- As requested in issue ticket #9449
(**<strong> tags causing issue in localized articles**),
this Pull Request aims to remove HTML tags known to cause layout and
readability issues in the MS Docs document pages, Frame Overflow being
a frequent and obvious layout-breaking issue in translated articles.
Changes proposed:
- Replace HTML tag <strong> </strong> with its MD equivalent ** **
- Replace single asterisk * with underscore _ (when combined with **)
- Simplify usage of bold formatting (** **) to only the outer pair
- Replace HTML tag <em> </em> with MarkDown underscore _ _
Whitespace changes:
- Remove redundant end-of-line (EOL) blanks (trailing space)
- Normalize spacing in numbered lists and bullet point lists to 1 space
- Replace end-of-file (EOF) consecutive blank lines with 1 NewLine
- Normalize layout spacing in MarkDown tables (consistency)
- Normalize layout to 1 blank line after H2, H3, H4 headings
- Allow up to 2 blank lines spacing (not 3 or more), ex. H1 page title
Closes#9449
Rest of the nodes in the DiagnosticLog CSP are described within their respective feature area sections.
@ -68,18 +70,18 @@ Rest of the nodes in the DiagnosticLog CSP are described within their respective
The DiagnosticArchive functionality within the DiagnosticLog CSP is used to trigger devices to gather troubleshooting data into a zip archive file and upload that archive to cloud storage. DiagnosticArchive is designed for ad-hoc troubleshooting scenarios, such as an IT admin investigating an app installation failure using a collection of event log events, registry values, and app or OS log files.
> [!Note]
> [!NOTE]
> DiagnosticArchive is a "break glass" backstop option for device troubleshooting. Diagnostic data such as log files can grow to many gigabytes. Gathering, transferring, and storing large amounts of data may burden the user's device, the network and cloud storage. Management servers invoking DiagnosticArchive must take care to minimize data gathering frequency and scope.
The following section describes the nodes for the DiagnosticArchive functionality.
Added in version 1.4 of the CSP in Windows 10, version 1903.
The supported operations are Add and Execute.
@ -87,7 +89,7 @@ The data type is string.
Expected value:
Set and Execute are functionality equivalent, and each accepts a `Collection` XML snippet (as a string) describing what data to gather and where to upload it. The results are zipped and uploaded to the specified SasUrl. The zipped filename format is "DiagLogs-{ComputerName}-YYYYMMDDTHHMMSSZ.zip".
The following is an example of a `Collection` XML.
``` xml
@ -107,16 +109,16 @@ The following is an example of a `Collection` XML.
```
The XML should include the following elements within the `Collection` element:
**ID**
**ID**
The ID value uniquely identifies this data-gathering request. To avoid accidental repetition of data gathering, the CSP ignores subsequent Set or Execute invocations with the same ID value. The CSP expects the value to be populated when the request is received, so it must be generated by the IT admin or the management server.
**SasUrl**
**SasUrl**
The SasUrl value is the target URI to which the CSP uploads the zip file containing the gathered data. It is the responsibility of the management server to provision storage in such a way that the storage server accepts the device's HTTP PUT to this URL. For example, the device management service could:
- Provision cloud storage reachable by the target device, such as a Microsoft Azure blob storage container
- Generate a Shared Access Signature URL granting the possessor (the target device) time-limited write access to the storage container
- Pass this value to the CSP on the target device through the `Collection` XML as the `SasUrl` value.
- Pass this value to the CSP on the target device through the `Collection` XML as the `SasUrl` value.
**One or more data gathering directives, which may include any of the following:**
**One or more data gathering directives, which may include any of the following:**
- **RegistryKey**
- Exports all of the key names and values under a given path (recursive).
@ -133,53 +135,53 @@ The SasUrl value is the target URI to which the CSP uploads the zip file contain
- This directive type allows the execution of specific commands such as ipconfig.exe. Note that DiagnosticArchive and the Commands directives are not a general-purpose scripting platform. These commands are allowed in the DiagnosticArchive context to handle cases where critical device information may not be available through existing log files.
- Expected input value: The full command line including path and any arguments, such as `%windir%\\system32\\ipconfig.exe /all`.
- Output format: Console text output from the command is captured in a text file and included in the overall output archive. For commands which may generate file output rather than console output, a subsequent FolderFiles directive would be used to capture that output. The example XML above demonstrates this pattern with mdmdiagnosticstool.exe's -out parameter.
- Privacy guardrails: To enable diagnostic data capture while reducing the risk of an IT admin inadvertently capturing user-generated documents, only the following commands are allowed:
- %windir%\\system32\\certutil.exe
- %windir%\\system32\\dxdiag.exe
- %windir%\\system32\\gpresult.exe
- %windir%\\system32\\msinfo32.exe
- %windir%\\system32\\netsh.exe
- %windir%\\system32\\nltest.exe
- %windir%\\system32\\ping.exe
- %windir%\\system32\\powercfg.exe
- %windir%\\system32\\w32tm.exe
- %windir%\\system32\\wpr.exe
- %windir%\\system32\\dsregcmd.exe
- %windir%\\system32\\dispdiag.exe
- %windir%\\system32\\ipconfig.exe
- %windir%\\system32\\logman.exe
- %windir%\\system32\\tracelog.exe
- %programfiles%\\windows defender\\mpcmdrun.exe
- %windir%\\system32\\MdmDiagnosticsTool.exe
- %windir%\\system32\\pnputil.exe
- Privacy guardrails: To enable diagnostic data capture while reducing the risk of an IT admin inadvertently capturing user-generated documents, only the following commands are allowed:
- %windir%\\system32\\certutil.exe
- %windir%\\system32\\dxdiag.exe
- %windir%\\system32\\gpresult.exe
- %windir%\\system32\\msinfo32.exe
- %windir%\\system32\\netsh.exe
- %windir%\\system32\\nltest.exe
- %windir%\\system32\\ping.exe
- %windir%\\system32\\powercfg.exe
- %windir%\\system32\\w32tm.exe
- %windir%\\system32\\wpr.exe
- %windir%\\system32\\dsregcmd.exe
- %windir%\\system32\\dispdiag.exe
- %windir%\\system32\\ipconfig.exe
- %windir%\\system32\\logman.exe
- %windir%\\system32\\tracelog.exe
- %programfiles%\\windows defender\\mpcmdrun.exe
- %windir%\\system32\\MdmDiagnosticsTool.exe
- %windir%\\system32\\pnputil.exe
- **FoldersFiles**
- Captures log files from a given path (without recursion).
- Expected input value: File path with or without wildcards, such as "%windir%\\System32", or "%programfiles%\\*.log".
- Privacy guardrails: To enable diagnostic log capture while reducing the risk of an IT admin inadvertently capturing user-generated documents, only paths under the following roots are allowed:
- %PROGRAMFILES%
- %PROGRAMDATA%
- %PUBLIC%
- %WINDIR%
- %TEMP%
- %TMP%
- Additionally, only files with the following extensions are captured:
- .log
- .txt
- .dmp
- .cab
- .zip
- .xml
- .html
- .evtx
- .etl
- Privacy guardrails: To enable diagnostic log capture while reducing the risk of an IT admin inadvertently capturing user-generated documents, only paths under the following roots are allowed:
- %PROGRAMFILES%
- %PROGRAMDATA%
- %PUBLIC%
- %WINDIR%
- %TEMP%
- %TMP%
- Additionally, only files with the following extensions are captured:
Added in version 1.4 of the CSP in Windows 10, version 1903. This policy setting displays the results of the last archive run.
The supported operation is Get.
The data type is string.
The data type is string.
A Get to the above URI will return the results of the data gathering for the last diagnostics request. For the example above it returns:
@ -230,6 +232,7 @@ A Get to the above URI will return the results of the data gathering for the las
Each data gathering node is annotated with the HRESULT of the action and the collection is also annotated with an overall HRESULT. In this example, note that the mdmdiagnosticstool.exe command failed.
### Making use of the uploaded data
The zip archive which is created and uploaded by the CSP contains a folder structure like the following:
```powershell
@ -313,7 +316,7 @@ foreach( $element in $resultElements )
That example script produces a set of files similar to the following, which can be a useful view for an administrator interactively browsing the results without needing to navigate any sub-folders or refer to `results.xml` repeatedly:
@ -341,17 +344,17 @@ The Policy functionality within the DiagnosticLog CSP configures Windows event l
The following section describes the nodes for the Policy functionality.
<a href="" id="policy"></a>**Policy**
<a href="" id="policy"></a>**Policy**
Added in version 1.4 of the CSP in Windows 10, version 1903. Root node to control settings for channels in Event Log.
Added in version 1.4 of the CSP in Windows 10, version 1903. Dynamic node to represent a registered channel. The node name must be a valid Windows event log channel name, such as ``Microsoft-Client-Licensing-Platform%2FAdmin``. When specifying the name in the LocURI, it must be URL encoded, otherwise it may unexpectedly translate into a different URI.
Added in version 1.4 of the CSP in Windows 10, version 1903. This policy setting controls Event Log behavior when the log file reaches its maximum size.
Added in version 1.4 of the CSP in Windows 10, version 1903. This policy setting controls Event Log behavior when the log file reaches its maximum size.
Supported operations are Add, Delete, Get, and Replace.
The data type is string.
The following are the possible values:
The following are the possible values:
- Truncate — When the log file reaches its maximum file size, new events are not written to the log and are lost.
- Overwrite — When the log file reaches its maximum file size, new events overwrite old events.
- Archive — When the log file reaches its maximum size, the log file is saved to the location specified by the "Archive Location" policy setting. If archive location value is not set, the new file is saved in the same directory as current log file.
Added in version 1.4 of the CSP in Windows 10, version 1903. This policy setting specifies whether the channel should be enabled or disabled.
Supported operations are Add, Delete, Get, and Replace.
The data type is boolean.
The following are the possible values:
The following are the possible values:
- TRUE — Enables the channel.
- FALSE — Disables the channel.
@ -828,22 +831,22 @@ The DiagnosticLog CSP maintains a log file for each collector node and the log f
For each collector node, the user can:
- Start or stop the session with all registered and enabled providers
- Query session status
- Change trace log file mode
- Change trace log file size limit
- Start or stop the session with all registered and enabled providers
- Query session status
- Change trace log file mode
- Change trace log file size limit
The configurations log file mode and log file size limit does not take effect while trace session is in progress. These are applied when user stops the current session and then starts it again for this collector.
For each registered provider in this collector, the user can:
- Specify keywords to filter events from this provider
- Change trace level to filter events from this provider
- Enable or disable the provider in the trace session
- Specify keywords to filter events from this provider
- Change trace level to filter events from this provider
- Enable or disable the provider in the trace session
The changes on **State**, **Keywords**, and **TraceLevel** takes effect immediately while trace session is in progress.
> [!Note]
> [!NOTE]
>Microsoft-WindowsPhone-Enterprise-Diagnostics-Provider (GUID - 3da494e4-0fe2-415C-b895-fb5265c5c83b) has the required debug resource files built into Windows OS, which will allow the logs files to be decoded on the remote machine. Any other logs may not have the debug resources required to decode.
### Channel-based tracing
@ -864,34 +867,34 @@ For more information about using DiagnosticLog to collect logs remotely from a P
To gather diagnostics using this CSP:
1. Specify a *CollectorName* for the container of the target ETW providers.
2. (Optional) Set logging and log file parameters using the following options:
1. Specify a *CollectorName* for the container of the target ETW providers.
2. (Optional) Set logging and log file parameters using the following options:
3. Indicate one or more target ETW providers by supplying its *ProviderGUID* to the Add operation of EtwLog/Collectors/*CollectorName*/Providers/*ProviderGUID*.
4. (Optional) Set logging and log file parameters using the following options:
3. Indicate one or more target ETW providers by supplying its *ProviderGUID* to the Add operation of EtwLog/Collectors/*CollectorName*/Providers/*ProviderGUID*.
4. (Optional) Set logging and log file parameters using the following options:
@ -961,11 +964,11 @@ Supported operations are Get and Replace.
The following table lists the possible values:
| Value | Description |
|-------|--------------------|
|----- | ------------------|
| EVENT_TRACE_FILE_MODE_SEQUENTIAL (0x00000001) | Writes events to a log file sequentially; stops when the file reaches its maximum size. |
| EVENT_TRACE_FILE_MODE_CIRCULAR (0x00000002) | Writes events to a log file. After the file reaches the maximum size, the oldest events are replaced with incoming events. |
| EVENT_TRACE_FILE_MODE_CIRCULAR (0x00000002) | Writes events to a log file. After the file reaches the maximum size, the oldest events are replaced with incoming events. |
Dynamic nodes to represent active provider configuration per provider GUID.
> [!Note]
> [!NOTE]
> Microsoft-WindowsPhone-Enterprise-Diagnostics-Provider (GUID - 3da494e4-0fe2-415C-b895-fb5265c5c83b) has the required debug resource files built into Windows OS, which will allow the logs files to be decoded on the remote machine. Any other logs may not have the debug resources required to decode.
Dynamic nodes to represent a registered channel. The node name must be a valid Windows event log channel name, such as "Microsoft-Client-Licensing-Platform%2FAdmin"
Added in version 1.3 of the CSP in Windows10, version 1607. Triggers the snapping of device management state data with SNAP.
The supported value is Execute.
@ -1418,9 +1421,11 @@ The supported value is Execute.
```
## FileDownload area
The FileDownload feature of the DiagnosticLog CSP enables a management server to pull data directly from the device. In the FileDownload context the client and server roles are conceptually reversed, with the management server acting as a client to download the data from the managed device.
### Comparing FileDownload and DiagnosticArchive
Both the FileDownload and DiagnosticArchive features can be used to get data from the device to the management server, but they are optimized for different workflows.
- FileDownload enables the management server to directly pull byte-level trace data from the managed device. The data transfer takes place through the existing OMA-DM/SyncML context. It is typically used together with the EtwLogs feature as part of an advanced monitoring or diagnostic flow. FileDownlod requires granular orchestration by the management server, but avoids the need for dedicated cloud storage.
@ -1428,16 +1433,16 @@ Both the FileDownload and DiagnosticArchive features can be used to get data fro
The following section describes the nodes for the FileDownload functionality.
<a href="" id="filedownload"></a>**FileDownload**
<a href="" id="filedownload"></a>**FileDownload**
Node to contain child nodes for log file transportation protocols and corresponding actions.
Unique identifier for the enrollment. For bulk enrollment, this must a service account that is allowed to enroll multiple users. Example, "generic-device@contoso.com"
The PROXY configuration service provider is used to configure proxy connections.
> **Note**Use [CM\_ProxyEntries CSP](cm-proxyentries-csp.md) instead of PROXY CSP, which will be deprecated in a future release.
> [!NOTE]
> Use [CM\_ProxyEntries CSP](cm-proxyentries-csp.md) instead of PROXY CSP, which will be deprecated in a future release.
This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
For the PROXY CSP, you cannot use the Replace command unless the node already exists.
The following shows the PROXY configuration service provider management object in tree format as used by OMA DM. The OMA Client Provisioning protocol is not supported by this configuration service provider.
It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two proxy connections, use "PROXY0" and "PROXY1" as the element names. Any unique name can be used if desired (such as "GPRS-NAP"), but no spaces may appear in the name (use %20 instead).
The addition, update, and deletion of this sub-tree of nodes have be specified in a single atomic transaction.
It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two ports, use "PORT0" and "PORT1" as the element names.
It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two services, use "SERVICE0" and "SERVICE1" as the element names.
It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two connection references, use "CONREF0" and "CONREF1" as the element names.
The Update configuration service provider enables IT administrators to manage and control the rollout of new updates.
> [!Note]
> The Update CSP functionality of 'AprrovedUpdates' is not recommended for managing desktop devices. To manage updates to desktop devices from Windows Update, see the [Policy CSP - Updates](policy-csp-update.md) documentation for the recommended policies.
> [!NOTE]
> The Update CSP functionality of 'AprrovedUpdates' is not recommended for managing desktop devices. To manage updates to desktop devices from Windows Update, see the [Policy CSP - Updates](policy-csp-update.md) documentation for the recommended policies.
The following shows the Update configuration service provider in tree format.
```./Vendor/MSFT
Update
```
./Vendor/MSFT/Update
----ApprovedUpdates
--------Approved Update Guid
------------ApprovedTime
@ -50,7 +50,8 @@ Update
--------QualityUpdateStatus
--------FeatureUpdateStatus
```
<a href="" id="update"></a>**Update**
<ahref=""id="update"></a>**./Vendor/MSFT/Update**
<pstyle="margin-left: 20px">The root node.
<pstyle="margin-left: 20px">Supported operation is Get.
@ -70,7 +71,7 @@ Update
<pstyle="margin-left: 20px">Supported operations are Get and Add.
<pstyle="margin-left: 20px">Specifies the update GUID.
<pstyle="margin-left: 20px">To auto-approve a class of updates, you can specify the <ahref="/previous-versions/windows/desktop/ff357803(v=vs.85)"data-raw-source="[Update Classifications](/previous-versions/windows/desktop/ff357803(v=vs.85))">Update Classifications</a> GUIDs. We strongly recommend to always specify the DefinitionsUpdates classification (E0789628-CE08-4437-BE74-2495B842F43B), which are used for anti-malware signatures. There are released periodically (several times a day). Some businesses may also want to auto-approve security updates to get them deployed quickly.
@ -93,7 +94,7 @@ Update
<pstyle="margin-left: 20px">Supported operation is Get.
The Win32AppInventory configuration service provider is used to provide an inventory of installed applications on a device.
The following shows the Win32AppInventory configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
A GUID that identifies an MSI package. Multiple products can make up a single package.
The supported operation is Get.
## Related topics
[Configuration service provider reference](configuration-service-provider-reference.md)
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
illfated