mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 05:17:22 +00:00
items through 224 reviewed
This commit is contained in:
martyav
parent
3439f327d8
commit
4fad70bde0
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: EnterpriseDataProtection CSP
|
||||
description: The EnterpriseDataProtection configuration service provider (CSP) is used to configure Windows Information Protection (WIP) (formerly known as Enterprise Data Protection) specific settings.
|
||||
description: The EnterpriseDataProtection configuration service provider (CSP) configures Windows Information Protection (formerly, Enterprise Data Protection) settings.
|
||||
ms.assetid: E2D4467F-A154-4C00-9208-7798EF3E25B3
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: NetworkQoSPolicy DDF
|
||||
description: This topic shows the OMA DM device description framework (DDF) for the NetworkQoSPolicy configuration service provider. DDF files are used only with OMA DM provisioning XML.
|
||||
description: View the OMA DM device description framework (DDF) for the NetworkQoSPolicy configuration service provider. DDF files are used only with OMA DM provisioning XML
|
||||
ms.assetid:
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: PassportForWork DDF
|
||||
description: This topic shows the OMA DM device description framework (DDF) for the PassportForWork configuration service provider. DDF files are used only with OMA DM provisioning XML.
|
||||
description: View the OMA DM device description framework (DDF) for the PassportForWork configuration service provider. DDF files are used only with OMA DM provisioning XML.
|
||||
ms.assetid: A2182898-1577-4675-BAE5-2A3A9C2AAC9B
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: SecureAssessment DDF file
|
||||
description: This topic shows the OMA DM device description framework (DDF) for the SecureAssessment configuration service provider. DDF files are used only with OMA DM provisioning XML.
|
||||
description: View the OMA DM device description framework (DDF) for the SecureAssessment configuration service provider. DDF files are used only with OMA DM provisioning XML
|
||||
ms.assetid: 68D17F2A-FAEA-4608-8727-DBEC1D7BE48A
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Set up and test Cortana with Microsoft Dynamics CRM (Preview feature) in your organization (Windows 10)
|
||||
description: How to set up Cortana to help your salespeople get proactive insights on important CRM activities, including sales leads, accounts, and opportunities; presenting the most relevant info at any given time.
|
||||
description: How to set up Cortana to give salespeople insights on important CRM activities, including sales leads, accounts, and opportunities.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
|
||||
@ -1,50 +1,51 @@
|
||||
---
|
||||
title: Configure MDT settings (Windows 10)
|
||||
description: One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities; there is virtually no limitation to what you can do in terms of customization.
|
||||
ms.assetid: d3e1280c-3d1b-4fad-8ac4-b65dc711f122
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
ms.author: greglin
|
||||
keywords: customize, customization, deploy, features, tools
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: medium
|
||||
ms.sitesec: library
|
||||
ms.pagetype: mdt
|
||||
audience: itpro
author: greg-lindsay
|
||||
ms.topic: article
|
||||
---
|
||||
|
||||
# Configure MDT settings
|
||||
|
||||
One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities; there is virtually no limitation to what you can do in terms of customization. In this topic, you learn about configuring customizations for your environment.
|
||||
For the purposes of this topic, we will use four machines: DC01, MDT01, HV01, and PC0001. DC01 is a domain controller, MDT01 is a Windows Server 2012 R2 Standard server, and PC0001 is a Windows 10 Enterprise x64 client used for the MDT simulation environment. OR01 has Microsoft System Center 2012 R2 Orchestrator installed. MDT01, OR01, and PC0001 are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
|
||||
|
||||
|
||||
|
||||
Figure 1. The machines used in this topic.
|
||||
|
||||
## In this section
|
||||
|
||||
- [Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
|
||||
- [Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
|
||||
- [Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
|
||||
- [Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
|
||||
- [Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
|
||||
- [Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
|
||||
- [Use web services in MDT](use-web-services-in-mdt.md)
|
||||
- [Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)
|
||||
|
||||
## Related topics
|
||||
|
||||
[Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
|
||||
|
||||
[Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
|
||||
|
||||
[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
|
||||
|
||||
[Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
|
||||
|
||||
[Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
|
||||
|
||||
[Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
|
||||
---
|
||||
title: Configure MDT settings (Windows 10)
|
||||
description: One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities. Learn how to customize your environment.
|
||||
ms.assetid: d3e1280c-3d1b-4fad-8ac4-b65dc711f122
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
ms.author: greglin
|
||||
keywords: customize, customization, deploy, features, tools
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: medium
|
||||
ms.sitesec: library
|
||||
ms.pagetype: mdt
|
||||
audience: itpro
|
||||
author: greg-lindsay
|
||||
ms.topic: article
|
||||
---
|
||||
|
||||
# Configure MDT settings
|
||||
|
||||
One of the most powerful features in Microsoft Deployment Toolkit (MDT) is its extension capabilities; there is virtually no limitation to what you can do in terms of customization. In this topic, you learn about configuring customizations for your environment.
|
||||
For the purposes of this topic, we will use four machines: DC01, MDT01, HV01, and PC0001. DC01 is a domain controller, MDT01 is a Windows Server 2012 R2 Standard server, and PC0001 is a Windows 10 Enterprise x64 client used for the MDT simulation environment. OR01 has Microsoft System Center 2012 R2 Orchestrator installed. MDT01, OR01, and PC0001 are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md#proof).
|
||||
|
||||
|
||||
|
||||
Figure 1. The machines used in this topic.
|
||||
|
||||
## In this section
|
||||
|
||||
- [Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md)
|
||||
- [Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md)
|
||||
- [Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md)
|
||||
- [Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md)
|
||||
- [Use the MDT database to stage Windows 10 deployment information](use-the-mdt-database-to-stage-windows-10-deployment-information.md)
|
||||
- [Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md)
|
||||
- [Use web services in MDT](use-web-services-in-mdt.md)
|
||||
- [Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md)
|
||||
|
||||
## Related topics
|
||||
|
||||
[Get started with the Microsoft Deployment Toolkit (MDT)](get-started-with-the-microsoft-deployment-toolkit.md)
|
||||
|
||||
[Create a Windows 10 reference image](create-a-windows-10-reference-image.md)
|
||||
|
||||
[Deploy a Windows 10 image using MDT](deploy-a-windows-10-image-using-mdt.md)
|
||||
|
||||
[Build a distributed environment for Windows 10 deployment](build-a-distributed-environment-for-windows-10-deployment.md)
|
||||
|
||||
[Refresh a Windows 7 computer with Windows 10](refresh-a-windows-7-computer-with-windows-10.md)
|
||||
|
||||
[Replace a Windows 7 computer with a Windows 10 computer](replace-a-windows-7-computer-with-a-windows-10-computer.md)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Integrate Configuration Manager with MDT (Windows 10)
|
||||
description: This topic will help you understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy a new or updated version of the Windows operating system.
|
||||
description: Understand the benefits of integrating the Microsoft Deployment Toolkit with Microsoft System Center 2012 R2 Configuration Manager SP1 when you deploy Windows.
|
||||
ms.assetid: 3bd1cf92-81e5-48dc-b874-0f5d9472e5a5
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Prepare for deployment with MDT (Windows 10)
|
||||
description: This topic will walk you through the steps necessary to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT).
|
||||
description: Learn how to create the server structure required to deploy the Windows 10 operating system using the Microsoft Deployment Toolkit (MDT).
|
||||
ms.assetid: 5103c418-0c61-414b-b93c-a8e8207d1226
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Viewing the Events Screen in Compatibility Administrator (Windows 10)
|
||||
description: The Events screen enables you to record and to view your activities in the Compatibility Administrator tool, provided that the screen is open while you perform the activities.
|
||||
description: You can use the Events screen to record and view activities in the Compatibility Administrator tool.
|
||||
ms.assetid: f2b2ada4-1b7b-4558-989d-5b52b40454b3
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Windows 10 deployment scenarios and tools
|
||||
description: To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process.
|
||||
description: Learn about the tools you can use to deploy Windows 10 and related applications to your organization. Explore deployment scenarios.
|
||||
ms.assetid: 0d6cee1f-14c4-4b69-b29a-43b0b327b877
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Understanding and Evaluating Virtual Smart Cards (Windows 10)
|
||||
description: This topic for IT professional provides information about how smart card technology can fit into your authentication design, and provides links to additional topics about virtual smart cards.
|
||||
description: Learn how smart card technology can fit into your authentication design. Find links to additional topics about virtual smart cards.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: BitLocker Upgrading FAQ (Windows 10)
|
||||
description: Learn more about upgrading systems that have BitLocker enabled.
|
||||
description: Learn more about upgrading systems that have BitLocker enabled. Find frequently asked questions, such as, "Can I upgrade to Windows 10 with BitLocker enabled?"
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: explore
|
||||
ms.sitesec: library
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: List of enlightened Microsoft apps for use with Windows Information Protection (WIP) (Windows 10)
|
||||
description: Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your allowed apps list.
|
||||
description: Learn the difference between enlightened and unenlightened apps. Find out which enlightened apps are provided by Microsoft. Learn how to allow-list them.
|
||||
ms.assetid: 17c85ea3-9b66-4b80-b511-8f277cb4345f
|
||||
ms.reviewer:
|
||||
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Detailed Directory Service Replication (Windows 10)
|
||||
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Detailed Directory Service Replication, which determines whether the operating system generates audit events that contain detailed tracking information about data that is replicated between domain controllers.
|
||||
description: The Audit Detailed Directory Service Replication setting decides if audit events contain detailed tracking info about data replicated between domain controllers
|
||||
ms.assetid: 1b89c8f5-bce7-4b20-8701-42585c7ab993
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Group Membership (Windows 10)
|
||||
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Group Membership, which enables you to audit group memberships when they are enumerated on the client PC.
|
||||
description: The advanced security audit policy setting, Audit Group Membership, enables you to audit group memberships when they are enumerated on the client PC.
|
||||
ms.assetid: 1CD7B014-FBD9-44B9-9274-CC5715DE58B9
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Other Logon/Logoff Events (Windows 10)
|
||||
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Other Logon/Logoff Events, which determines whether Windows generates audit events for other logon or logoff events.
|
||||
description: The Advanced Security Audit policy setting, Audit Other Logon/Logoff Events, determines if Windows generates audit events for other logon or logoff events.
|
||||
ms.assetid: 76d987cd-1917-4907-a739-dd642609a458
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced. (Windows 10)
|
||||
description: Describes security event 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced.
|
||||
description: Security event 4952(F) Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall.
|
||||
ms.pagetype: security
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: File System (Global Object Access Auditing) (Windows 10)
|
||||
description: This topic for the IT professional describes the Advanced Security Audit policy setting, File System (Global Object Access Auditing), which enables you to configure a global system access control list (SACL) on the file system for an entire computer.
|
||||
description: The policy setting, File System (Global Object Access Auditing), enables you to configure a global system access control list (SACL) for an entire computer.
|
||||
ms.assetid: 4f215d61-0e23-46e4-9e58-08511105d25b
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Using advanced security auditing options to monitor dynamic access control objects (Windows 10)
|
||||
description: This guide explains the process of setting up advanced security auditing capabilities that are made possible through settings and events that were introduced in Windows 8 and Windows Server 2012.
|
||||
description: Domain admins can set up advanced security audit options in Windows 10 to target specific users, or monitor potentially significant activity on multiple devices
|
||||
ms.assetid: 0d2c28ea-bdaf-47fd-bca2-a07dce5fed37
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: DCOM Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax (Windows 10)
|
||||
description: Describes the best practices, location, values, and security considerations for the DCOM Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax security policy setting.
|
||||
description: Best practices and more for the security policy setting, DCOM Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax.
|
||||
ms.assetid: 4b95d45f-dd62-4c34-ba32-43954528dabe
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Domain member Digitally sign secure channel data (when possible) (Windows 10)
|
||||
description: Describes the best practices, location, values, and security considerations for the Domain member Digitally sign secure channel data (when possible) security policy setting.
|
||||
description: Best practices, location, values, and security considerations for the security policy setting, Domain member Digitally sign secure channel data (when possible).
|
||||
ms.assetid: a643e491-4f45-40ea-b12c-4dbe47e54f34
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Maximum tolerance for computer clock synchronization (Windows 10)
|
||||
description: Describes the best practices, location, values, policy management, and security considerations for the Maximum tolerance for computer clock synchronization security policy setting.
|
||||
description: Best practices, location, values, policy management, and security considerations for the policy setting, Maximum tolerance for computer clock synchronization.
|
||||
ms.assetid: ba2cf59e-d69d-469e-95e3-8e6a0ba643af
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Network access Remotely accessible registry paths (Windows 10)
|
||||
description: Describes the best practices, location, values, policy management and security considerations for the Network access Remotely accessible registry paths security policy setting.
|
||||
description: Best practices, location, values, policy management and security considerations for the policy setting, Network access Remotely accessible registry paths.
|
||||
ms.assetid: 977f86ea-864f-4f1b-9756-22220efce0bd
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Network security Restrict NTLM Add server exceptions in this domain (Windows 10)
|
||||
description: Describes the best practices, location, values, management aspects, and security considerations for the Network security Restrict NTLM Add server exceptions in this domain security policy setting.
|
||||
description: Best practices, security considerations, and more for the security policy setting, Network security Restrict NTLM Add server exceptions in this domain.
|
||||
ms.assetid: 2f981b68-6aa7-4dd9-b53d-d88551277cc0
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: SMB v1 Microsoft network server Digitally sign communications (always) (Windows 10)
|
||||
description: For SMB v1 only, describes the best practices, location, values, policy management and security considerations for the Microsoft network server Digitally sign communications (always) security policy setting.
|
||||
description: Best practices, security considerations, and more for the security policy setting, Microsoft network server Digitally sign communications (always).
|
||||
ms.assetid: 2007b622-7bc2-44e8-9cf1-d34b62117ea8
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: SMBv1 Microsoft network server Digitally sign communications (if client agrees) (Windows 10)
|
||||
description: For SMBv1 only, describes the best practices, location, values, policy management and security considerations for the Microsoft network server Digitally sign communications (if client agrees) security policy setting.
|
||||
description: Best practices, security considerations and more for the security policy setting, Microsoft network server Digitally sign communications (if client agrees).
|
||||
ms.assetid: c92b2e3d-1dbf-4337-a145-b17a585f4fc1
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: User Account Control Behavior of the elevation prompt for administrators in Admin Approval Mode (Windows 10)
|
||||
description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Behavior of the elevation prompt for administrators in Admin Approval Mode security policy setting.
|
||||
description: Best practices and more for the security policy setting, User Account Control Behavior of the elevation prompt for administrators in Admin Approval Mode.
|
||||
ms.assetid: 46a3c3a2-1d2e-4a6f-b5e6-29f9592f535d
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: User Account Control Only elevate executables that are signed and validated (Windows 10)
|
||||
description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Only elevate executables that are signed and validated security policy setting.
|
||||
description: Best practices, security considerations, and more for the security policy setting, User Account Control Only elevate executables that are signed and validated.
|
||||
ms.assetid: 64950a95-6985-4db6-9905-1db18557352d
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Determine your application control objectives (Windows 10)
|
||||
description: This topic helps you with the decisions you need to make to determine what applications to control and how to control them by comparing Software Restriction Policies (SRP) and AppLocker.
|
||||
description: Determine which applications to control and how to control them by comparing Software Restriction Policies (SRP) and AppLocker.
|
||||
ms.assetid: 0e84003e-6095-46fb-8c4e-2065869bb53b
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Planning and getting started on the Windows Defender Application Control deployment process (Windows 10)
|
||||
description: Learn how to gather information, create a plan, and begin to create and test initial code integrity policies for your Windows Defender Application Control deployment.
|
||||
description: Learn how to gather information, create a plan, and begin to test initial code integrity policies for a Windows Defender Application Control deployment.
|
||||
keywords: whitelisting, security, malware
|
||||
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
|
||||
ms.prod: w10
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user