deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 13:57:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #4384 from MicrosoftDocs/FromPrivateRepo

Browse Source 
From private repo
This commit is contained in:
huypub 2019-07-09 10:28:06 -07:00 committed by GitHub
commit 44e7ca3e33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
90 changed files with 620 additions and 1892 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
devices/hololens/TOC.md
View File

@ -10,15 +10,24 @@
## [Enroll HoloLens in MDM](hololens-enroll-mdm.md)
## [Manage updates to HoloLens](hololens-updates.md)
## [Restore HoloLens 2 using Advanced Recovery Companion](hololens-recovery.md)
## [Use the HoloLens Clicker](hololens-clicker.md)
## [Restart or recover the HoloLens clicker](hololens-clicker-restart-recover.md)
# Application Management
## [Install apps on HoloLens](hololens-install-apps.md)
## [Share HoloLens with multiple people](hololens-multiple-users.md)
## [Cortana on HoloLens](hololens-cortana.md)
## [Get apps for HoloLens](hololens-get-apps.md)
## [Use apps on HoloLens](hololens-use-apps.md)
## [Use HoloLens offline](hololens-offline.md)
## [Spaces on HoloLens](hololens-spaces-on-hololens.md)
# User/Access Management
## [Set up single application access](hololens-kiosk.md)
## [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md)
## [How HoloLens stores data for spaces](hololens-spaces.md)
## [Find and save files](hololens-find-and-save-files.md)
# [Insider preview for Microsoft HoloLens](hololens-insider.md)
# [Change history for Microsoft HoloLens documentation](change-history-hololens.md)

46
devices/hololens/hololens-clicker-restart-recover.md Normal file
View File

@ -0,0 +1,46 @@
---
title: Restart or recover the HoloLens clicker
description: Things to try if the HoloLens clicker is unresponsive or isnt working well.
ms.assetid: 13406eca-e2c6-4cfc-8ace-426ff8f837f4
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Restart or recover the HoloLens clicker
Here are some things to try if the HoloLens clicker is unresponsive or isnt working well.
## Restart the clicker
Use the tip of a pen to press and hold the [pairing button](https://support.microsoft.com/en-us/help/12646).
![Hold the pairing button](images/recover-clicker-1.png)
At the same time, click and hold the clicker for 15 seconds. If the clicker was already paired with your HoloLens, it will stay paired after it restarts.
![Hold the clicker](images/recover-clicker-2.png)
If the clicker won't turn on or restart, try charging it using the HoloLens charger. If the battery is very low, it might take a few minutes for the white indicator light to turn on.
## Re-pair the clicker
Go to Settings > Devices and select the clicker. Select Remove, wait a few seconds, then pair the clicker again.
## Recover the clicker
If restarting and re-pairing the clicker dont fix the problem, the Windows Device Recovery Tool can help you recover it. The recovery process may take some time, and the latest version of the clicker software will be installed. To use the tool, youll need a computer running Windows 10 or later with at least 4 GB of free storage space.
To recover the clicker:
1. Download and install the [Windows Device Recovery Tool](https://dev.azure.com/ContentIdea/ContentIdea/_queries/query/8a004dbe-73f8-4a32-94bc-368fc2f2a895/) on your computer.
1. Connect the clicker to your computer using the Micro USB cable that came with your HoloLens.
1. Run the Windows Device Recovery Tool and follow the instructions.
If the clicker isnt automatically detected, select **My device was not detected** and follow the instructions to put your device into recovery mode.

64
devices/hololens/hololens-clicker.md Normal file
View File

@ -0,0 +1,64 @@
---
title: Use the HoloLens Clicker
description:
ms.assetid: 7d4a30fd-cf1d-4c9a-8eb1-1968ccecbe59
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Use the HoloLens Clicker
The clicker was designed specifically for HoloLens and gives you another way to interact with holograms. It comes with HoloLens, in a separate box. Use it in place of hand gestures to select, scroll, move, and resize.
![The HoloLens Clicker](images/use-hololens-clicker-1.png)
## Hold the clicker
To put on the clicker, slide the loop over your ring or middle finger with the Micro USB port toward your wrist. Rest your thumb in the indentation.
![How to hold the Clicker](images/use-hololens-clicker-2.png)
## Clicker gestures
Clicker gestures are small wrist rotations, not the larger movements used for HoloLens hand gestures. And HoloLens will recognize your gestures and clicks even if the clicker is outside the [gesture frame](https://support.microsoft.com/help/12644), so you can hold the clicker in the position that's most comfortable for you.
- **Select**. To select a hologram, button, or other element, gaze at it, then click.
- **Click and hold**. Click and hold your thumb down on the button to do some of the same things you would with tap and hold, like move or resize a hologram.
- **Scroll**. On the app bar, select **Scroll Tool**. Click and hold, then rotate the clicker up, down, left, or right. To scroll faster, move your hand farther from the center of the scroll tool.
- **Zoom**. On the app bar, select **Zoom Tool**. Click and hold, then rotate the clicker up to zoom in, or down to zoom out.
>[!TIP]
>In Microsoft Edge, gaze at a page and double-click to zoom in or out.
## Pair and charge the clicker
To pair the clicker with your HoloLens, see [Pair Bluetooth devices](https://support.microsoft.com/help/12636).
When the clicker battery is low, the battery indicator will blink amber. Plug the Micro USB cable into a USB power supply to charge the device.
## Indicator lights
Here's what the lights on the clicker mean.
- **Blinking white**. The clicker is in pairing mode.
- **Fast-blinking white**. Pairing was successful.
- **Solid white**. The clicker is charging.
- **Blinking amber**. The battery is low.
- **Solid amber**. The clicker ran into an error and you'll need to restart it. While pressing the pairing button, click and hold for 15 seconds.
>[!NOTE]
>If the clicker doesn't respond or won't start, see [Restart or recover the HoloLens clicker](https://support.microsoft.com/help/15555/hololens-restart-or-recover-the-hololens-clicker).

49
devices/hololens/hololens-cortana.md Normal file
View File

@ -0,0 +1,49 @@
---
title: Cortana on HoloLens
description: Cortana can help you do all kinds of things on your HoloLens
ms.assetid: fd96fb0e-6759-4dbe-be1f-58bedad66fed
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Cortana on HoloLens
Cortana can help you do all kinds of things on your HoloLens, from searching the web to shutting down your device. To get her attention, select Cortana on Start or say "Hey Cortana" anytime.
![Hey Cortana!](images/cortana-on-hololens.png)
## What do I say to Cortana
Here are some things you can try saying (remember to say "Hey Cortana" first):
- What can I say?
- Increase the volume.
- Decrease the brightness.
- Shut down.
- Restart.
- Go to sleep.
- Mute.
- Launch <app name>.
- Move <app name> here (gaze at the spot you want the app to move to).
- Go to Start.
- Take a picture.
- Start recording. (Starts recording a video.)
- Stop recording. (Stops recording a video.)
- Call <contact>. (Requires Skype.)
- What time is it?
- Show me the latest NBA scores.
- How much battery do I have left?
- Tell me a joke.
>[!NOTE]
>- Some Cortana features you're used to from Windows on your PC or phone (for example, reminders and notifications) aren't supported in Microsoft HoloLens Development Edition. Cortana on HoloLens is English only, and the Cortana experience may vary among regions.
>- Cortana is on the first time you use HoloLens. You can turn her off in Cortana's settings. In the All apps list, select Cortana > Settings. Then turn off Cortana can give you suggestions, ideas, reminders, alerts, and more.
>- If Cortana isn't responding to "Hey Cortana," go to Cortana's settings and check to make sure she's on.
>- If you turn Cortana off, "Hey Cortana" voice commands won't be available, but you'll still be able to use other commands (like "Select" and "Place").

43
devices/hololens/hololens-find-and-save-files.md Normal file
View File

@ -0,0 +1,43 @@
---
title: Find and save files on HoloLens
description: Use File Explorer on HoloLens to view and manage files on your device
ms.assetid: 77d2e357-f65f-43c8-b62f-6cd9bf37070a
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Find and save files on HoloLens
Files you create on HoloLens, including Office documents, photos, and videos, are saved to your HoloLens. To view and manage them, you can use the File Explorer app on HoloLens or File Explorer on your PC. To sync photos and other files to the cloud, use the OneDrive app on HoloLens.
## View files on HoloLens
Use File Explorer on HoloLens to view and manage files on your device, including 3D objects, documents, and pictures. Go to Start > All apps > File Explorer on HoloLens to get started.
>[!TIP]
>If there are no files listed in File Explorer, select **This Device** in the top left pane.
## View HoloLens files on your PC
To see your HoloLens files in File Explorer on your PC:
1. Sign in to HoloLens, then plug it into the PC using the USB cable that came with the HoloLens.
1. Select **Open Device to view files with File Explorer**, or open File Explorer on the PC and navigate to the device.
>[!TIP]
>To see info about your HoloLens, right-click the device name in File Explorer on your PC, then select **Properties**.
## Sync to the cloud
To sync photos and other files from your HoloLens to the cloud, install and set up OneDrive on HoloLens. To get OneDrive, search for it in the Microsoft Store on your HoloLens.
>[!TIP]
>HoloLens doesn't back up app files and data, so it's a good idea to save your important stuff to OneDrive. That way, if you reset your device or uninstall an app, your info will be backed up.

36
devices/hololens/hololens-get-apps.md Normal file
View File

@ -0,0 +1,36 @@
---
title: Get apps for HoloLens
description: The Microsoft Store is your source for apps and games that work with HoloLens.
ms.assetid: cbe9aa3a-884f-4a92-bf54-8d4917bc3435
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Get apps for HoloLens
The Microsoft Store is your source for apps and games that work with HoloLens. When you go to the Store on your HoloLens, any apps you see there will run on it.
Apps on HoloLens use either 2D view or holographic view. Apps with 2D view look like windows and can be positioned all around you. Apps that use holographic view surround you and become the only app you see.
## Get apps
Open the Microsoft Store from the Start menu. Then browse for apps and games (or use your voice to search), select the microphone on the HoloLens keyboard, and start talking.
To download apps, you'll need to be signed in with a Microsoft account. To buy them, you'll need a payment method associated with the Microsoft account you use on your HoloLens. To set up a payment method, go to [account.microsoft.com](http://account.microsoft.com/) and select **Payment & billing** > **Payment options** > **Add a payment option**.
## Find your apps
Once you've installed an app, you'll find it in the All apps list (Start > All apps ). Keep apps handy by [pinning them to Start](https://support.microsoft.com/help/12638).
App updates are automatic, and they're free.
>[!NOTE]
>- To purchase apps in the Store, the billing address for your payment method must match the country or region your HoloLens is set to.
>- Some apps may not be available in all countries and regions.

25
devices/hololens/hololens-kiosk.md
View File

@ -16,7 +16,7 @@ manager: dansimp
In Windows 10, version 1803, you can configure your HoloLens devices to run as multi-app or single-app kiosks. You can also configure guest access for a HoloLens kiosk device by [designating a SpecialGroup account in your XML file.](#guest)
In Windows 10, version 1803, you can configure your HoloLens devices to run as multi-app or single-app kiosks. You can also configure guest access for a HoloLens kiosk device by [designating a SpecialGroup account in your XML file.](#add-guest-access-to-the-kiosk-configuration-optional)
When HoloLens is configured as a multi-app kiosk, only the allowed apps are available to the user. The benefit of a multi-app kiosk, or fixed-purpose device, is to provide an easy-to-understand experience for individuals by putting in front of them only the things they need to use, and removing from their view the things they dont need to access.
@ -40,15 +40,15 @@ The [AssignedAccess Configuration Service Provider (CSP)](https://docs.microsoft
>Be aware that voice commands are enabled for kiosk mode configured in Microsoft Intune or provisioning packages, even if the Cortana app is not selected as a kiosk app.
For HoloLens devices running Windows 10, version 1803, there are three methods that you can use to configure the device as a kiosk:
- You can use [Microsoft Intune or other mobile device management (MDM) service](#intune-kiosk) to configure single-app and multi-app kiosks.
- You can [use a provisioning package](#ppkg-kiosk) to configure single-app and multi-app kiosks.
- You can [use the Windows Device Portal](#portal-kiosk) to configure single-app kiosks. This method is recommended only for demonstrations, as it requires that developer mode be enabled on the device.
- You can use [Microsoft Intune or other mobile device management (MDM) service](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) to configure single-app and multi-app kiosks.
- You can [use a provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure single-app and multi-app kiosks.
- You can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks. This method is recommended only for demonstrations, as it requires that developer mode be enabled on the device.
For HoloLens devices running Windows 10, version 1607, you can [use the Windows Device Portal](#portal-kiosk) to configure single-app kiosks.
For HoloLens devices running Windows 10, version 1607, you can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks.
## Start layout for HoloLens
If you use [MDM, Microsoft Intune](#intune-kiosk), or a [provisioning package](#ppkg-kiosk) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout.
If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803), or a [provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout.
>[!NOTE]
>Because a single-app kiosk launches the kiosk app when a user signs in, there is no Start screen displayed.
@ -78,7 +78,7 @@ Save the following sample as an XML file. You will select this file when you con
### Start layout for a provisioning package
You will [create an XML file](#ppkg-kiosk) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file.
You will [create an XML file](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file.
```xml
<!-- This section is required for parity with Desktop Assigned Access. It is not currently used on HoloLens -->
@ -104,22 +104,21 @@ You will [create an XML file](#ppkg-kiosk) to define the kiosk configuration to
For HoloLens devices that are managed by Microsoft Intune, you [create a device profile](https://docs.microsoft.com/intune/device-profile-create) and configure the [Kiosk settings](https://docs.microsoft.com/intune/kiosk-settings).
For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, [create an XML file that defines the kiosk configuration](#create-xml-file), and make sure to include the [Start layout](#start-layout-for-a-provisioning-package) in the XML file.
For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, [create an XML file that defines the kiosk configuration](#create-a-kiosk-configuration-xml-file), and make sure to include the [Start layout](#start-layout-for-a-provisioning-package) in the XML file.
## Setup kiosk mode using a provisioning package (Windows 10, version 1803)
Process:
1. [Create an XML file that defines the kiosk configuration.](#create-xml-file)
2. [Add the XML file to a provisioning package.](#add-xml)
3. [Apply the provisioning package to HoloLens.](#apply-ppkg)
1. [Create an XML file that defines the kiosk configuration.](#create-a-kiosk-configuration-xml-file)
2. [Add the XML file to a provisioning package.](#add-the-kiosk-configuration-xml-file-to-a-provisioning-package)
3. [Apply the provisioning package to HoloLens.](#apply-the-provisioning-package-to-hololens)
### Create a kiosk configuration XML file
Follow [the instructions for creating a kiosk configuration XML file for desktop](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps#configure-a-kiosk-using-a-provisioning-package), with the following exceptions:
- Do not include Classic Windows applications (Win32) since they aren't supported on HoloLens.
- Use the [placeholder Start XML](#start-kiosk) for HoloLens.
- Use the [placeholder Start XML](#start-layout-for-hololens) for HoloLens.
#### Add guest access to the kiosk configuration (optional)

22
devices/hololens/hololens-offline.md Normal file
View File

@ -0,0 +1,22 @@
---
title: Use HoloLens offline
description: To set up HoloLens, you'll need to connect to a Wi-Fi network
ms.assetid: b86f603c-d25f-409b-b055-4bbc6edcd301
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Use HoloLens offline
To set up HoloLens, you'll need to connect to a Wi-Fi network—the setup tutorial will show you how.
## HoloLens limitations
After your HoloLens is set up, you can use it without a Wi-Fi connection, but apps that use Internet connections may have limited capabilities when you use HoloLens offline.

39
devices/hololens/hololens-spaces-on-hololens.md Normal file
View File

@ -0,0 +1,39 @@
---
title: Spaces on HoloLens
description: HoloLens blends holograms with your world
ms.assetid: bd55ecd1-697a-4b09-8274-48d1499fcb0b
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Spaces on HoloLens
HoloLens blends holograms with your world, mapping your surroundings to remember where you place your apps and content.
>[!NOTE]
>For your HoloLens to work properly, HoloLens Wi-Fi needs to be turned on, though it doesn't have to be connected to a network.
## Tips for setting up your space
HoloLens works best in certain kinds of environments. Choose a room with adequate light and plenty of space. Avoid dark spaces and rooms with a lot of dark, shiny, or translucent surfaces (for instance, mirrors or gauzy curtains).
>[!NOTE]
>HoloLens is optimized for indoor use. Use it in a safe place with no tripping hazards. [More on safety](https://support.microsoft.com/help/4023454/safety-information).
## Mapping your space
When HoloLens starts mapping your surroundings, you'll see a mesh graphic spreading over the space.
To help HoloLens learn a space, walk around the space and gaze around you. Air tap in a space to light up the mesh and see what's been mapped.
If your space changes significantly—for example, if a piece of furniture is moved—you might need to walk around the space and gaze around you so HoloLens can relearn it.
>[!NOTE]
>If HoloLens is having trouble mapping your space or you're have difficulty placing holograms, see [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq).

39
devices/hololens/hololens-use-apps.md Normal file
View File

@ -0,0 +1,39 @@
---
title: Use apps on HoloLens
description: Apps on HoloLens use either 2D view or holographic view.
ms.assetid: 6bd124c4-731c-4bcc-86c7-23f9b67ff616
ms.reviewer: jarrettrenshaw
manager: v-miegge
keywords: hololens
ms.prod: hololens
ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
---
# Use apps on HoloLens
Apps on HoloLens use either 2D view or holographic view. Apps with 2D view look like windows, and apps with holographic view surround you and become the only app you see.
## Open apps
You'll find your apps either pinned to Start or in the All apps list. To get to the All apps list, use the bloom gesture to go to Start, then select **All apps**.
On Start or in the All apps list, select an app. It will open in a good position for viewing.
>[!NOTE]
>- Up to three 2D app windows can be active at a time. You can open more, but only three will remain active.
>- Each open app can have one active window at a time, except Microsoft Edge, which can have up to three.
>- If you're having problems with apps, make sure there's enough light in your space, and walk around so HoloLens has a current scan. If you keep having trouble, see [HoloLens and holograms: FAQ](https://support.microsoft.com/help/13456/hololens-and-holograms-faq) for more info.
## Move, resize, and rotate apps
After opening an app, you can [change its position and size](https://support.microsoft.com/help/12634).
## Close apps
To close an app that uses 2D view, gaze at it, then select **Close**.
To close an app that uses holographic view, use the bloom gesture to leave holographic view, then select **Close**.

BIN
devices/hololens/images/cortana-on-hololens.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 21 KiB

BIN
devices/hololens/images/recover-clicker-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
devices/hololens/images/recover-clicker-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

BIN
devices/hololens/images/use-hololens-clicker-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
devices/hololens/images/use-hololens-clicker-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

2
devices/surface-hub/TOC.md
View File

@ -20,7 +20,7 @@
### [Configure Easy Authentication for Surface Hub 2S](surface-hub-2s-phone-authenticate.md)
## Deploy
### [First run setup for Surface Hub 2S](surface-hub-2s-setup.md)
### [First time setup for Surface Hub 2S](surface-hub-2s-setup.md)
### [Surface Hub 2S deployment checklist](surface-hub-2s-deploy-checklist.md)
### [Create Surface Hub 2S device account](surface-hub-2s-account.md)
### [Create provisioning packages for Surface Hub 2S](surface-hub-2s-deploy.md)

3
devices/surface-hub/local-management-surface-hub-settings.md
View File

@ -7,7 +7,7 @@ ms.sitesec: library
author: dansimp
ms.author: dansimp
ms.topic: article
ms.date: 06/20/2019
ms.date: 07/08/2019
ms.reviewer:
manager: dansimp
ms.localizationpriority: medium
@ -29,7 +29,6 @@ Surface Hubs have many settings that are common to other Windows devices, but al
| Change admin account password | Surface Hub > Accounts | Change the password for the local admin account. This is only available if you configured the device to use a local admin during first run. |
| Device Management | Surface Hub > Device management | Manage policies and business applications using mobile device management (MDM). |
| Provisioning packages | Surface Hub > Device management | Set or change provisioning packages installed on the Surface Hub. |
| Configure Operations Management Suite (OMS) | Surface Hub > Device management | Set up monitoring for your Surface Hub using OMS. |
| Open the Microsoft Store app | Surface Hub > Apps & features | The Microsoft Store app is only available to admins through the Settings app. |
| Skype for Business domain name | Surface Hub > Calling & Audio | Configure a domain name for your Skype for Business server. |
| Default Speaker volume | Surface Hub > Calling & Audio | Configure the default speaker volume for the Surface Hub when it starts a session. |

4
devices/surface-hub/save-bitlocker-key-surface-hub.md
View File

@ -10,7 +10,7 @@ ms.sitesec: library
author: levinec
ms.author: ellevin
ms.topic: article
ms.date: 06/20/2019
ms.date: 07/08/2019
ms.localizationpriority: medium
---
@ -27,7 +27,7 @@ There are several ways to manage your BitLocker key on the Surface Hub.
2. If youve joined the Surface Hub to Azure Active Directory (Azure AD), the BitLocker key will be stored under the account that was used to join the device.
3. If youre using an admin account to manage the device, you can save the BitLocker key by going to the **Settings** app and navigating to **Update & security** &gt; **Recovery**. Insert a USB drive and select the option to save the BitLocker key. The key will be saved to a text file on the USB drive.
3. If youre using a local admin account to manage the device, you can save the BitLocker key by going to the **Settings** app and navigating to **Update & security** &gt; **Recovery**. Insert a USB drive and select the option to save the BitLocker key. The key will be saved to a text file on the USB drive.
## Related topics

1
devices/surface-hub/surface-hub-2s-setup.md
View File

@ -8,6 +8,7 @@ author: robmazz
ms.author: robmazz
audience: Admin
ms.topic: article
ms.date: 07/03/2019
ms.localizationpriority: Normal
---

4
devices/surface/TOC.md
View File

@ -30,7 +30,7 @@
### [Surface System SKU reference](surface-system-sku-reference.md)
## Manage
### [Maintain optimal power settings on Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)
### [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)
### [Battery Limit setting](battery-limit.md)
### [Surface Brightness Control](microsoft-surface-brightness-control.md)
### [Surface Asset Tag](assettag.md)
@ -49,7 +49,7 @@
## Support
### [Fix common Surface problems using the Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-for-business-intro.md)
### [Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md)
### [Deploy Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md)
### [Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md)
### [Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md)
### [Surface Data Eraser](microsoft-surface-data-eraser.md)

22
devices/surface/change-history-for-surface.md
View File

@ -15,19 +15,27 @@ ms.topic: article
This topic lists new and updated topics in the Surface documentation library.
## July 2019
| **New or changed topic** | **Description** |
| ------------------------ | --------------- |
| [Deploy Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) | Renamed to reflect focus on deployment guidance for IT professionals. Covers minor changes in Version 2.41.139.0. |
## June 2019
New or changed topic | Description
--- | ---
| **New or changed topic** | **Description** |
| ------------------------ | --------------- |
|[Fix common Surface problems using the Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-for-business-intro.md) | New introductory page for the Surface Diagnostic Toolkit for Business. |
| [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) |Updated with summary of recommendations for managing power settings and optimizing battery life. |
[Fix common Surface problems using the Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-for-business-intro.md) | New
## March 2019
New or changed topic | Description
--- | ---
[Surface System SKU reference](surface-system-sku-reference.md) | New
| **New or changed topic** | **Description** |
| ------------------------ | --------------- |
| [Surface System SKU reference](surface-system-sku-reference.md) | New |
## February 2019

5
devices/surface/surface-diagnostic-toolkit-business.md
View File

@ -123,10 +123,9 @@ Creating a custom package allows you to target the tool to specific known issues
*Figure 3. Create custom package*
### Language and telemetry page
### Language and telemetry settings
When you start creating the custom package, youre asked whether you agree to send data to Microsoft to help improve the application. For more information, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). This setting is limited to only sharing data generated while running packages. Sharing is on by default; if you wish to decline, clear the check box.
When creating a package, you can select language settings or opt out of sending telemetry information to Microsoft. By default, SDT sends telemetry to Microsoft that is used to improve the application in accordance with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). If you wish to decline, clear the check box when creating a custom package, as shown below. Or clear the **Send telemetry to Microsoft** check box on the **Install Options** page during SDT Setup.
>[!NOTE]
>This setting does not affect the minimal telemetry automatically stored on Microsoft servers when running tests and repairs that require an Internet connection, such as Windows Update and Software repair, or providing feedback using the Smile or Frown buttons in the app toolbar.

2
windows/application-management/manage-windows-mixed-reality.md
View File

@ -22,7 +22,7 @@ ms.topic: article
[Windows Mixed Reality](https://blogs.windows.com/windowsexperience/2017/10/03/the-era-of-windows-mixed-reality-begins-october-17/) was introduced in Windows 10, version 1709 (also known as the Fall Creators Update), as a [Windows 10 Feature on Demand (FOD)](https://docs.microsoft.com/windows-hardware/manufacture/desktop/features-on-demand-v2--capabilities). Features on Demand are Windows feature packages that can be added at any time. When a Windows 10 PC needs a new feature, it can request the feature package from Windows Update.
Organizations that use Windows Server Update Services (WSUS) must take action to [enable Windows Mixed Reality](#enable). Any organization that wants to prohibit use of Windows Mixed Reality can [block the installation of the Mixed Reality Portal](#block).
Organizations that use Windows Server Update Services (WSUS) must take action to [enable Windows Mixed Reality](#enable-windows-mixed-reality-in-wsus). Any organization that wants to prohibit use of Windows Mixed Reality can [block the installation of the Mixed Reality Portal](#block-the-mixed-reality-portal).
## Enable Windows Mixed Reality in WSUS

22
windows/client-management/mdm/TOC.md
View File

@ -45,28 +45,6 @@
## [DMProcessConfigXMLFiltered](dmprocessconfigxmlfiltered.md)
## [Using PowerShell scripting with the WMI Bridge Provider](using-powershell-scripting-with-the-wmi-bridge-provider.md)
## [WMI providers supported in Windows 10](wmi-providers-supported-in-windows.md)
## [Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)
### [Design a custom configuration service provider](design-a-custom-windows-csp.md)
### [IConfigServiceProvider2](iconfigserviceprovider2.md)
#### [IConfigServiceProvider2::ConfigManagerNotification](iconfigserviceprovider2configmanagernotification.md)
#### [IConfigServiceProvider2::GetNode](iconfigserviceprovider2getnode.md)
### [ICSPNode](icspnode.md)
#### [ICSPNode::Add](icspnodeadd.md)
#### [ICSPNode::Clear](icspnodeclear.md)
#### [ICSPNode::Copy](icspnodecopy.md)
#### [ICSPNode::DeleteChild](icspnodedeletechild.md)
#### [ICSPNode::DeleteProperty](icspnodedeleteproperty.md)
#### [ICSPNode::Execute](icspnodeexecute.md)
#### [ICSPNode::GetChildNodeNames](icspnodegetchildnodenames.md)
#### [ICSPNode::GetProperty](icspnodegetproperty.md)
#### [ICSPNode::GetPropertyIdentifiers](icspnodegetpropertyidentifiers.md)
#### [ICSPNode::GetValue](icspnodegetvalue.md)
#### [ICSPNode::Move](icspnodemove.md)
#### [ICSPNode::SetProperty](icspnodesetproperty.md)
#### [ICSPNode::SetValue](icspnodesetvalue.md)
### [ICSPNodeTransactioning](icspnodetransactioning.md)
### [ICSPValidate](icspvalidate.md)
### [Samples for writing a custom configuration service provider](samples-for-writing-a-custom-configuration-service-provider.md)
## [Configuration service provider reference](configuration-service-provider-reference.md)
### [AccountManagement CSP](accountmanagement-csp.md)
#### [AccountManagement DDF file](accountmanagement-ddf.md)

97
windows/client-management/mdm/create-a-custom-configuration-service-provider.md
View File

@ -1,97 +0,0 @@
---
title: Create a custom configuration service provider
description: Create a custom configuration service provider
ms.assetid: 0cb37f03-5bf2-4451-8276-23f4a1dee33f
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# Create a custom configuration service provider
Mobile device OEMs can create custom configuration service providers to manage their devices. A configuration service provider includes an interface for creating, editing, and deleting nodes, and the nodes themselves. Each node contains data for one registry value and can optionally support get, set, and delete operations.
To design a custom configuration service provider, the OEM must perform the following steps:
1. Establish node semantics
2. Shape the configuration service provider's subtree
3. Choose a transactioning scheme for each node
4. Determine node operations
For more information, see [Designing a custom configuration service provider](design-a-custom-windows-csp.md).
To write a custom configuration service provider, the OEM must implement the following interfaces:
- [IConfigServiceProvider2](iconfigserviceprovider2.md) (one per configuration service provider)
- [ICSPNode](icspnode.md) (one per node)
- [ICSPNodeTransactioning](icspnodetransactioning.md) (optional, for internally transactioned nodes only)
- [ICSPValidate](icspvalidate.md) (optional, for UI only)
This code must be compiled into a single .dll file and added to a package by using the instructions found in "Adding content to a package" in [Creating packages](https://msdn.microsoft.com/library/windows/hardware/dn756642). While writing this code, OEMs can store registry settings and files in the following locations.
<table>
<colgroup>
<col width="50%" />
<col width="50%" />
</colgroup>
<tbody>
<tr class="odd">
<td><p><strong>File location</strong></p></td>
<td><p>%DataDrive%\SharedData\OEM\CSP&lt;/p&gt;</td>
</tr>
<tr class="even">
<td><p><strong>Registry location</strong></p></td>
<td><p>$(HKLM.SOFTWARE)\OEM\CSP&lt;/p&gt;</td>
</tr>
</tbody>
</table>
For examples of how to perform common tasks such as adding a node, replacing a node's value, querying a node's value, or enumerating a node's children, see [Samples for writing a custom configuration service provider](samples-for-writing-a-custom-configuration-service-provider.md).
To register the configuration service provider as a COM object, you must add the following registry setting to your package. This step is required. In the following sample, replace *uniqueCSPguid* with a new, unique CLSID generated for this purpose. Replace *dllName* with the name of the .dll file that contains the code for your configuration service provider.
``` syntax
<RegKeys>
<RegKey KeyName="$(HKCR.CLASSES)\CLSID\{uniqueCSPguid}\InprocServer32">
<RegValue Name="@" Type="REG_SZ" Value="dllName.dll" />
</RegKey>
</RegKeys>
```
To register the configuration service provider with ConfigManager2, you must add the following registry setting to your package. This step is required. In the following sample, replace *dllName* with the name of the configuration service provider (the name of the root node). Replace *uniqueCSPguid* with the same *uniqueCSPguid* value as in the preceding example.
``` syntax
<RegKeys>
<RegKey KeyName="$(HKLM.SOFTWARE)\Microsoft\Provisioning\CSPs\.\Vendor\OEM\{Name}">
<RegValue Name="@" Value="{uniqueCSPguid}" Type="REG_SZ"/>
</RegKey>
</RegKeys>
```
To make the configuration service provider accessible from WAP XML, you must register it with the WAP data processing unit by setting the following registry key in your package. Replace *Name* with the name of the configuration service provider. Leave the GUID value exactly as written here.
``` syntax
<RegKeys>
<RegKey KeyName="$(HKLM.SOFTWARE)\Classes\Name">
<RegValue Name="WAPNodeProcessor" Value="{FB11047A-4051-4d1d-9DCA-C80C5DF98D70}"
Type="REG_SZ"/>
</RegKey>
</RegKeys>
```

169
windows/client-management/mdm/design-a-custom-windows-csp.md
View File

@ -1,169 +0,0 @@
---
title: Design a custom configuration service provider
description: Design a custom configuration service provider
MS-HAID:
- 'p\_phDeviceMgmt.designing\_a\_custom\_configuration\_service\_provider'
- 'p\_phDeviceMgmt.design\_a\_custom\_windows\_csp'
ms.assetid: 0fff9516-a71a-4036-a57b-503ef1a81a37
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# Design a custom configuration service provider
To design a custom configuration service provider, the OEM must perform the following steps:
1. Establish node semantics
2. Shape the configuration service provider's subtree
3. Choose a transactioning scheme for each node
4. Determine node operations
For more information about the larger process of writing a new configuration service provider, see [Create a custom configuration service provider](create-a-custom-configuration-service-provider.md).
## Establish node semantics
First, determine the nodes you need based on the kind of data to be stored in the registry.
Nodes can represent anything from abstract concepts or collections (such as email accounts or connection settings) to more concrete objects (such as registry keys and values, directories, and files).
### Example
For example, a hypothetical Email configuration service provider might have these nodes:
- Account: The name of the email account (such as "Hotmail")
- Username: The user name or email address ("exampleAccount@hotmail.com")
- Password: The user's password
- Server: The DNS address of the server ("mail-serv1-example.mail.hotmail.com")
The `Account`, `Username`, and `Server` nodes would hold text-based information about the email account, the user's email address, and the server address associated with that account. The `Password` node, however, might hold a binary hash of the user's password.
## Shape the configuration service provider's subtree
After determining what the nodes represent, decide where each node fits in the settings hierarchy.
The root node of a configuration service provider's subtree must be the name of the configuration service provider. In this example, the root node is `Email`.
All of the nodes defined in the previous step must reside under the configuration service provider's root node. Leaf nodes should be used to store data, and interior nodes should be used to group the data into logical collections. Node URIs must be unique. In other words, no two nodes can have both the same parent and the same name.
There are three typical scenarios for grouping and structuring the nodes:
- If all of the data belongs to the same component and no further categorizing or grouping is required, you can build a flat tree in which all values are stored directly under the root node. For examples of this design, see [DevInfo configuration service provider](devinfo-csp.md), [HotSpot configuration service provider](hotspot-csp.md), and [w4 APPLICATION configuration service provider](w4-application-csp.md).
- If the configuration service provider's nodes represent a preexisting set of entities whose structure is well-defined (such as directories and files), the configuration service provider's nodes can simply mirror the existing structure.
- If the data must be grouped by type or component, a more complex structure is required. This is especially true when there can be multiple instances of the dataset on the device, and each set is indexed by an ID, account name, or account type. In this case, you must build a more complex tree structure. For examples, see [ActiveSync configuration service provider](activesync-csp.md), [CertificateStore configuration service provider](certificatestore-csp.md), and [CMPolicy configuration service provider](cmpolicy-csp.md).
### Example
The following image shows an incorrect way to structure the hypothetical `Email` configuration service provider. The interior `Account` nodes group the account data (server name, user name, and user password).
![provisioning\-customcsp\-example1](images/provisioning-customcsp-example1.png)
However, the account nodes in this design are not unique. Even though the nodes are grouped sensibly, the path for each of the leaf nodes is ambiguous. There is no way to disambiguate the two `Username` nodes, for example, or to reliably access the same node by using the same path. This structure will not work. The easiest solution to this problem is usually to replace an interior node (the grouping node) by:
1. Promoting a child node.
2. Using the node value as the name of the new interior node.
The following design conveys the same amount of information as the first design, but all nodes have a unique path, and therefore it will work.
![provisioning\-customcsp\-example2](images/provisioning-customcsp-example2.png)
In this case, the `Server` nodes have been promoted up one level to replace the `Account` nodes, and their values are now used as the node names. For example, you could have two different email accounts on the phone, with server names "www.hotmail.com" and "exchange.microsoft.com", each of which stores a user name and a password.
Note that the process of shaping the configuration service providers subtree influences the choice of transactioning schemes for each node. If possible, peer nodes should not have dependencies on each other. Internode dependencies other than parent/child relationships create mandatory groups of settings, which makes configuration service provider development more difficult.
## Choose a transactioning scheme for each node
For each node, decide whether to use *external transactioning* or *internal transactioning* to manage the transaction phases (rollback persistence, rollback, and commitment) for the node.
External transactioning is the simplest option because it allows ConfigManager2 to automatically handle the node's transactioning.
However, you must use internal transactioning for the following types of nodes:
- A node that supports the **Execute** method.
- A node that contains sensitive information (such as a password) that must not be saved in plain text in the ConfigManager2 rollback document.
- A node that has a dependency on another node that is not a parent. For example, if a parent node has two children that are both required, the configuration service provider could use internal transactioning to defer provisioning the account until both values are set.
You can choose to mix transactioning modes in your configuration service provider, using internal transactioning for some operations but external transactioning for others. For more information about writing an internally transactioned node, see the [ICSPNodeTransactioning](icspnodetransactioning.md) interface.
## Determine node operations
The operations available for each node can vary depending on the purpose of the configuration service provider. The configuration service provider will be easier to use if the operations are consistent. For more information about the supported operations, see the [ICSPNode](icspnode.md) interface.
For externally transactioned nodes, an operation implementation must include the contrary operations shown in the following table to allow rollback of the operation.
For internally transactioned nodes, the practice of implementing the contrary commands for each command is recommended, but not required.
<table>
<colgroup>
<col width="50%" />
<col width="50%" />
</colgroup>
<thead>
<tr class="header">
<th>Node operation</th>
<th>Contrary node operation</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><strong>Add</strong></p></td>
<td><p><strong>Clear</strong> and <strong>DeleteChild</strong></p></td>
</tr>
<tr class="even">
<td><p><strong>Copy</strong></p></td>
<td><p>To copy to a new node: <strong>Clear</strong> and <strong>DeleteChild</strong></p>
<p>To copy to an existing node: <strong>Add</strong> and <strong>SetValue</strong></p></td>
</tr>
<tr class="odd">
<td><p><strong>Clear</strong></p></td>
<td><p>To restore the state of the deleted node: <strong>SetValue</strong> and <strong>SetProperty</strong></p></td>
</tr>
<tr class="even">
<td><p><strong>DeleteChild</strong></p></td>
<td><p>To restore the old node: <strong>Add</strong></p></td>
</tr>
<tr class="odd">
<td><p><strong>DeleteProperty</strong></p></td>
<td><p>To restore the deleted property: <strong>SetProperty</strong></p></td>
</tr>
<tr class="even">
<td><p><strong>Execute</strong></p></td>
<td><p>Externally transactioned nodes do not support the <strong>Execute</strong> command.</p></td>
</tr>
<tr class="odd">
<td><p><strong>GetValue</strong></p></td>
<td><p>None</p></td>
</tr>
<tr class="even">
<td><p><strong>Move</strong></p></td>
<td><p>To restore a source node: <strong>Move</strong></p>
<p>To restore an overwritten target node: <strong>Add</strong> and <strong>SetValue</strong></p></td>
</tr>
<tr class="odd">
<td><p><strong>SetValue</strong></p></td>
<td><p>To restore the previous value: <strong>SetValue</strong></p></td>
</tr>
</tbody>
</table>

57
windows/client-management/mdm/iconfigserviceprovider2.md
View File

@ -1,57 +0,0 @@
---
title: IConfigServiceProvider2
description: IConfigServiceProvider2
ms.assetid: 8deec0fb-59a6-4d08-8ddb-6d0d3d868a10
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# IConfigServiceProvider2
OEMs are required to implement this interface once per configuration service provider. ConfigManager2 clients use this interface to instantiate the configuration service provider, to communicate general state information to the configuration service provider, and often to access or create nodes.
The following table shows the methods defined by this interface that OEMs must implement.
<table>
<colgroup>
<col width="50%" />
<col width="50%" />
</colgroup>
<thead>
<tr class="header">
<th>Method</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><a href="iconfigserviceprovider2configmanagernotification.md" data-raw-source="[IConfigServiceProvider2::ConfigManagerNotification](iconfigserviceprovider2configmanagernotification.md)">IConfigServiceProvider2::ConfigManagerNotification</a></p></td>
<td><p>Enables ConfigManager2 to send notifications to a configuration service provider of events such as when the configuration service provider is loaded or unloaded, when rollbacks are performed, and when actions are called on nodes.</p></td>
</tr>
<tr class="even">
<td><p><a href="iconfigserviceprovider2getnode.md" data-raw-source="[IConfigServiceProvider2::GetNode](iconfigserviceprovider2getnode.md)">IConfigServiceProvider2::GetNode</a></p></td>
<td><p>Returns a node from the configuration service provider based on the path relative to the root node.</p></td>
</tr>
</tbody>
</table>
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

146
windows/client-management/mdm/iconfigserviceprovider2configmanagernotification.md
View File

@ -1,146 +0,0 @@
---
title: IConfigServiceProvider2 ConfigManagerNotification
description: IConfigServiceProvider2 ConfigManagerNotification
ms.assetid: b1f0fe0f-afbe-4b36-a75d-34239a86a75c
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# IConfigServiceProvider2::ConfigManagerNotification
This method enables ConfigManager2 to send notifications of events to a configuration service provider, such as when the configuration service provider is loaded or unloaded, when rollbacks are performed, and when actions are called on nodes.
## Syntax
``` syntax
HRESULT ConfigManagerNotification([in] CFGMGR_NOTIFICATION cmnfyState,
[in] LPARAM lpParam);
```
## Parameters
<a href="" id="cmnfystate"></a>*cmnfyState*
<ul style="list-style-type:none">
<li>
The following events are supported by all configuration service providers.
<table>
<colgroup>
<col width="50%" />
<col width="50%" />
</colgroup>
<thead>
<tr class="header">
<th>Event</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p>CFGMGR_NOTIFICATION_LOAD</p></td>
<td><p>First time the configuration service provider is loaded/instantiated.</p></td>
</tr>
<tr class="even">
<td><p>CFGMGR_NOTIFICATION_BEGINCOMMANDPROCESSING</p></td>
<td><p>About to run the first command of a transaction.</p></td>
</tr>
<tr class="odd">
<td><p>CFGMGR_NOTIFICATION_ENDCOMMANDPROCESSING</p></td>
<td><p>Last command of transaction has executed. This event is always raised if <code>BEGINCOMMANDPROCESSING</code> was raised, even if the handling of <code>BEGINCOMMANDPROCESSING</code> failed.</p></td>
</tr>
<tr class="even">
<td><p>CFGMGR_NOTIFICATION_BEGINCOMMIT</p></td>
<td><p>About to commit the first command of a transaction.</p></td>
</tr>
<tr class="odd">
<td><p>CFGMGR_NOTIFICATION_ENDCOMMIT</p></td>
<td><p>Last command of a transaction has been committed. This event is always raised if <code>BEGINCOMMIT</code> was raised, even if the handling of <code>BEGINCOMMIT</code> failed.</p></td>
</tr>
<tr class="even">
<td><p>CFGMGR_NOTIFICATION_BEGINROLLBACK</p></td>
<td><p>About to roll back the first command of the transaction.</p></td>
</tr>
<tr class="odd">
<td><p>CFGMGR_NOTIFICATION_ENDROLLBACK</p></td>
<td><p>Last command of the transaction has been rolled back. This event is always raised if <code>BEGINROLLBACK</code> was raised, even if the handling of <code>BEGINROLLBACK</code> failed.</p></td>
</tr>
<tr class="even">
<td><p>CFGMGR_NOTIFICATION_UNLOAD</p></td>
<td><p>The configuration service provider is about to be unloaded/deleted.</p></td>
</tr>
<tr class="odd">
<td><p>CFGMGR_NOTIFICATION_SETSESSIONOBJ</p></td>
<td><p>Session object is available for use; <em>lpParam</em> can be cast to an IConfigSession2 pointer.</p></td>
</tr>
<tr class="even">
<td><p>CFGMGR_NOTIFICATION_BEGINTRANSACTIONING</p></td>
<td><p>Primarily used for compatibility with v1 configuration service providers. Signals the beginning of a transactioning sequence.</p></td>
</tr>
<tr class="odd">
<td><p>CFGMGR_NOTIFICATION_ENDTRANSACTIONING</p></td>
<td><p>Primarily used for compatibility with v1 configuration service providers. Signals the end of a transactioning sequence.</p></td>
</tr>
</tbody>
</table>
</li>
</ul>
<br>
<a href="" id="lpparam"></a>*lpParam*
<ul style="list-style-type:none">
<li>
Normally NULL, but contains a pointer to an IConfigSession2 instance if <em>cmnfState</em> is CFGMGR_NOTIFICATION_SETSESSIONOBJ.
</li>
</ul>
<br>
## Return Value
A value of S\_OK indicates success.
## Remarks
ConfigManager2 guarantees that if it raised one of the BEGIN events
- CFGMGR\_NOTIFICATION\_BEGINCOMMANDPROCESSING
- CFGMGR\_NOTIFICATION\_BEGINCOMMIT
- CFGMGR\_NOTIFICATION\_BEGINROLLBACK
then the corresponding END event will be raised, even if the handling of the BEGIN notification failed.
For each transaction, the sequence of notifications is:
1. BEGINCOMMANDPROCESSING
2. BEGINTRANSACTIONING
3. ENDTRANSACTIONING
4. ENDCOMMANDPROCESSING
5. Either BEGINCOMMIT or BEGINROLLBACK, depending on whether the transaction succeeded or failed.
6. Either ENDCOMMIT or ENDROLLBACK, depending on whether the transaction succeeded or failed.
Each configuration service provider will receive the relevant BEGIN/END notifications exactly once per each transaction that ConfigManager2 executes.
## Requirements
**Header:** None

106
windows/client-management/mdm/iconfigserviceprovider2getnode.md
View File

@ -1,106 +0,0 @@
---
title: IConfigServiceProvider2 GetNode
description: IConfigServiceProvider2 GetNode
ms.assetid: 4dc10a59-f6a2-45c0-927c-d594afc9bb91
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# IConfigServiceProvider2::GetNode
This method returns a node from the configuration service provider based on the path that was passed in. The returned node is a descendent of the root node.
## Syntax
``` syntax
HRESULT GetNode([in] IConfigManager2URI* pURI,
[out] ICSPNode** ppNode,
[in, out] DWORD* pgrfNodeOptions);
```
## Parameters
<a href="" id="puri"></a>*pUri*
<ul style="list-style-type:none">
<li>
URI of the child node, relative to the root node. For example, to access the &quot;./Vendor/Contoso/SampleCSP/ContainerA/UserName&quot; node, ConfigManager2 calls the configuration service provider&#39;s <code>GetNode</code> method and passes in an IConfigManager2URI instance representing the URI “SampleCSP/ContainerA/UserName”.
</li>
</ul>
<br>
<a href="" id="ppnode"></a><em>ppNode</em>
<ul style="list-style-type:none">
<li>
If the query is successful, this returns the ICSPNode instance at the <em>pUri</em> location in the configuration service provider&#39;s tree.
</li>
</ul>
<br>
<a href="" id="pgrfnodeoptions"></a><em>pgrfNodeOptions</em>
<ul style="list-style-type:none">
<li>
Nodes support the following features.
<table>
<colgroup>
<col width="33%" />
<col width="33%" />
<col width="33%" />
</colgroup>
<thead>
<tr class="header">
<th>Feature name</th>
<th>Bit value (in hex)</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><code>CSPNODE_OPTION_NATIVESECURITY</code></p></td>
<td><p>0x01</p></td>
<td><p>The native security option signifies that the node handles its own security checking, and that ConfigManager2 does not have to manage security for this node.</p></td>
</tr>
<tr class="even">
<td><p><code>CSPNODE_OPTION_INTERNALTRANSACTION</code></p></td>
<td><p>0x02</p></td>
<td><p>The internal transactioning option tells ConfigManager2 that the configuration service provider handles the transactioning (rollback and commitment) for the node. To handle internal transactioning, the node must implement the <a href="icspnodetransactioning.md" data-raw-source="[ICSPNodeTransactioning](icspnodetransactioning.md)">ICSPNodeTransactioning</a>.</p></td>
</tr>
<tr class="odd">
<td><p><code>CSPNODE_OPTION_HANDLEALLPROPERTIES</code></p></td>
<td><p>0x04</p></td>
<td><p>Unused.</p></td>
</tr>
<tr class="even">
<td><p><code>CSPNODE_OPTION_SECRETDATA</code></p></td>
<td><p>0x08</p></td>
<td><p>Unused.</p></td>
</tr>
</tbody>
</table>
</li>
</ul>
<br>
## Return Value
This method returns an ICSPNode. If the function returns null, call GetLastError to get the error value.
A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_NODENOTFOUND indicates that the node does not exist. Note that this may be normal, as in the case of optional nodes.
## Requirements
**Header:** None

104
windows/client-management/mdm/icspnode.md
View File

@ -1,104 +0,0 @@
---
title: ICSPNode
description: ICSPNode
ms.assetid: 023466e6-a8ab-48ad-8548-291409686ac2
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode
This interface does most of the work in a configuration service provider. Each individual node in a configuration service provider tree is represented by a separate implementation of this interface. The actions of a ConfigManager2 client are typically translated into calls to an instance of an ICSPNode.
These methods must be implemented so that, if they fail, the node's state at the end of the method matches the state before the method was called.
Some nodes will not be able to perform certain actions, and can return CFGMGR\_E\_COMMANDNOTALLOWED for those methods. For each method that is implemented for externallytransactioned nodes, the contrary method must also be implemented, as defined by "Determine node operations" in [Designing a custom configuration service provider](design-a-custom-windows-csp.md).
The following table shows the methods defined by this interface that OEMs must implement.
<table>
<colgroup>
<col width="50%" />
<col width="50%" />
</colgroup>
<thead>
<tr class="header">
<th>Method</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><a href="icspnodeadd.md" data-raw-source="[ICSPNode::Add](icspnodeadd.md)">ICSPNode::Add</a></p></td>
<td><p>Adds an immediate child to a configuration service provider node and returns a pointer to the new child node.</p></td>
</tr>
<tr class="even">
<td><p><a href="icspnodeclear.md" data-raw-source="[ICSPNode::Clear](icspnodeclear.md)">ICSPNode::Clear</a></p></td>
<td><p>Deletes the contents and children of the current configuration service provider node. Called before <a href="icspnodedeletechild.md" data-raw-source="[ICSPNode::DeleteChild](icspnodedeletechild.md)">ICSPNode::DeleteChild</a>.</p></td>
</tr>
<tr class="odd">
<td><p><a href="icspnodecopy.md" data-raw-source="[ICSPNode::Copy](icspnodecopy.md)">ICSPNode::Copy</a></p></td>
<td><p>Makes a copy of the current node at the specified path within the configuration service provider. If the target node exists, it should be overwritten.</p></td>
</tr>
<tr class="even">
<td><p><a href="icspnodedeletechild.md" data-raw-source="[ICSPNode::DeleteChild](icspnodedeletechild.md)">ICSPNode::DeleteChild</a></p></td>
<td><p>Deletes the specified child node from the configuration service provider node.</p></td>
</tr>
<tr class="odd">
<td><p><a href="icspnodedeleteproperty.md" data-raw-source="[ICSPNode::DeleteProperty](icspnodedeleteproperty.md)">ICSPNode::DeleteProperty</a></p></td>
<td><p>Deletes a property from a configuration service provider node.</p></td>
</tr>
<tr class="even">
<td><p><a href="icspnodeexecute.md" data-raw-source="[ICSPNode::Execute](icspnodeexecute.md)">ICSPNode::Execute</a></p></td>
<td><p>Runs a task on an internally-transactioned configuration service provider node by passing in the specified user data and returning a result.</p></td>
</tr>
<tr class="odd">
<td><p><a href="icspnodegetchildnodenames.md" data-raw-source="[ICSPNode::GetChildNodeNames](icspnodegetchildnodenames.md)">ICSPNode::GetChildNodeNames</a></p></td>
<td><p>Returns the list of children for a configuration service provider node.</p></td>
</tr>
<tr class="even">
<td><p><a href="icspnodegetproperty.md" data-raw-source="[ICSPNode::GetProperty](icspnodegetproperty.md)">ICSPNode::GetProperty</a></p></td>
<td><p>Returns a property value from a configuration service provider node.</p></td>
</tr>
<tr class="odd">
<td><p><a href="icspnodegetpropertyidentifiers.md" data-raw-source="[ICSPNode::GetPropertyIdentifiers](icspnodegetpropertyidentifiers.md)">ICSPNode::GetPropertyIdentifiers</a></p></td>
<td><p>Returns a list of non-standard properties supported by the node. The returned array must be allocated with <code>CoTaskMemAlloc</code>.</p></td>
</tr>
<tr class="even">
<td><p><a href="icspnodegetvalue.md" data-raw-source="[ICSPNode::GetValue](icspnodegetvalue.md)">ICSPNode::GetValue</a></p></td>
<td><p>Gets the value and data type for the node. Interior (non-leaf) nodes may not have a value.</p></td>
</tr>
<tr class="odd">
<td><p><a href="icspnodemove.md" data-raw-source="[ICSPNode::Move](icspnodemove.md)">ICSPNode::Move</a></p></td>
<td><p>Moves this node to a new location within the configuration service provider. If the target node already exists, it should be overwritten.</p></td>
</tr>
<tr class="even">
<td><p><a href="icspnodesetproperty.md" data-raw-source="[ICSPNode::SetProperty](icspnodesetproperty.md)">ICSPNode::SetProperty</a></p></td>
<td><p>Sets a property value for a configuration service provider node.</p></td>
</tr>
<tr class="odd">
<td><p><a href="icspnodesetvalue.md" data-raw-source="[ICSPNode::SetValue](icspnodesetvalue.md)">ICSPNode::SetValue</a></p></td>
<td><p>Sets the value for the configuration service provider node. It is an error to attempt to set the value of an interior node.</p></td>
</tr>
</tbody>
</table>
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

118
windows/client-management/mdm/icspnodeadd.md
View File

@ -1,118 +0,0 @@
---
title: ICSPNode Add
description: ICSPNode Add
ms.assetid: 5f03d350-c82b-4747-975f-385fd8b5b3a8
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::Add
This method adds an immediate child node to a configuration service provider node and returns a pointer to the new node.
## Syntax
``` syntax
HRESULT Add([in] IConfigManager2URI* pChildName,
[in] CFG_DATATYPE DataType,
[in] VARIANT varValue,
[in, out] ICSPNode** ppNewNode,
[in, out] DWORD* pgrfNodeOptions);
```
## Parameters
<a href="" id="pchildname"></a>*pChildName*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Name of child node to add.
<a href="" id="datatype"></a>*DataType*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Data type of the child node to add. Supported types include:
- CFG\_DATATYPE\_NODE
- CFG\_DATATYPE\_NULL
- CFG\_DATATYPE\_BINARY
- CFG\_DATATYPE\_INTEGER
- CFG\_DATATYPE\_STRING
- CFG\_DATATYPE\_MULTIPLE\_STRING
<a href="" id="varvalue"></a>*varValue*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Value of the child node to add.
<a href="" id="ppnewnode"></a>*ppNewNode*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;New child node to return.
<a href="" id="pgrfnodeoptions"></a>*pgrfNodeOptions*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Features supported on the new child node.
<table style="margin-left:26px">
<colgroup>
<col width="33%" />
<col width="33%" />
<col width="33%" />
</colgroup>
<thead>
<tr class="header">
<th>Feature name</th>
<th>Bit value (in hex)</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td style="vertical-align:top"><p><code>CSPNODE_OPTION_NATIVESECURITY</code></p></td>
<td style="vertical-align:top"><p>0x01</p></td>
<td style="vertical-align:top"><p>The native security option signifies that the node handles its own security checking, and that ConfigManager2 does not have to manage security for this node.</p></td>
</tr>
<tr class="even">
<td style="vertical-align:top"><p><code>CSPNODE_OPTION_INTERNALTRANSACTION</code></p></td>
<td style="vertical-align:top"><p>0x02</p></td>
<td style="vertical-align:top"><p>The internal transactioning option tells ConfigManager2 that the configuration service provider handles the transactioning (rollback and commitment) for the node. To handle internal transactioning, the node must implement the <a href="icspnodetransactioning.md" data-raw-source="[ICSPNodeTransactioning](icspnodetransactioning.md)">ICSPNodeTransactioning</a>.</p></td>
</tr>
<tr class="odd">
<td style="vertical-align:top"><p><code>CSPNODE_OPTION_HANDLEALLPROPERTIES</code></p></td>
<td style="vertical-align:top"><p>0x04</p></td>
<td style="vertical-align:top"><p>Unused.</p></td>
</tr>
<tr class="even">
<td style="vertical-align:top"><p><code>CSPNODE_OPTION_SECRETDATA</code></p></td>
<td style="vertical-align:top"><p>0x08</p></td>
<td style="vertical-align:top"><p>Unused.</p></td>
</tr>
</tbody>
</table>
## Return Value
This method returns an ICSPNode and the feature options supported on that child node. If the method returns null, call GetLastError to get the error value.
A value of S\_OK indicates that a node was successfully found. CMN\_E\_ALREADY\_EXISTS indicates that a child node with the same name already exists. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **Add** method.
## Remarks
For externallytransactioned nodes, if this method is implemented, then [ICSPNode::Clear](icspnodeclear.md) and [ICSPNode::DeleteChild](icspnodedeletechild.md) must also be implemented or rollback will fail.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

53
windows/client-management/mdm/icspnodeclear.md
View File

@ -1,53 +0,0 @@
---
title: ICSPNode Clear
description: ICSPNode Clear
ms.assetid: b414498b-110a-472d-95c0-2d5b38cd78a6
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::Clear
This method deletes the contents and child nodes of the current configuration service provider node. This method is always called on the child node before [ICSPNode::DeleteChild](icspnodedeletechild.md) is called on the parent node.
## Syntax
``` syntax
HRESULT Clear();
```
## Return Value
A value of S\_OK indicates that the node was successfully cleared. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **Clear** method.
## Remarks
For externallytransactioned nodes, if this method is implemented, then [ICSPNode::SetValue](icspnodesetvalue.md) and [ICSPNode::SetProperty](icspnodesetproperty.md) must also be implemented or rollback will fail.
Before calling **Clear** on the target node, ConfigManager2 attempts to gather the current state of the node; the parent node does not have to preserve the state of its child nodes if they are externally-transactioned.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)
 

96
windows/client-management/mdm/icspnodecopy.md
View File

@ -1,96 +0,0 @@
---
title: ICSPNode Copy
description: ICSPNode Copy
ms.assetid: cd5ce0bc-a08b-4f82-802d-c7ff8701b41f
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::Copy
This method makes a copy of the current node at the specified path within the configuration service provider. If the target node exists, it should be overwritten.
## Syntax
``` syntax
HRESULT Copy([in] IConfigManager2URI* puriDestination,
[in, out] ICSPNode** ppNewNode,
[in, out] DWORD* pgrfNodeOptions);
```
## Parameters
<a href="" id="puridestination"></a>*puriDestination*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Path and name of new node's location, relative to the configuration service provider's root node.
<a href="" id="ppnewnode"></a>*ppNewNode*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;New node created by the copy operation.
<a href="" id="pgrfnodeoptions"></a>*pgrfNodeOptions*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Features supported on the new node.
<table style="margin-left:26px">
<colgroup>
<col width="33%" />
<col width="33%" />
<col width="33%" />
</colgroup>
<thead>
<tr class="header">
<th>Feature name</th>
<th>Bit value (in hex)</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td><p><code>CSPNODE_OPTION_NATIVESECURITY</code></p></td>
<td><p>0x01</p></td>
<td><p>The native security option signifies that the node handles its own security checking, and that ConfigManager2 does not have to manage security for this node.</p></td>
</tr>
<tr class="even">
<td><p><code>CSPNODE_OPTION_INTERNALTRANSACTION</code></p></td>
<td><p>0x02</p></td>
<td><p>The internal transactioning option tells ConfigManager2 that the configuration service provider handles the transactioning (rollback and commitment) for the node. To handle internal transactioning, the node must implement the <a href="icspnodetransactioning.md" data-raw-source="[ICSPNodeTransactioning](icspnodetransactioning.md)">ICSPNodeTransactioning</a>.</p></td>
</tr>
<tr class="odd">
<td><p><code>CSPNODE_OPTION_HANDLEALLPROPERTIES</code></p></td>
<td><p>0x04</p></td>
<td><p>Unused.</p></td>
</tr>
<tr class="even">
<td><p><code>CSPNODE_OPTION_SECRETDATA</code></p></td>
<td><p>0x08</p></td>
<td><p>Unused.</p></td>
</tr>
</tbody>
</table>
## Return Value
A value of S\_OK indicates that the node was successfully copied to the new location. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **Copy** method.
## Remarks
For externallytransactioned nodes, if this method is implemented, then [ICSPNode::Add](icspnodeadd.md), [ICSPNode::SetValue](icspnodesetvalue.md), [ICSPNode::Clear](icspnodeclear.md), and [ICSPNode::DeleteChild](icspnodedeletechild.md) must also be implemented or rollback will fail.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

59
windows/client-management/mdm/icspnodedeletechild.md
View File

@ -1,59 +0,0 @@
---
title: ICSPNode DeleteChild
description: ICSPNode DeleteChild
ms.assetid: 8cf3663d-a4cf-4d11-b03a-f1d096ad7f9c
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::DeleteChild
Deletes the specified child node from the configuration service provider node. [ICSPNode::Clear](icspnodeclear.md) must always be called first on the child node that is to be deleted.
## Syntax
``` syntax
HRESULT DeleteChild([in] IConfigManager2URI* puriChildToDelete);
```
## Parameters
<a href="" id="purichildtodelete"></a>*puriChildToDelete*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The name of the child node to delete.
## Return Values
| Return Value | Description |
|------------------------------|--------------------------------------------------|
| CFGMGR\_E\_NODENOTFOUND | The child node does not exist |
| CFGMGR\_E\_COMMANDNOTALLOWED | The child node to be deleted is a read-only node |
| S\_OK | Success. |
 
A value of S\_OK indicates that a node was successfully deleted. CFGMGR\_E\_NODENOTFOUND indicates that the child node does not exist. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::DeleteChild** method, or that the child node to be deleted is a read-only node.
## Remarks
For externallytransactioned nodes, if this method is implemented, then [ICSPNode::Add](icspnodeadd.md) must also be implemented or rollback will fail.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)
 

52
windows/client-management/mdm/icspnodedeleteproperty.md
View File

@ -1,52 +0,0 @@
---
title: ICSPNode DeleteProperty
description: ICSPNode DeleteProperty
ms.assetid: 7e21851f-d663-4558-b3e8-590d24b4f6c4
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::DeleteProperty
This method deletes a property from a configuration service provider node.
## Syntax
``` syntax
HRESULT DeleteProperty([in] REFGUID guidProperty);
```
## Parameters
<a href="" id="guidproperty"></a>*guidProperty*
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The GUID of the property to delete.
## Return Value
A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_PROPERTYNOTSUPPORTED indicates that this node does not manage or implement the property itself, but delegates it to ConfigManager2. E\_NOTIMPL indicates this method is not supported by this node.
## Remarks
For externallytransactioned nodes, if this method is implemented, then [ICSPNode::SetProperty](icspnodesetproperty.md) must also be implemented or rollback will fail.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)
 

50
windows/client-management/mdm/icspnodeexecute.md
View File

@ -1,50 +0,0 @@
---
title: ICSPNode Execute
description: ICSPNode Execute
ms.assetid: 5916e7b7-256d-49fd-82b6-db0547a215ec
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::Execute
This method runs a task on an internally-transactioned configuration service provider node by passing in the specified user data and returning a result. The exact meaning of **Execute** and whether it is even supported depends on the purpose of the node. For example, **Execute** called on a node that represents a file should probably **ShellExecute** the file, whereas calling **Execute** on a registry node generally does not make sense.
## Syntax
``` syntax
HRESULT Execute([in] VARIANT varUserData);
```
## Parameters
<a href="" id="varuserdata"></a>*varUserData*
&nbsp;&nbsp;&nbsp;&nbsp;Data to pass into the execution.
## Return Value
A value of S\_OK indicates that the operation was performed successfully on the node. E\_NOTIMPL should be returned if this method is not implemented.
## Remarks
Externallytransactioned nodes do not support this method.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)
 

56
windows/client-management/mdm/icspnodegetchildnodenames.md
View File

@ -1,56 +0,0 @@
---
title: ICSPNode GetChildNodeNames
description: ICSPNode GetChildNodeNames
ms.assetid: dc057f2b-282b-49ac-91c4-bb83bd3ca4dc
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::GetChildNodeNames
This method returns the list of child nodes for a configuration service provider node.
## Syntax
``` syntax
HRESULT GetChildNodeNames([out] ULONG* pulCount,
[out,size_is(,*pulCount)] BSTR** pbstrNodeNames);
```
## Parameters
<a href="" id="pulcount"></a>*pulCount*
<p style="margin-left: 25px">The number of child nodes to return.</p>
<a href="" id="pbstrnodenames"></a>*pbstrNodeNames*
<p style="margin-left: 25px">The array of child node names. The returned array must be allocated with <code>CoTaskMemAlloc</code>. Each element of the array must be a valid, non-NULL <code>BSTR</code>, allocated by <code>SysAllocString</code> or <code>SysAllocStringLen</code>. The names returned must not be encoded in any way, including URI-encoding, for canonicalization reasons.</p>
## Return Value
A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this was called on a leaf node (no children will be returned).
## Remarks
For externallytransactioned nodes, no additional methods are required for successful rollback.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

58
windows/client-management/mdm/icspnodegetproperty.md
View File

@ -1,58 +0,0 @@
---
title: ICSPNode GetProperty
description: ICSPNode GetProperty
ms.assetid: a2bdc158-72e0-4cdb-97ce-f5cf1a44b7db
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::GetProperty
This method returns a property value from a configuration service provider node.
## Syntax
``` syntax
HRESULT GetProperty([in] REFGUID guidProperty,
[in,out] VARIANT* pvarValue);
```
## Parameters
<a href="" id="guidproperty"></a>*guidProperty*
<p style="margin-left: 25px">GUID that specifies the property to return.</p>
<a href="" id="pvarvalue"></a>*pvarValue*
<p style="margin-left: 25px">Value to return.</p>
## Return Value
A value of S\_OK indicates that the value was successfully returned. CFGMGR\_E\_COMMANDNOTSUPPORTED indicates that the node does not implement the property itself, but delegates the management of the property to ConfigManager2.
## Remarks
Every node must handle the CFGMGR\_PROPERTY\_DATATYPE property.
For externallytransactioned nodes, no additional methods are required for successful rollback.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

55
windows/client-management/mdm/icspnodegetpropertyidentifiers.md
View File

@ -1,55 +0,0 @@
---
title: ICSPNode GetPropertyIdentifiers
description: ICSPNode GetPropertyIdentifiers
ms.assetid: 8a052cd3-d74c-40c4-845f-f804b920deb4
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::GetPropertyIdentifiers
This method returns a list of non-standard properties supported by the node. The returned array must be allocated with `CoTaskMemAlloc`.
## Syntax
``` syntax
HRESULT GetPropertyIdentifiers([out] ULONG* pulCount,
[out,size_is(,*pulCount)] GUID** pguidProperties);
```
## Parameters
<a href="" id="pulcount"></a>*pulCount*
<p style="margin-left: 25px">The number of non-standard properties to return.</p>
<a href="" id="pguidproperties"></a>*pguidProperties*
<p style="margin-left: 25px">The array of property GUIDs to return. This array must be allocated with <code>CoTaskMemAlloc</code>.</p>
## Return Value
A value of S\_OK indicates that the properties were successfully returned. E\_NOTIMPL indicates that this method is not supported by the node.
## Remarks
For externallytransactioned nodes, no additional methods are required for successful rollback.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

53
windows/client-management/mdm/icspnodegetvalue.md
View File

@ -1,53 +0,0 @@
---
title: ICSPNode GetValue
description: ICSPNode GetValue
ms.assetid: c684036d-98be-4659-8ce8-f72436a39b90
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::GetValue
This method gets the value and data type for the node. Interior (non-leaf) nodes may not have a value.
## Syntax
``` syntax
HRESULT GetValue([in,out] VARIANT* pvarValue);
```
## Parameters
<a href="" id="pvarvalue"></a>*pvarValue*
<p style="margin-left: 25px">Data value to return. A node containing a password value returns 16 asterisks (*) for this method. A leaf node whose value has not been set returns a variant whose type is <code>VT_NULL</code>.
</p>
## Return Value
A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::GetValue** methods, or that this is an interior node.
## Remarks
For externallytransactioned nodes, this node is not required to implement any other methods for a successful rollback.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

52
windows/client-management/mdm/icspnodemove.md
View File

@ -1,52 +0,0 @@
---
title: ICSPNode Move
description: ICSPNode Move
ms.assetid: efb359c3-5c86-4975-bf6f-a1c33922442a
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::Move
This method moves the node to a new location within the configuration service provider. If the target node already exists, it should be overwritten.
## Syntax
``` syntax
HRESULT Move([in] IConfigManager2URI* puriDestination);
```
## Parameters
<a href="" id="puridestination"></a>*puriDestination*
<p style="margin-left: 25px">Path and name of the node&#39;s new location, relative to the configuration service provider&#39;s root node.</p>
## Return Value
A value of S\_OK indicates that the node was successfully moved. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::Move** method.
## Remarks
For externallytransactioned nodes, if this method is implemented, then [ICSPNode::Add](icspnodeadd.md) and [ICSPNode::SetValue](icspnodesetvalue.md) must also be implemented or rollback will fail.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

58
windows/client-management/mdm/icspnodesetproperty.md
View File

@ -1,58 +0,0 @@
---
title: ICSPNode SetProperty
description: ICSPNode SetProperty
ms.assetid: e235c38f-ea04-4cd8-adec-3c6c0ce7172d
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::SetProperty
This method sets a property value for a configuration service provider node.
## Syntax
``` syntax
HRESULT SetProperty([in] REFGUID guidProperty,
[in] VARIANT varValue);
```
## Parameters
<a href="" id="guidproperty"></a>*guidProperty*
<p style="margin-left: 25px">The GUID of the property.</p>
<a href="" id="varvalue"></a>*varValue*
<p style="margin-left: 25px">The value to return.</p>
## Return Value
A value of S\_OK indicates that a node was successfully found. CFGMGR\_E\_COMMANDNOTSUPPORTED indicates that this node delegates the management of the property to ConfigManager2.
## Remarks
Every node must properly handle the CFGMGR\_PROPERTY\_DATATYPE property.
For externallytransactioned nodes, no additional methods are required for successful rollback.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

52
windows/client-management/mdm/icspnodesetvalue.md
View File

@ -1,52 +0,0 @@
---
title: ICSPNode SetValue
description: ICSPNode SetValue
ms.assetid: b218636d-fe8b-4a0f-b4e8-a621f65619d3
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNode::SetValue
This method sets the value for the configuration service provider node. It is an error to attempt to set the value of an interior node.
## Syntax
``` syntax
HRESULT SetValue([in] VARIANT varValue);
```
## Parameters
<a href="" id="varvalue"></a>*varValue*
<p style="margin-left: 25px">Value to set. To clear a leaf nodes value, set <em>varValue</em>s type to <code>VT_NULL</code>.</p>
## Return Value
A value of S\_OK indicates that the value was set successfully. CFGMGR\_E\_COMMANDNOTALLOWED indicates that this node does not support the **ICSP::SetValue** method, or that it's an internal node.
## Remarks
For externallytransactioned nodes, no additional methods must be implemented to support rollback.
## Requirements
**Header:** None
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)

83
windows/client-management/mdm/icspnodetransactioning.md
View File

@ -1,83 +0,0 @@
---
title: ICSPNodeTransactioning
description: ICSPNodeTransactioning
ms.assetid: 24dc518a-4a8d-41fe-9bc6-217bbbdf6a3f
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPNodeTransactioning
This is an optional interface that enables a configuration service provider to define its own transactioning scheme (internal transactioning) for an individual node. Transactioning supports the ability to roll back previous actions on a node. The majority of nodes use external transactioning, which is handled automatically, and do not need to implement this interface. For more information about internal and external transactioning, including how to handle the `RollbackAction` functions, see "Determine node operations" in [Designing a custom configuration service provider](design-a-custom-windows-csp.md).
``` syntax
interface ICSPNodeTransactioning : IUnknown
{
HRESULT PersistRollbackAddState([in] IConfigManager2URI* puriChild,
[in] CFG_DATATYPE DataType,
[in] VARIANT varValue,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackCopyState([in] IConfigManager2URI* puriDestination,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackDeleteChildState([in] IConfigManager2URI* puriChild,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackClearState([in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackExecuteState([in] VARIANT varUserData,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackMoveState([in] IConfigManager2URI* puriDestination,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackSetValueState([in] VARIANT varValue,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackSetPropertyState([in] REFGUID guidProperty,
[in] VARIANT varValue,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT PersistRollbackDeletePropertyState([in] REFGUID guidProperty,
[in] ISequentialStream* pRollbackStream,
[in] ISequentialStream* pUninstallStream);
HRESULT RollbackAdd([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackCopy([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackDeleteChild([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackClear([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackExecute([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackMove([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackSetValue([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackSetProperty([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT RollbackDeleteProperty([in] ISequentialStream* pUndoStream,
[in] BOOL fRecoveryRollback);
HRESULT Commit();
};
```
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)
 

54
windows/client-management/mdm/icspvalidate.md
View File

@ -1,54 +0,0 @@
---
title: ICSPValidate
description: ICSPValidate
ms.assetid: b0993f2d-6269-412f-a329-af25fff34ca2
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# ICSPValidate
This interface is optional. It is called by ConfigManager2 as it batches commands before transactioning begins. This allows the configuration service provider to validate the node before performing specific actions. It is generally only used for configuration service providers that need to expose UI.
``` syntax
interface ICSPValidate : IUnknown
{
HRESULT ValidateAdd([in] IConfigNodeState* pNodeState,
[in] IConfigManager2URI* puriChild,
[in] CFG_DATATYPE DataType,
[in] VARIANT varValue);
HRESULT ValidateCopy([in] IConfigNodeState* pNodeState,
[in] IConfigManager2URI* puriDestination);
HRESULT ValidateDeleteChild([in] IConfigNodeState* pNodeState,
[in] IConfigManager2URI* puriChild);
HRESULT ValidateClear([in] IConfigNodeState* pNodeState);
HRESULT ValidateExecute([in] IConfigNodeState* pNodeState,
[in] VARIANT varUserData);
HRESULT ValidateMove([in] IConfigNodeState* pNodeState,
[in] IConfigManager2URI* puriDestination);
HRESULT ValidateSetValue([in] IConfigNodeState* pNodeState,
[in] VARIANT varValue);
HRESULT ValidateSetProperty([in] IConfigNodeState* pNodeState,
[in] REFGUID guidProperty,
[in] VARIANT varValue);
HRESULT ValidateDeleteProperty([in] IConfigNodeState* pNodeState,
[in] REFGUID guidProperty);
```
## Related topics
[Create a custom configuration service provider](create-a-custom-configuration-service-provider.md)
 

10
windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
View File

@ -12,7 +12,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 05/15/2019
ms.date: 07/01/2019
---
# What's new in mobile device enrollment and management
@ -56,6 +56,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
- [What is dmwappushsvc?](#what-is-dmwappushsvc)
- **Change history in MDM documentation**
- [July 2019](#july-2019)
- [June 2019](#june-2019)
- [May 2019](#may-2019)
- [April 2019](#april-2019)
@ -1880,6 +1881,13 @@ How do I turn if off? | The service can be stopped from the "Services" console o
## Change history in MDM documentation
### July 2019
|New or updated topic | Description|
|--- | ---|
|Create a custom configuration service provider|Deleted the following documents from the CSP reference because extensibility via CSPs is not currently supported:<br>Create a custom configuration service provider<br>Design a custom configuration service provider<br>IConfigServiceProvider2<br>IConfigServiceProvider2::ConfigManagerNotification<br>IConfigServiceProvider2::GetNode<br>ICSPNode<br>ICSPNode::Add<br>ICSPNode::Clear<br>ICSPNode::Copy<br>ICSPNode::DeleteChild<br>ICSPNode::DeleteProperty<br>ICSPNode::Execute<br>ICSPNode::GetChildNodeNames<br>ICSPNode::GetProperty<br>ICSPNode::GetPropertyIdentifiers<br>ICSPNode::GetValue<br>ICSPNode::Move<br>ICSPNode::SetProperty<br>ICSPNode::SetValue<br>ICSPNodeTransactioning<br>ICSPValidate<br>Samples for writing a custom configuration service provider|
### June 2019
|New or updated topic | Description|

51
windows/client-management/mdm/samples-for-writing-a-custom-configuration-service-provider.md
View File

@ -1,51 +0,0 @@
---
title: Samples for writing a custom configuration service provider
description: Samples for writing a custom configuration service provider
ms.assetid: ccda4d62-7ce1-483b-912f-25d50c974270
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.topic: article
ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.date: 06/26/2017
---
# Samples for writing a custom configuration service provider
The following example shows how to retrieve Integrated Circuit Card Identifier (ICCID) and International Mobile Subscriber Identity (IMSI) for a dual SIM phone.
## Retrieving ICCID and IMSI for a dual SIM phone
The following sample is used in the [IConfigServiceProvider2::ConfigManagerNotification](iconfigserviceprovider2configmanagernotification.md) method implementation. It first retrieves the IConfigSession2 object, and then queries the ICCID with the IConfigSession2::GetSessionVariable method. To retrieve the IMSI, replace L”ICCID” with L”IMSI”.
``` syntax
case CFGMGR_NOTIFICATION_SETSESSIONOBJ:
if (NULL != lpParam)
{
m_pSession = reinterpret_cast<IConfigSession2*>(lpParam);
        m_pSession->AddRef();
    }
    bstrContext = SysAllocString(L"ICCID");
    if (NULL == bstrContext)
    {
    hr = E_OUTOFMEMORY;
    goto Error;
    }
    hr = m_pSession->GetSessionVariable(bstrContext, &varValue);
    if (FAILED(hr))
    {
     goto Error;
    }
    break;
```
 

4
windows/configuration/customize-and-export-start-layout.md
View File

@ -171,9 +171,9 @@ If the Start layout is applied by Group Policy or MDM, and the policy is removed
**To configure a partial Start screen layout**
1. [Customize the Start layout](#bmk-customize-start).
1. [Customize the Start layout](#customize-the-start-screen-on-your-test-computer).
2. [Export the Start layout](#bmk-exportstartscreenlayout).
2. [Export the Start layout](#export-the-start-layout).
3. Open the layout .xml file. There is a `<DefaultLayoutOverride>` element. Add `LayoutCustomizationRestrictionType="OnlySpecifiedGroups"` to the **DefaultLayoutOverride** element as follows:
``` syntax

2
windows/configuration/start-secondary-tiles.md
View File

@ -64,7 +64,7 @@ In Windows 10, version 1703, by using the PowerShell cmdlet `export-StartLayoutE
## Export Start layout and assets
1. Follow the instructions in [Customize and export Start layout](customize-and-export-start-layout.md#bkmkcustomizestartscreen) to customize the Start screen on your test computer.
1. Follow the instructions in [Customize and export Start layout](customize-and-export-start-layout.md#customize-the-start-screen-on-your-test-computer) to customize the Start screen on your test computer.
2. Open Windows PowerShell as an administrator and enter the following command:
```

7
windows/deployment/update/windows-analytics-get-started.md
View File

@ -75,6 +75,12 @@ To enable data sharing, configure your proxy server to whitelist the following e
> [!IMPORTANT]
> For privacy and data integrity, Windows checks for a Microsoft SSL certificate when communicating with the diagnostic data endpoints. SSL interception and inspection aren't possible. To use Desktop Analytics, exclude these endpoints from SSL inspection.<!-- BUG 4647542 -->
>[!NOTE]
>Microsoft has a strong commitment to providing the tools and resources that put you in control of your privacy. As a result, Microsoft doesn't collect the following data from devices located in European countries (EEA and Switzerland):
>- Windows diagnostic data from Windows 8.1 devices
>- App usage data for Windows 7 devices
### Configuring endpoint access with SSL inspection
To ensure privacy and data integrity Windows checks for a Microsoft SSL certificate when communicating with the diagnostic data endpoints. Accordingly SSL interception and inspection is not possible. To use Windows Analytics services you should exclude the above endpoints from SSL inspection.
@ -205,3 +211,4 @@ Note that it is possible to intiate a full inventory scan on a device by calling
- CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun ent
For details on how to run these and how to check results, see the deployment script.

10
windows/release-information/resolved-issues-windows-10-1507.yml
View File

@ -32,6 +32,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
<tr><td><div id='526msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#526msgdesc'>See details ></a></td><td>OS Build 10240.18244<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503291' target='_blank'>KB4503291</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507458' target='_blank'>KB4507458</a></td><td>July 09, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='423msg'></div><b>Unable to access some gov.uk websites</b><br>gov.uk websites that dont support “HSTS” may not be accessible<br><br><a href = '#423msgdesc'>See details ></a></td><td>OS Build 10240.18215<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499154' target='_blank'>KB4499154</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505051' target='_blank'>KB4505051</a></td><td>May 19, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='224msg'></div><b>MSXML6 may cause applications to stop responding </b><br>MSXML6 may cause applications to stop responding if an exception was thrown during node operations, such as appendChild(), insertBefore(), and moveNode(). <br><br><a href = '#224msgdesc'>See details ></a></td><td>OS Build 10240.18094<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480962' target='_blank'>KB4480962</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493475' target='_blank'>KB4493475</a></td><td>April 09, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='192msg'></div><b>Custom URI schemes may not start corresponding application</b><br>Custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites in Internet Explorer.<br><br><a href = '#192msgdesc'>See details ></a></td><td>OS Build 10240.18158<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489872' target='_blank'>KB4489872</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4493475' target='_blank'>KB4493475</a></td><td>April 09, 2019 <br>10:00 AM PT</td></tr>
@ -52,6 +53,15 @@ sections:
<div>
</div>
"
- title: June 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='526msgdesc'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><div>When trying to expand, view, or create&nbsp;<strong>Custom Views&nbsp;</strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using&nbsp;<strong>Filter Current Log</strong>&nbsp;in the&nbsp;<strong>Action&nbsp;</strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507458' target='_blank'>KB4507458</a>.</div><br><a href ='#526msg'>Back to top</a></td><td>OS Build 10240.18244<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503291' target='_blank'>KB4503291</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507458' target='_blank'>KB4507458</a></td><td>Resolved:<br>July 09, 2019 <br>10:00 AM PT<br><br>Opened:<br>June 12, 2019 <br>11:11 AM PT</td></tr>
</table>
"
- title: May 2019
- items:
- type: markdown

2
windows/release-information/resolved-issues-windows-10-1607.yml
View File

@ -32,6 +32,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
<tr><td><div id='528msg'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.<br><br><a href = '#528msgdesc'>See details ></a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>July 09, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='520msg'></div><b>Difficulty connecting to some iSCSI-based SANs</b><br>Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.<br><br><a href = '#520msgdesc'>See details ></a></td><td>OS Build 14393.2999<br><br>May 23, 2019<br><a href ='https://support.microsoft.com/help/4499177' target='_blank'>KB4499177</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4509475' target='_blank'>KB4509475</a></td><td>June 27, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='503msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#503msgdesc'>See details ></a></td><td>OS Build 14393.3025<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503267' target='_blank'>KB4503267</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503294' target='_blank'>KB4503294</a></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='488msg'></div><b>Opening Internet Explorer 11 may fail</b><br>Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.<br><br><a href = '#488msgdesc'>See details ></a></td><td>OS Build 14393.2999<br><br>May 23, 2019<br><a href ='https://support.microsoft.com/help/4499177' target='_blank'>KB4499177</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503267' target='_blank'>KB4503267</a></td><td>June 11, 2019 <br>10:00 AM PT</td></tr>
@ -80,6 +81,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='528msgdesc'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a>.</div><br><a href ='#528msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>Resolved:<br>July 09, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='457msgdesc'></div><b>Update not showing as applicable through WSUS or SCCM or when manually installed</b><div><a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> or later updates may not show as applicable through WSUS or SCCM to the affected platforms. When manually installing the standalone update from Microsoft Update Catalog, it may fail to install with the error, \"The update is not applicable to your computer.\"</div><div><br></div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><br></div><div><strong>Resolution: </strong>The servicing stack update (SSU) (<a href='https://support.microsoft.com/help/4498947' target='_blank'>KB4498947</a>) must be installed before installing the latest cumulative update (LCU). The&nbsp;LCU will not be reported as applicable until the SSU is installed.&nbsp;For more information, see&nbsp;<a href=\"https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date\" target=\"_blank\">Servicing stack updates</a>.</div><br><a href ='#457msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4498947' target='_blank'>KB4498947</a></td><td>Resolved:<br>May 14, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 24, 2019 <br>04:20 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='423msgdesc'></div><b>Unable to access some gov.uk websites</b><div>After installing the May 14, 2019 update, some gov.uk websites that dont support HTTP Strict Transport Security&nbsp;(HSTS)&nbsp;may not be accessible through Internet Explorer 11 or Microsoft Edge.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703;Windows 10, version 1607; Windows 10, version 1507;Windows 8.1; Windows 7SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution: </strong>We have released an \"optional, <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" target=\"_blank\">out-of-band</a>\" update for Windows 10 (<a href='https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a>) to resolve this issue. If you are affected, we recommend you apply this update by installing <a href='https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a> from Windows Update and then restarting your device.</div><div><br></div><div>This update will not be applied automatically. To download and install this update, go to <strong>Settings</strong> &gt; <strong>Update &amp; Security</strong> &gt; <strong>Windows Update</strong> and select <strong>Check for updates</strong>. To get the standalone package for <a href='https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a>, search for it in the&nbsp;<a href=\"http://www.catalog.update.microsoft.com/home.aspx\" target=\"_blank\">Microsoft Update Catalog</a>.</div><div>&nbsp;</div><br><a href ='#423msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a></td><td>Resolved:<br>May 19, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 16, 2019 <br>01:57 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='379msgdesc'></div><b>Layout and cell size of Excel sheets may change when using MS UI Gothic </b><div>When using the <strong>MS UI Gothic</strong> or <strong>MS PGothic</strong> fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. For example, the layout and cell size of Microsoft Excel sheets may change when using <strong>MS</strong> <strong>UI Gothic</strong>.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703;Windows 10, version 1607;Windows 10 Enterprise LTSC 2016; Windows 10, version 1507;Windows 10 Enterprise LTSB 2015;Windows 8.1</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012</li></ul><div></div><div><strong>Resolution</strong>: This issue has been resolved.</div><br><a href ='#379msg'>Back to top</a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved:<br>May 14, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 10, 2019 <br>10:35 AM PT</td></tr>

2
windows/release-information/resolved-issues-windows-10-1703.yml
View File

@ -32,6 +32,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Date resolved</td></tr>
<tr><td><div id='528msg'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.<br><br><a href = '#528msgdesc'>See details ></a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507450' target='_blank'>KB4507450</a></td><td>July 09, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='520msg'></div><b>Difficulty connecting to some iSCSI-based SANs</b><br>Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.<br><br><a href = '#520msgdesc'>See details ></a></td><td>OS Build 15063.1839<br><br>May 28, 2019<br><a href ='https://support.microsoft.com/help/4499162' target='_blank'>KB4499162</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4509476' target='_blank'>KB4509476</a></td><td>June 26, 2019 <br>04:00 PM PT</td></tr>
<tr><td><div id='503msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#503msgdesc'>See details ></a></td><td>OS Build 15063.1868<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503279' target='_blank'>KB4503279</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503289' target='_blank'>KB4503289</a></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='488msg'></div><b>Opening Internet Explorer 11 may fail</b><br>Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.<br><br><a href = '#488msgdesc'>See details ></a></td><td>OS Build 15063.1839<br><br>May 28, 2019<br><a href ='https://support.microsoft.com/help/4499162' target='_blank'>KB4499162</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503279' target='_blank'>KB4503279</a></td><td>June 11, 2019 <br>10:00 AM PT</td></tr>
@ -75,6 +76,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='528msgdesc'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507450' target='_blank'>KB4507450</a>.</div><br><a href ='#528msg'>Back to top</a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507450' target='_blank'>KB4507450</a></td><td>Resolved:<br>July 09, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='423msgdesc'></div><b>Unable to access some gov.uk websites</b><div>After installing the May 14, 2019 update, some gov.uk websites that dont support HTTP Strict Transport Security&nbsp;(HSTS)&nbsp;may not be accessible through Internet Explorer 11 or Microsoft Edge.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703;Windows 10, version 1607; Windows 10, version 1507;Windows 8.1; Windows 7SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution: </strong>We have released an \"optional, <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" target=\"_blank\">out-of-band</a>\" update for Windows 10 (<a href='https://support.microsoft.com/help/4505055' target='_blank'>KB4505055</a>) to resolve this issue. If you are affected, we recommend you apply this update by installing <a href='https://support.microsoft.com/help/4505055' target='_blank'>KB4505055</a> from Windows Update and then restarting your device.</div><div><br></div><div>This update will not be applied automatically. To download and install this update, go to <strong>Settings</strong> &gt; <strong>Update &amp; Security</strong> &gt; <strong>Windows Update</strong> and select <strong>Check for updates</strong>. To get the standalone package for <a href='https://support.microsoft.com/help/4505055' target='_blank'>KB4505055</a>, search for it in the&nbsp;<a href=\"http://www.catalog.update.microsoft.com/home.aspx\" target=\"_blank\">Microsoft Update Catalog</a>.</div><div>&nbsp;</div><br><a href ='#423msg'>Back to top</a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505055' target='_blank'>KB4505055</a></td><td>Resolved:<br>May 19, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 16, 2019 <br>01:57 PM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='379msgdesc'></div><b>Layout and cell size of Excel sheets may change when using MS UI Gothic </b><div>When using the <strong>MS UI Gothic</strong> or <strong>MS PGothic</strong> fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. For example, the layout and cell size of Microsoft Excel sheets may change when using <strong>MS</strong> <strong>UI Gothic</strong>.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703;Windows 10, version 1607;Windows 10 Enterprise LTSC 2016; Windows 10, version 1507;Windows 10 Enterprise LTSB 2015;Windows 8.1</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012</li></ul><div></div><div><strong>Resolution</strong>: This issue has been resolved.</div><br><a href ='#379msg'>Back to top</a></td><td>OS Build 15063.1784<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493436' target='_blank'>KB4493436</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Resolved:<br>May 14, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 10, 2019 <br>10:35 AM PT</td></tr>
</table>

4
windows/release-information/status-windows-10-1507.yml
View File

@ -60,8 +60,8 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='496msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#496msgdesc'>See details ></a></td><td>OS Build 10240.18244<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503291' target='_blank'>KB4503291</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 13, 2019 <br>02:21 PM PT</td></tr>
<tr><td><div id='323msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".<br><br><a href = '#323msgdesc'>See details ></a></td><td>OS Build 10240.18094<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480962' target='_blank'>KB4480962</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='526msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#526msgdesc'>See details ></a></td><td>OS Build 10240.18244<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503291' target='_blank'>KB4503291</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507458' target='_blank'>KB4507458</a></td><td>July 09, 2019 <br>10:00 AM PT</td></tr>
</table>
"
@ -77,7 +77,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='496msgdesc'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><div>When trying to expand, view, or create&nbsp;<strong>Custom Views&nbsp;</strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using&nbsp;<strong>Filter Current Log</strong>&nbsp;in the&nbsp;<strong>Action&nbsp;</strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Workaround:</strong> To mitigate this issue, see <a href=\"https://support.microsoft.com/help/4508640\" target=\"_blank\">KB4508640</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and estimate a solution will be available in late June.</div><br><a href ='#496msg'>Back to top</a></td><td>OS Build 10240.18244<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503291' target='_blank'>KB4503291</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>June 13, 2019 <br>02:21 PM PT<br><br>Opened:<br>June 12, 2019 <br>11:11 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='526msgdesc'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><div>When trying to expand, view, or create&nbsp;<strong>Custom Views&nbsp;</strong>in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using&nbsp;<strong>Filter Current Log</strong>&nbsp;in the&nbsp;<strong>Action&nbsp;</strong>menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507458' target='_blank'>KB4507458</a>.</div><br><a href ='#526msg'>Back to top</a></td><td>OS Build 10240.18244<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503291' target='_blank'>KB4503291</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507458' target='_blank'>KB4507458</a></td><td>Resolved:<br>July 09, 2019 <br>10:00 AM PT<br><br>Opened:<br>June 12, 2019 <br>11:11 AM PT</td></tr>
</table>
"

4
windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
View File

@ -60,12 +60,12 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='516msg'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000<br><br><a href = '#516msgdesc'>See details ></a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 24, 2019 <br>10:46 AM PT</td></tr>
<tr><td><div id='474msg'></div><b>Some applications may fail to run as expected on clients of AD FS 2016</b><br>Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)<br><br><a href = '#474msgdesc'>See details ></a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 07, 2019 <br>04:25 PM PT</td></tr>
<tr><td><div id='135msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#135msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='149msg'></div><b>SCVMM cannot enumerate and manage logical switches deployed on the host</b><br>For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.<br><br><a href = '#149msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='322msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".<br><br><a href = '#322msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='142msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#142msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>February 19, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='528msg'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.<br><br><a href = '#528msgdesc'>See details ></a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>July 09, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='520msg'></div><b>Difficulty connecting to some iSCSI-based SANs</b><br>Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.<br><br><a href = '#520msgdesc'>See details ></a></td><td>OS Build 14393.2999<br><br>May 23, 2019<br><a href ='https://support.microsoft.com/help/4499177' target='_blank'>KB4499177</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4509475' target='_blank'>KB4509475</a></td><td>June 27, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='503msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#503msgdesc'>See details ></a></td><td>OS Build 14393.3025<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503267' target='_blank'>KB4503267</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503294' target='_blank'>KB4503294</a></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='488msg'></div><b>Opening Internet Explorer 11 may fail</b><br>Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.<br><br><a href = '#488msgdesc'>See details ></a></td><td>OS Build 14393.2999<br><br>May 23, 2019<br><a href ='https://support.microsoft.com/help/4499177' target='_blank'>KB4499177</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503267' target='_blank'>KB4503267</a></td><td>June 11, 2019 <br>10:00 AM PT</td></tr>
@ -97,7 +97,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='516msgdesc'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround: </strong>If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:</div><ol><li>Retrieve the 48-digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.</li><li>From the recovery screen, press the enter key and enter the recovery password when prompted.</li><li>If your device starts in the Windows Recovery Environment and asks for recovery key again, select <strong>Skip the drive</strong> to continue to WinRE.</li><li>Select <strong>Advanced options</strong> then <strong>Troubleshoot</strong> then <strong>Advanced options</strong> then <strong>Command Prompt.</strong></li><li>Unlock drive using the command: <strong>Manage-bde -unlock c: -rp &lt;48 digit numerical recovery password separated by “-“ in 6 digit group&gt;</strong></li><li>Suspend BitLocker using the command: <strong>Manage-bde -protectors -disable c:</strong></li><li>Exit the command window using the command: <strong>exit</strong></li><li>Select <strong>Continue</strong> from recovery environment.</li><li>The device should now start Windows.</li><li>Once started, launch an elevated Command Prompt (i.e. run Command Prompt as administrator) and resume the BitLocker to ensure the system remains protected, using the command: <strong>Manage-bde -protectors -enable c:</strong></li></ol><div><strong>Note</strong> The steps in this workaround need to be followed on every system start unless BitLocker is suspended before restarting.</div><div><br></div><div>To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: <strong>Manage-bde -protectors -disable c: -rc 1</strong></div><div><strong>Note</strong> This command will suspend BitLocker for one restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#516msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>June 24, 2019 <br>10:46 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='528msgdesc'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a>.</div><br><a href ='#528msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507460' target='_blank'>KB4507460</a></td><td>Resolved:<br>July 09, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
</table>
"

4
windows/release-information/status-windows-10-1703.yml
View File

@ -60,8 +60,8 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='516msg'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000<br><br><a href = '#516msgdesc'>See details ></a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>June 24, 2019 <br>10:46 AM PT</td></tr>
<tr><td><div id='321msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".<br><br><a href = '#321msgdesc'>See details ></a></td><td>OS Build 15063.1563<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480973' target='_blank'>KB4480973</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='528msg'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><br>Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.<br><br><a href = '#528msgdesc'>See details ></a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507450' target='_blank'>KB4507450</a></td><td>July 09, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='520msg'></div><b>Difficulty connecting to some iSCSI-based SANs</b><br>Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.<br><br><a href = '#520msgdesc'>See details ></a></td><td>OS Build 15063.1839<br><br>May 28, 2019<br><a href ='https://support.microsoft.com/help/4499162' target='_blank'>KB4499162</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4509476' target='_blank'>KB4509476</a></td><td>June 26, 2019 <br>04:00 PM PT</td></tr>
<tr><td><div id='503msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#503msgdesc'>See details ></a></td><td>OS Build 15063.1868<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503279' target='_blank'>KB4503279</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503289' target='_blank'>KB4503289</a></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='488msg'></div><b>Opening Internet Explorer 11 may fail</b><br>Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.<br><br><a href = '#488msgdesc'>See details ></a></td><td>OS Build 15063.1839<br><br>May 28, 2019<br><a href ='https://support.microsoft.com/help/4499162' target='_blank'>KB4499162</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503279' target='_blank'>KB4503279</a></td><td>June 11, 2019 <br>10:00 AM PT</td></tr>
@ -91,7 +91,7 @@ sections:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='516msgdesc'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround: </strong>If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:</div><ol><li>Retrieve the 48-digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.</li><li>From the recovery screen, press the enter key and enter the recovery password when prompted.</li><li>If your device starts in the Windows Recovery Environment and asks for recovery key again, select <strong>Skip the drive</strong> to continue to WinRE.</li><li>Select <strong>Advanced options</strong> then <strong>Troubleshoot</strong> then <strong>Advanced options</strong> then <strong>Command Prompt.</strong></li><li>Unlock drive using the command: <strong>Manage-bde -unlock c: -rp &lt;48 digit numerical recovery password separated by “-“ in 6 digit group&gt;</strong></li><li>Suspend BitLocker using the command: <strong>Manage-bde -protectors -disable c:</strong></li><li>Exit the command window using the command: <strong>exit</strong></li><li>Select <strong>Continue</strong> from recovery environment.</li><li>The device should now start Windows.</li><li>Once started, launch an elevated Command Prompt (i.e. run Command Prompt as administrator) and resume the BitLocker to ensure the system remains protected, using the command: <strong>Manage-bde -protectors -enable c:</strong></li></ol><div><strong>Note</strong> The steps in this workaround need to be followed on every system start unless BitLocker is suspended before restarting.</div><div><br></div><div>To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: <strong>Manage-bde -protectors -disable c: -rc 1</strong></div><div><strong>Note</strong> This command will suspend BitLocker for one restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#516msg'>Back to top</a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>June 24, 2019 <br>10:46 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='528msgdesc'></div><b>Devices with Hyper-V enabled may receive BitLocker error 0xC0210000</b><div>Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a> and restarting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4507450' target='_blank'>KB4507450</a>.</div><br><a href ='#528msg'>Back to top</a></td><td>OS Build 15063.1805<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4499181' target='_blank'>KB4499181</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4507450' target='_blank'>KB4507450</a></td><td>Resolved:<br>July 09, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
</table>
"

6
windows/release-information/status-windows-10-1903.yml
View File

@ -79,9 +79,6 @@ sections:
<tr><td><div id='445msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#445msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:46 PM PT</td></tr>
<tr><td><div id='519msg'></div><b>Event Viewer may close or you may receive an error when using Custom Views</b><br>When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.<br><br><a href = '#519msgdesc'>See details ></a></td><td>OS Build 18362.175<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503293' target='_blank'>KB4503293</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4501375' target='_blank'>KB4501375</a></td><td>June 27, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='491msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#491msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>May 29, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='473msg'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><br>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.<br><br><a href = '#473msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>June 07, 2019 <br>04:26 PM PT</td></tr>
<tr><td><div id='466msg'></div><b>AMD RAID driver incompatibility </b><br>Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#466msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>June 06, 2019 <br>11:06 AM PT</td></tr>
<tr><td><div id='469msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#469msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>May 29, 2019 <br>02:00 PM PT</td></tr>
</table>
"
@ -118,8 +115,5 @@ sections:
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='446msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><p class=\"ql-indent-1\">\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#446msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='445msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#445msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:46 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='491msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution: </strong>This issue was resolved in <a href='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a> and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Window 10, version 1903.</div><div>(Posted June 11, 2019)</div><br><a href ='#491msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved:<br>May 29, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='473msgdesc'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><div>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.</div><div><br></div><div>To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Before updating your machine, we recommend you do one or more of the following:</div><div><br></div><ul><li>Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.</li><li>Restart your system and open the game again.</li><li>Uninstall BattlEye using <a href=\"https://www.battleye.com/downloads/UninstallBE.exe\" target=\"_blank\">https://www.battleye.com/downloads/UninstallBE.exe</a>, and then reopen your game.</li><li>Uninstall and reinstall your game.</li></ul><div></div><div><strong>Resolution: </strong>This issue was resolved externally by BattlEye for all known impacted games. For a list of recent games that use BattlEye, go to <a href=\"https://www.battleye.com/\" target=\"_blank\" style=\"\"><u>https://www.battleye.com/</u></a>. We recommend following the workaround before updating to Windows 10, version 1903, as games with incompatible versions of BattleEye may fail to open after updating Windows. If you have confirmed your&nbsp;game is up to date&nbsp;and you have any issues with opening games related to a BattlEye error, please see <a href=\"https://www.battleye.com/support/faq/\" target=\"_blank\" style=\"\"><u>https://www.battleye.com/support/faq/</u></a>.</div><br><a href ='#473msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>June 07, 2019 <br>04:26 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:34 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='466msgdesc'></div><b>AMD RAID driver incompatibility </b><div>Microsoft and AMD have identified an incompatibility with AMD RAID driver versions earlier than 9.2.0.105. When you attempt to install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:</div><p class=\"ql-indent-1\">AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><p class=\"ql-indent-1\">“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution: </strong>This issue has been resolved externally by AMD. To resolve this issue, you will need to download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> The safeguard hold will remain in place on machines with the older AMD RAID drivers. We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#466msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>June 06, 2019 <br>11:06 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='469msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Resolution: </strong>This issue was resolved in <a href='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a>.&nbsp;</div><br><a href ='#469msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Resolved:<br>May 29, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
</table>
"

4
windows/release-information/windows-message-center.yml
View File

@ -51,8 +51,8 @@ sections:
<table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
<tr><td><a href = 'https://blogs.windows.com/windowsexperience/2019/07/01/evolving-windows-10-servicing-and-quality-the-next-steps/' target='_blank'><b>Evolving Windows 10 servicing and quality</b></a><br><div>Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the <a href='https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Moving-to-the-next-Windows-10-feature-update-for-commercial/ba-p/732968' target='_blank'>Windows IT Pro Blog</a> for more details on how to plan for this new update option in your environment.</div></td><td>July 01, 2019 <br>02:00 PM PT</td></tr>
<tr><td><b>Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier</b><br><div>We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.</div></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
<tr><td><b>Windows 10, version 1903 available by selecting “Check for updates”</b><br><div>Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div></td><td>June 06, 2019 <br>06:00 PM PT</td></tr>
<tr><td><a href = '' target='_blank'><b>Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier</b></a><br><div>We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.</div></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
<tr><td><a href = '' target='_blank'><b>Windows 10, version 1903 available by selecting “Check for updates”</b></a><br><div>Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div></td><td>June 06, 2019 <br>06:00 PM PT</td></tr>
<tr><td><a href = 'https://blogs.windows.com/windowsexperience/2019/05/21/how-to-get-the-windows-10-may-2019-update/#1P75kJB6T5OhySyo.97' target='_blank'><b>Windows 10, version 1903 rollout begins</b></a><br>The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.</td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
<tr><td><a href = 'https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-in-Windows-Update-for-Business-in-Windows-10-version/ba-p/622064' target='_blank'><b>Whats new in Windows Update for Business</b></a><br>We are enhancing and expanding the capabilities of Windows Update for Business to make the move to the cloud even easier. From simplified branch readiness options to better control over deadlines and reboots, read about the enhancements to Windows Update for Business as a part of Windows 10, version 1903. </td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
<tr><td><a href = 'https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-for-IT-pros-in-Windows-10-version-1903/ba-p/622024' target='_blank'><b>Whats new for businesses and IT pros in Windows 10</b></a><br>Explore the newest capabilities for businesses and IT in the latest feature update in the areas of intelligent security, simplified updates, flexible management, and enhanced productivity. </td><td>May 21, 2019 <br>10:00 AM PT</td></tr>

5
windows/security/threat-protection/TOC.md
View File

@ -421,6 +421,11 @@
#### [Troubleshoot Microsoft Defender ATP service issues](microsoft-defender-atp/troubleshoot-mdatp.md)
##### [Check service health](microsoft-defender-atp/service-status.md)
#### [Troubleshoot live response issues]()
##### [Troubleshoot issues related to live response](microsoft-defender-atp/troubleshoot-live-response.md)
####Troubleshoot attack surface reduction
##### [Network protection](windows-defender-exploit-guard/troubleshoot-np.md)
##### [Attack surface reduction rules](windows-defender-exploit-guard/troubleshoot-asr.md)

6
windows/security/threat-protection/microsoft-defender-atp/TOC.md
View File

@ -417,10 +417,14 @@
### [Troubleshoot Microsoft Defender ATP service issues](troubleshoot-mdatp.md)
#### [Check service health](service-status.md)
### [Troubleshoot live response issues]()
#### [Troubleshoot issues related to live response](troubleshoot-live-response.md)
### Troubleshoot attack surface reduction
#### [Network protection](../windows-defender-exploit-guard/troubleshoot-np.md)
#### [Attack surface reduction rules](../windows-defender-exploit-guard/troubleshoot-asr.md)
#### [Collect diagnostic data for files](../windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md)
#### [Collect diagnostic data for files](../windows-defender-exploit-guard/troubleshoot-np.md)
### [Troubleshoot next generation protection](../windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md)

71
windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
View File

@ -1,5 +1,5 @@
---
title: Advanced Hunting API
title: Hello World
ms.reviewer:
description: Use this API to run advanced queries
keywords: apis, supported apis, advanced hunting, query
@ -19,10 +19,9 @@ ms.topic: article
# Microsoft Defender ATP API - Hello World
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
## Get Alerts using a simple PowerShell script
@ -33,65 +32,57 @@ It only takes 5 minutes done in two steps:
- Use examples: only requires copy/paste of a short PowerShell script
### Do I need a permission to connect?
For the App registration stage, you must have a Global administrator role in your Azure Active Directory (Azure AD) tenant.
For the Application registration stage, you must have a **Global administrator** role in your Azure Active Directory (Azure AD) tenant.
### Step 1 - Create an App in Azure Active Directory
1. Log on to [Azure](https://portal.azure.com) with your Global administrator user.
1. Log on to [Azure](https://portal.azure.com) with your **Global administrator** user.
2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**.
2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**.
![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app.png)
![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png)
3. In the registration form, enter the following information, then click **Create**.
3. In the registration form, choose a name for your application and then click **Register**.
- **Name:** Choose your own name.
- **Application type:** Web app / API
- **Redirect URI:** `https://127.0.0.1`
4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission:
![Image of Create application window](images/webapp-create.png)
- On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**.
4. Allow your App to access Microsoft Defender ATP and assign it 'Read all alerts' permission:
- **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
- Click **Settings** > **Required permissions** > **Add**.
![Image of API access and API selection](images/add-permission.png)
![Image of new app in Azure](images/webapp-add-permission.png)
- Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions**
- Click **Select an API** > **WindowsDefenderATP**, then click **Select**.
![Image of API access and API selection](images/application-permissions.png)
**Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
**Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example!
![Image of API access and API selection](images/webapp-add-permission-2.png)
For instance,
- Click **Select permissions** > **Read all alerts** > **Select**.
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
- To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
- To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
![Image of API access and API selection](images/webapp-add-permission-readalerts.png)
5. Click **Grant consent**
- Click **Done**
- **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect.
![Image of add permissions completion](images/webapp-add-permission-end.png)
![Image of Grant permissions](images/grant-consent.png)
- Click **Grant permissions**
6. Add a secret to the application.
**Note**: Every time you add permission you must click on **Grant permissions**.
- Click **Certificates & secrets**, add description to the secret and click **Add**.
![Image of Grant permissions](images/webapp-grant-permissions.png)
**Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave!
5. Create a key for your App:
![Image of create app key](images/webapp-create-key2.png)
- Click **Keys**, type a key name and click **Save**.
7. Write down your application ID and your tenant ID:
![Image of create app key](images/webapp-create-key.png)
- On your application page, go to **Overview** and copy the following:
6. Write down your App ID and your Tenant ID:
- App ID:
![Image of created app id](images/webapp-app-id1.png)
- Tenant ID: Navigate to **Azure Active Directory** > **Properties**
![Image of create app key](images/api-tenant-id.png)
![Image of created app id](images/app-and-tenant-ids.png)
Done! You have successfully registered an application!
@ -106,8 +97,8 @@ Done! You have successfully registered an application!
# Paste below your Tenant ID, App ID and App Secret (App key).
$tenantId = '' ### Paste your tenant ID here
$appId = '' ### Paste your app ID here
$appSecret = '' ### Paste your app key here
$appId = '' ### Paste your Application ID here
$appSecret = '' ### Paste your Application secret here
$resourceAppIdUri = 'https://api.securitycenter.windows.com'
$oAuthUri = "https://login.windows.net/$TenantId/oauth2/token"

69
windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
View File

@ -1,7 +1,7 @@
---
title: Use Microsoft Defender Advanced Threat Protection APIs
ms.reviewer:
description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph.
description: Use the exposed data and actions using a set of programmatic APIs that are part of the Microsoft Intelligence Security Graph.
keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query
search.product: eADQiWindows 10XVcnh
ms.prod: w10
@ -19,10 +19,9 @@ ms.topic: article
# Use Microsoft Defender ATP APIs
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
This page describes how to create an application to get programmatic access to Microsoft Defender ATP on behalf of a user.
@ -40,7 +39,7 @@ In general, youll need to take the following steps to use the APIs:
This page explains how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token.
>[!NOTE]
> When accessing Microsoft Defender ATP API on behalf of a user, you will need the correct App permission and user permission.
> When accessing Microsoft Defender ATP API on behalf of a user, you will need the correct Application permission and user permission.
> If you are not familiar with user permissions on Microsoft Defender ATP, see [Manage portal access using role-based access control](rbac.md).
>[!TIP]
@ -48,60 +47,50 @@ This page explains how to create an AAD application, get an access token to Micr
## Create an app
1. Log on to [Azure](https://portal.azure.com) with user that has Global Administrator role.
1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role.
2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**.
2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**.
![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app.png)
![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png)
3. In the Create window, enter the following information then click **Create**.
3. In the registration from, enter the following information then click **Register**.
![Image of Create application window](images/nativeapp-create.png)
![Image of Create application window](images/nativeapp-create2.png)
- **Name:** -Your app name-
- **Application type:** Native
- **Redirect URI:** `https://127.0.0.1`
- **Name:** -Your application name-
- **Application type:** Public client
4. Allow your Application to access Microsoft Defender ATP and assign it 'Read alerts' permission:
4. Click **Settings** > **Required permissions** > **Add**.
- On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**.
![Image of new app in Azure](images/nativeapp-add-permission.png)
- **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
5. Click **Select an API** > **WindowsDefenderATP**, then click **Select**.
![Image of API access and API selection](images/add-permission.png)
**Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
- Choose **Delegated permissions** > **Alert.Read** > Click on **Add permissions**
![Image of API access and API selection](images/webapp-add-permission-2.png)
![Image of API access and API selection](images/application-permissions-public-client.png)
6. Click **Select permissions** > **Check the desired permissions** > **Select**.
- **Important note**: You need to select the relevant permissions. 'Read alerts' is only an example!
>[!IMPORTANT]
>You need to select the relevant permissions. 'Read alerts' and 'Collect forensics' are only an example.
For instance,
For instance,
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
- To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
- To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
- To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
To determine which permission you need, look at the **Permissions** section in the API you are interested to call.
- Click **Grant consent**
![Image of select permissions](images/nativeapp-select-permissions.png)
**Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect.
![Image of Grant permissions](images/grant-consent.png)
7. Click **Done**
6. Write down your application ID and your tenant ID:
![Image of add permissions completion](images/nativeapp-add-permissions-end.png)
- On your application page, go to **Overview** and copy the following:
8. Click **Grant permissions**
In order to add the new selected permissions to the app, the Admin's tenant must press on the **Grant permissions** button.
If in the future you will want to add more permission to the app, you will need to press on the **Grant permissions** button again so the changes will take effect.
![Image of Grant permissions](images/webapp-grant-permissions.png)
9. Write down your application ID.
![Image of app ID](images/nativeapp-get-appid.png)
![Image of created app id](images/app-and-tenant-ids.png)
## Get an access token
@ -156,7 +145,7 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co
Sanity check to make sure you got a correct token:
- Copy/paste into [JWT](https://jwt.ms) the token you got in the previous step in order to decode it
- Validate you get a 'scp' claim with the desired app permissions
- In the screenshot below you can see a decoded token acquired from the app in the tutorial:
- In the screen shot below you can see a decoded token acquired from the app in the tutorial:
![Image of token validation](images/nativeapp-decoded-token.png)

94
windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
View File

@ -1,7 +1,7 @@
---
title: Create an app to access Microsoft Defender ATP without a user
title: Create an Application to access Microsoft Defender ATP without a user
ms.reviewer:
description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph.
description: Use the exposed data and actions using a set of programmatic APIs that are part of the Microsoft Intelligence Security Graph.
keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query
search.product: eADQiWindows 10XVcnh
ms.prod: w10
@ -19,11 +19,9 @@ ms.topic: article
# Create an app to access Microsoft Defender ATP without a user
**Applies to:**
**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user.
@ -31,7 +29,7 @@ If you need programmatic access Microsoft Defender ATP on behalf of a user, see
If you are not sure which access you need, see [Get started](apis-intro.md).
Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate workflows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate work flows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
In general, youll need to take the following steps to use the APIs:
- Create an AAD application
@ -42,75 +40,65 @@ This page explains how to create an AAD application, get an access token to Micr
## Create an app
1. Log on to [Azure](https://portal.azure.com) with user that has Global Administrator role.
1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role.
2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**.
2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**.
![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app.png)
![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png)
3. In the Create window, enter the following information then click **Create**.
3. In the registration form, choose a name for your application and then click **Register**.
![Image of Create application window](images/webapp-create.png)
4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission:
- **Name:** Choose your own name.
- **Application type:** Web app / API
- **Redirect URI:** `https://127.0.0.1`
- On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**.
4. Click **Settings** > **Required permissions** > **Add**.
- **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
![Image of new app in Azure](images/webapp-add-permission.png)
![Image of API access and API selection](images/add-permission.png)
5. Click **Select an API** > **WindowsDefenderATP**, then click **Select**.
- Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions**
**Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
![Image of API access and API selection](images/application-permissions.png)
![Image of API access and API selection](images/webapp-add-permission-2.png)
**Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example!
6. Click **Select permissions** > **Check the desired permissions** > **Select**.
For instance,
**Important note**: You need to select the relevant permissions. 'Run advanced queries' is only an example!
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
- To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
- To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
For instance,
5. Click **Grant consent**
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
- To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
- To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
- **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect.
![Image of select permissions](images/webapp-select-permission.png)
![Image of Grant permissions](images/grant-consent.png)
7. Click **Done**
6. Add a secret to the application.
![Image of add permissions completion](images/webapp-add-permission-end.png)
- Click **Certificates & secrets**, add description to the secret and click **Add**.
8. Click **Grant permissions**
**Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave!
In order to add the new selected permissions to the app, the Admin's tenant must press on the **Grant permissions** button.
![Image of create app key](images/webapp-create-key2.png)
If in the future you will want to add more permission to the app, you will need to press on the **Grant permissions** button again so the changes will take effect.
7. Write down your application ID and your tenant ID:
![Image of Grant permissions](images/webapp-grant-permissions.png)
- On your application page, go to **Overview** and copy the following:
9. Click **Keys**, type a key name and click **Save**.
![Image of created app id](images/app-and-tenant-ids.png)
**Important**: After you save, **copy the key value**. You won't be able to retrieve after you leave!
8. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted (available in all tenants after consent)
![Image of create app key](images/webapp-create-key.png)
This is **required** for 3rd party applications (for example, if you create an application that is intended to run in multiple customers tenant).
10. Write down your application ID.
This is **not required** if you create a service that you want to run in your tenant only (i.e. if you create an application for your own usage that will only interact with your own data)
![Image of created app id](images/webapp-app-id1.png)
- Go to **Authentication** > Add https://portal.azure.com as **Redirect URI**.
11. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted
- On the bottom of the page, under **Supported account types**, mark **Accounts in any organizational directory**
This is **required** for 3rd party apps (for example, if you create an application that is intended to run in multiple customers tenant).
This is **not required** if you create a service that you want to run in your tenant only (for example, if you create an application for your own usage that will only interact with your own data)
Click **Properties** > **Yes** > **Save**.
![Image of multi tenant](images/webapp-edit-multitenant.png)
- Application consent for your multi-tenant App:
- Application consent for your multi-tenant Application:
You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Microsoft Defender ATP application on behalf of your customer.
@ -122,7 +110,7 @@ This page explains how to create an AAD application, get an access token to Micr
https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true
```
where 00000000-0000-0000-0000-000000000000 should be replaced with your Azure application ID
where 00000000-0000-0000-0000-000000000000 should be replaced with your Application ID
- **Done!** You have successfully registered an application!
@ -139,8 +127,8 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co
# Paste below your Tenant ID, App ID and App Secret (App key).
$tenantId = '' ### Paste your tenant ID here
$appId = '' ### Paste your app ID here
$appSecret = '' ### Paste your app key here
$appId = '' ### Paste your Application ID here
$appSecret = '' ### Paste your Application key here
$resourceAppIdUri = 'https://api.securitycenter.windows.com'
$oAuthUri = "https://login.windows.net/$TenantId/oauth2/token"
@ -158,7 +146,7 @@ return $token
### Using C#:
>The below code was tested with nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8
>The below code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8
- Create a new Console Application
- Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/)
@ -215,7 +203,7 @@ You will get an answer of the form:
Sanity check to make sure you got a correct token:
- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it
- Validate you get a 'roles' claim with the desired permissions
- In the screenshot below you can see a decoded token acquired from an app with permissions to all of Microsoft Defender ATP's roles:
- In the screen shot below you can see a decoded token acquired from an Application with permissions to all of Microsoft Defender ATP's roles:
![Image of token validation](images/webapp-decoded-token.png)

BIN
windows/security/threat-protection/microsoft-defender-atp/images/add-permission.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 84 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/api-tenant-id.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 180 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/app-and-tenant-ids.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/application-permissions-public-client.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/application-permissions.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 32 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/atp-azure-new-app2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 88 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/grant-consent.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 11 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/nativeapp-create2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.7 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-end.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.6 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission-readalerts.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 62 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-add-permission.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 47 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-app-id1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 30 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 33 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-create-key2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 40 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-create.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.9 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-edit-multitenant.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 41 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-grant-permissions.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 12 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/webapp-select-permission.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 44 KiB

56
windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md Normal file
View File

@ -0,0 +1,56 @@
---
title: Troubleshoot Microsoft Defender ATP live response issues
description: Troubleshoot issues that might arise when using live response in Microsoft Defender ATP
keywords: troubleshoot live response, live, response, locked, file
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.author: macapara
author: mjcaparas
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: troubleshooting
---
# Troubleshoot Microsoft Defender Advanced Threat Protection live response issues
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
This page provides detailed steps to troubleshoot live response issues.
## File cannot be accessed during live response sessions
If while trying to take an action during a live response session, you encounter an error message stating that the file can't be accessed, you'll need to use the steps below to address the issue.
1. Copy the following script code snippet and save it as a PS1 file:
```
$copied_file_path=$args[0]
$action=Copy-Item $copied_file_path -Destination $env:TEMP -PassThru -ErrorAction silentlyContinue
if ($action){
Write-Host "You copied the file specified in $copied_file_path to $env:TEMP Succesfully"
}
else{
Write-Output "Error occoured while trying to copy a file, details:"
Write-Output $error[0].exception.message
}
```
2. Add the script to the live response library.
3. Run the script with one parameter: the file path of the file to be copied.
4. Navigate to your TEMP folder.
5. Run the action you wanted to take on the copied file.

BIN
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 61 KiB

After

Width:  |  Height:  |  Size: 59 KiB

5
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
View File

@ -24,6 +24,11 @@ ms.topic: conceptual
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
This topic describes how to deploy Microsoft Defender ATP for Mac manually. A successful deployment requires the completion of all of the following steps:
- [Download installation and onboarding packages](#download-installation-and-onboarding-packages)
- [Application installation](#application-installation)
- [Client configuration](#client-configuration)
## Prerequisites and system requirements
Before you get started, see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version.

11
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
View File

@ -24,6 +24,12 @@ ms.topic: conceptual
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
This topic describes how to deploy Microsoft Defender ATP for Mac through Intune. A successful deployment requires the completion of all of the following steps:
- [Download installation and onboarding packages](#download-installation-and-onboarding-packages)
- [Client device setup](#client-device-setup)
- [Create System Configuration profiles](#create-system-configuration-profiles)
- [Publish application](#publish-application)
## Prerequisites and system requirements
Before you get started, see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version.
@ -122,7 +128,10 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
2. Select **App type=Other/Line-of-business app**.
3. Select **file=wdav.pkg.intunemac**. Select **OK** to upload.
4. Select **Configure** and add the required information.
5. Use **macOS Sierra 10.12** as the minimum OS. Other settings can be any arbitrary value.
5. Use **macOS Sierra 10.12** as the minimum OS and set *Ignore app version* to **Yes**. Other settings can be any arbitrary value.
> [!CAUTION]
> Failure to set *Ignore app version* to **Yes** impacts the ability of the application to receive updates through Microsoft AutoUpdate. See [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md) for additional information about how the product is updated.
![Device status blade screenshot](images/MDATP_8_IntuneAppInfo.png)

9
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
View File

@ -24,6 +24,13 @@ ms.topic: conceptual
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
This topic describes how to deploy Microsoft Defender ATP for Mac through JAMF. A successful deployment requires the completion of all of the following steps:
- [Download installation and onboarding packages](#download-installation-and-onboarding-packages)
- [Create JAMF policies](#create-jamf-policies)
- [Client device setup](#client-device-setup)
- [Deployment](#deployment)
- [Check onboarding status](#check-onboarding-status)
## Prerequisites and system requirements
Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version.
@ -57,7 +64,7 @@ Download the installation and onboarding packages from Windows Defender Security
mavel-macmini:Downloads test$
```
## Create JAMF Policies
## Create JAMF policies
You need to create a configuration profile and a policy to start deploying Microsoft Defender ATP for Mac to client devices.

1
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
View File

@ -35,7 +35,6 @@ If you have any feedback that you would like to share, submit it by opening Micr
### Prerequisites
- Microsoft Defender ATP subscription
- Access to the Microsoft Defender Security Center portal
- Beginner-level experience in macOS and BASH scripting
- Administrative privileges on the device (in case of manual deployment)

2
windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework.md
View File

@ -71,6 +71,6 @@ Security controls which don't support an audit mode should be deployed gradually
Security controls which support an audit mode can be deployed using the following methodology:
1. Audit - enable the control in audit mode, and gasther audit data in a centralized location
1. Audit - enable the control in audit mode, and gather audit data in a centralized location
2. Review - review the audit data to assess potential impact (both positive and negative) and configure any exemptions from the security control you need to configure
3. Enforce - deploy the configuration of any exemptions and convert the control to enforce mode