. -4. Click **Settings** > **Required permissions** > **Add**. + - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. - ![Image of new app in Azure](images/webapp-add-permission.png) + ![Image of API access and API selection](images/add-permission.png) -5. Click **Select an API** > **WindowsDefenderATP**, then click **Select**. + - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions** - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. + ![Image of API access and API selection](images/application-permissions.png) - ![Image of API access and API selection](images/webapp-add-permission-2.png) + **Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example! -6. Click **Select permissions** > **Check the desired permissions** > **Select**. + For instance, - **Important note**: You need to select the relevant permissions. 'Run advanced queries' is only an example! + - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission + - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission + - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. - For instance, +5. Click **Grant consent** - - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission - - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission - - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. + - **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect. - ![Image of select permissions](images/webapp-select-permission.png) + ![Image of Grant permissions](images/grant-consent.png) -7. Click **Done** +6. Add a secret to the application. - ![Image of add permissions completion](images/webapp-add-permission-end.png) + - Click **Certificates & secrets**, add description to the secret and click **Add**. -8. Click **Grant permissions** + **Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave! - In order to add the new selected permissions to the app, the Admin's tenant must press on the **Grant permissions** button. + ![Image of create app key](images/webapp-create-key2.png) - If in the future you will want to add more permission to the app, you will need to press on the **Grant permissions** button again so the changes will take effect. +7. Write down your application ID and your tenant ID: - ![Image of Grant permissions](images/webapp-grant-permissions.png) + - On your application page, go to **Overview** and copy the following: -9. Click **Keys**, type a key name and click **Save**. + ![Image of created app id](images/app-and-tenant-ids.png) - **Important**: After you save, **copy the key value**. You won't be able to retrieve after you leave! +8. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted (available in all tenants after consent) - ![Image of create app key](images/webapp-create-key.png) + This is **required** for 3rd party applications (for example, if you create an application that is intended to run in multiple customers tenant). -10. Write down your application ID. + This is **not required** if you create a service that you want to run in your tenant only (i.e. if you create an application for your own usage that will only interact with your own data) - ![Image of created app id](images/webapp-app-id1.png) + - Go to **Authentication** > Add https://portal.azure.com as **Redirect URI**. -11. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted + - On the bottom of the page, under **Supported account types**, mark **Accounts in any organizational directory** - This is **required** for 3rd party apps (for example, if you create an application that is intended to run in multiple customers tenant). - - This is **not required** if you create a service that you want to run in your tenant only (for example, if you create an application for your own usage that will only interact with your own data) - - Click **Properties** > **Yes** > **Save**. - - ![Image of multi tenant](images/webapp-edit-multitenant.png) - - - Application consent for your multi-tenant App: + - Application consent for your multi-tenant Application: You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Microsoft Defender ATP application on behalf of your customer. @@ -122,7 +110,7 @@ This page explains how to create an AAD application, get an access token to Micr https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true ``` - where 00000000-0000-0000-0000-000000000000 should be replaced with your Azure application ID + where 00000000-0000-0000-0000-000000000000 should be replaced with your Application ID - **Done!** You have successfully registered an application! @@ -139,8 +127,8 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co # Paste below your Tenant ID, App ID and App Secret (App key). $tenantId = '' ### Paste your tenant ID here -$appId = '' ### Paste your app ID here -$appSecret = '' ### Paste your app key here +$appId = '' ### Paste your Application ID here +$appSecret = '' ### Paste your Application key here $resourceAppIdUri = 'https://api.securitycenter.windows.com' $oAuthUri = "https://login.windows.net/$TenantId/oauth2/token" @@ -158,7 +146,7 @@ return $token ### Using C#: ->The below code was tested with nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8 +>The below code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8 - Create a new Console Application - Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/) @@ -215,7 +203,7 @@ You will get an answer of the form: Sanity check to make sure you got a correct token: - Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it - Validate you get a 'roles' claim with the desired permissions -- In the screenshot below you can see a decoded token acquired from an app with permissions to all of Microsoft Defender ATP's roles: +- In the screen shot below you can see a decoded token acquired from an Application with permissions to all of Microsoft Defender ATP's roles: ![Image of token validation](images/webapp-decoded-token.png) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/add-permission.png b/windows/security/threat-protection/microsoft-defender-atp/images/add-permission.png new file mode 100644 index 0000000000..74d57acf8e Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/add-permission.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/api-tenant-id.png b/windows/security/threat-protection/microsoft-defender-atp/images/api-tenant-id.png deleted file mode 100644 index ebac0b0e34..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/api-tenant-id.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/app-and-tenant-ids.png b/windows/security/threat-protection/microsoft-defender-atp/images/app-and-tenant-ids.png new file mode 100644 index 0000000000..1f4f508c8c Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/app-and-tenant-ids.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/application-permissions-public-client.png b/windows/security/threat-protection/microsoft-defender-atp/images/application-permissions-public-client.png new file mode 100644 index 0000000000..3fc32f22db Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/application-permissions-public-client.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/application-permissions.png b/windows/security/threat-protection/microsoft-defender-atp/images/application-permissions.png new file mode 100644 index 0000000000..15977b7c35 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/application-permissions.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app.png b/windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app.png deleted file mode 100644 index 4449661657..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app2.png b/windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app2.png new file mode 100644 index 0000000000..e04f757cff Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app2.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/grant-consent.png b/windows/security/threat-protection/microsoft-defender-atp/images/grant-consent.png new file mode 100644 index 0000000000..0735940d05 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/grant-consent.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/nativeapp-create2.png b/windows/security/threat-protection/microsoft-defender-atp/images/nativeapp-create2.png new file mode 100644 index 0000000000..03c10910cb Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/nativeapp-create2.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-2.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-2.png deleted file mode 100644 index 84672bbe4a..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-2.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-end.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-end.png deleted file mode 100644 index 24bb4d1854..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-end.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-readalerts.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-readalerts.png deleted file mode 100644 index 2872b71881..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-readalerts.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission.png deleted file mode 100644 index 38e98ce07d..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-app-id1.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-app-id1.png deleted file mode 100644 index 4c058c2f93..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-app-id1.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key.png deleted file mode 100644 index 4ddb1fae83..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key2.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key2.png new file mode 100644 index 0000000000..99339be6a7 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key2.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create.png deleted file mode 100644 index dea9d8493d..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-create.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-edit-multitenant.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-edit-multitenant.png deleted file mode 100644 index 47203a8151..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-edit-multitenant.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-grant-permissions.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-grant-permissions.png deleted file mode 100644 index b7c7e0926f..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-grant-permissions.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-select-permission.png b/windows/security/threat-protection/microsoft-defender-atp/images/webapp-select-permission.png deleted file mode 100644 index 8edc069eaf..0000000000 Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/webapp-select-permission.png and /dev/null differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md new file mode 100644 index 0000000000..c9f75c07aa --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md @@ -0,0 +1,56 @@ +--- +title: Troubleshoot Microsoft Defender ATP live response issues +description: Troubleshoot issues that might arise when using live response in Microsoft Defender ATP +keywords: troubleshoot live response, live, response, locked, file +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: troubleshooting +--- + +# Troubleshoot Microsoft Defender Advanced Threat Protection live response issues + + +**Applies to:** +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + + +This page provides detailed steps to troubleshoot live response issues. + +## File cannot be accessed during live response sessions +If while trying to take an action during a live response session, you encounter an error message stating that the file can't be accessed, you'll need to use the steps below to address the issue. + +1. Copy the following script code snippet and save it as a PS1 file: + + ``` + $copied_file_path=$args[0] + $action=Copy-Item $copied_file_path -Destination $env:TEMP -PassThru -ErrorAction silentlyContinue + + if ($action){ + Write-Host "You copied the file specified in $copied_file_path to $env:TEMP Succesfully" + } + + else{ + Write-Output "Error occoured while trying to copy a file, details:" + Write-Output $error[0].exception.message + + } + ``` + + +2. Add the script to the live response library. +3. Run the script with one parameter: the file path of the file to be copied. +4. Navigate to your TEMP folder. +5. Run the action you wanted to take on the copied file. + + + diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png index 2cb9a5a416..1fba4fa7f5 100644 Binary files a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md index 3963464f4e..5b0a86a447 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md @@ -24,6 +24,11 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +This topic describes how to deploy Microsoft Defender ATP for Mac manually. A successful deployment requires the completion of all of the following steps: +- [Download installation and onboarding packages](#download-installation-and-onboarding-packages) +- [Application installation](#application-installation) +- [Client configuration](#client-configuration) + ## Prerequisites and system requirements Before you get started, see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index 9565fa13e5..da2a6a8dcd 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -24,6 +24,12 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +This topic describes how to deploy Microsoft Defender ATP for Mac through Intune. A successful deployment requires the completion of all of the following steps: +- [Download installation and onboarding packages](#download-installation-and-onboarding-packages) +- [Client device setup](#client-device-setup) +- [Create System Configuration profiles](#create-system-configuration-profiles) +- [Publish application](#publish-application) + ## Prerequisites and system requirements Before you get started, see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. @@ -122,7 +128,10 @@ Once the Intune changes are propagated to the enrolled devices, you can see them 2. Select **App type=Other/Line-of-business app**. 3. Select **file=wdav.pkg.intunemac**. Select **OK** to upload. 4. Select **Configure** and add the required information. -5. Use **macOS Sierra 10.12** as the minimum OS. Other settings can be any arbitrary value. +5. Use **macOS Sierra 10.12** as the minimum OS and set *Ignore app version* to **Yes**. Other settings can be any arbitrary value. + + > [!CAUTION] + > Failure to set *Ignore app version* to **Yes** impacts the ability of the application to receive updates through Microsoft AutoUpdate. See [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md) for additional information about how the product is updated. ![Device status blade screenshot](images/MDATP_8_IntuneAppInfo.png) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index 7105a86af8..44f2ed7150 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -24,6 +24,13 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +This topic describes how to deploy Microsoft Defender ATP for Mac through JAMF. A successful deployment requires the completion of all of the following steps: +- [Download installation and onboarding packages](#download-installation-and-onboarding-packages) +- [Create JAMF policies](#create-jamf-policies) +- [Client device setup](#client-device-setup) +- [Deployment](#deployment) +- [Check onboarding status](#check-onboarding-status) + ## Prerequisites and system requirements Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. @@ -57,7 +64,7 @@ Download the installation and onboarding packages from Windows Defender Security mavel-macmini:Downloads test$ ``` -## Create JAMF Policies +## Create JAMF policies You need to create a configuration profile and a policy to start deploying Microsoft Defender ATP for Mac to client devices. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index 7b04e554d4..0510dc864b 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -35,7 +35,6 @@ If you have any feedback that you would like to share, submit it by opening Micr ### Prerequisites -- Microsoft Defender ATP subscription - Access to the Microsoft Defender Security Center portal - Beginner-level experience in macOS and BASH scripting - Administrative privileges on the device (in case of manual deployment) diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md index e9ada36273..fd0c3af5a7 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md @@ -71,6 +71,6 @@ Security controls which don't support an audit mode should be deployed gradually Security controls which support an audit mode can be deployed using the following methodology: -1. Audit - enable the control in audit mode, and gasther audit data in a centralized location +1. Audit - enable the control in audit mode, and gather audit data in a centralized location 2. Review - review the audit data to assess potential impact (both positive and negative) and configure any exemptions from the security control you need to configure 3. Enforce - deploy the configuration of any exemptions and convert the control to enforce mode
MessageDate
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
Windows 10, version 1903 available by selecting “Check for updates”
Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
June 06, 2019
06:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT
Windows 10, version 1903 available by selecting “Check for updates”
Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
June 06, 2019
06:00 PM PT
Windows 10, version 1903 rollout begins
The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.		May 21, 2019
10:00 AM PT
What’s new in Windows Update for Business
We are enhancing and expanding the capabilities of Windows Update for Business to make the move to the cloud even easier. From simplified branch readiness options to better control over deadlines and reboots, read about the enhancements to Windows Update for Business as a part of Windows 10, version 1903. 		May 21, 2019
10:00 AM PT
What’s new for businesses and IT pros in Windows 10
Explore the newest capabilities for businesses and IT in the latest feature update in the areas of intelligent security, simplified updates, flexible management, and enhanced productivity. 		May 21, 2019
10:00 AM PT