Merge pull request #2143 from MicrosoftDocs/master

Publish 2/25/2020 3:32 PM PST
2025-05-15 06:47:21 +00:00 · 2020-02-25 17:42:55 -06:00 · 2020-02-25 17:42:55 -06:00 · 6678103bdd
commit 6678103bdd
parent cab2c69e97 61dd5723f3
7 changed files with 98 additions and 51 deletions
--- a/devices/hololens/hololens-FAQ.md
+++ b/devices/hololens/hololens-FAQ.md
@ -44,6 +44,7 @@ This FAQ addresses the following questions and issues:
 - [I can't connect to Wi-Fi](#i-cant-connect-to-wi-fi)
 - [My HoloLens isn't running well, is unresponsive, or won't start](#my-hololens-isnt-running-well-is-unresponsive-or-wont-start)
 - [HoloLens Management Questions](#hololens-management-questions)
+- [HoloLens Security Questions](#hololens-security-questions)
 - [How do I delete all spaces?](#how-do-i-delete-all-spaces)
 - [I cannot find or use the keyboard to type in the HoloLens 2 Emulator](#i-cannot-find-or-use-the-keyboard-to-type-in-the-hololens-2-emulator)
 - [I can't log in to a HoloLens because it was previously set up for someone else](#i-cant-log-in-to-a-hololens-because-it-was-previously-set-up-for-someone-else)
@ -230,6 +231,14 @@ If your device was previously set up for someone else, either a client or former
 1. **What logging capabilities are available on HL1 and HL2?**
    1. Logging is limited to traces captured in developer/troubleshooting scenarios or telemetry sent to Microsoft servers.

+[Back to list](#list)
+
+## HoloLens Security Questions
+
+Frequently asked security questions can be found [here](hololens-faq-security.md).
+
+[Back to list](#list)
+
 ## How do I delete all spaces?

 *Coming soon*
@ -241,4 +250,3 @@ If your device was previously set up for someone else, either a client or former
 *Coming soon*

 [Back to list](#list)
-
--- a/devices/hololens/hololens-commercial-infrastructure.md
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@ -163,6 +163,8 @@ Directions for upgrading to the commercial suite can be found [here](https://doc
 1. Check your app settings
    1. Log into your Microsoft Store Business account
    1. **Manage > Products and Services > Apps and Software > Select the app you want to sync > Private Store Availability > Select “Everyone” or “Specific Groups”**
+        >[!NOTE]
+        >If you don't see the app you want, you will have to "get" the app by searching the store for your app. **Click the "Search" bar in the upper right-hand corner > type in the name of the app > click on the app > select "Get"**.
    1. If you do not see your apps in **Intune > Client Apps > Apps** , you may have to [sync your apps](https://docs.microsoft.com/intune/apps/windows-store-for-business#synchronize-apps) again.

 1. [Create a device profile for Kiosk mode](https://docs.microsoft.com/intune/configuration/kiosk-settings#create-the-profile)
--- a/devices/hololens/hololens-requirements.md
+++ b/devices/hololens/hololens-requirements.md
@ -33,6 +33,14 @@ This document also assumes that the HoloLens has been evaluated by security team

 Before deploying the HoloLens in your environment, it is important to first determine what features, apps, and type of identities are needed. It is also important to ensure that your security team has approved of the use of the HoloLens on the company's network. Please see [Frequently ask security questions](hololens-faq-security.md) for additional security information.

+### Type of identity
+
+Determine the type of identity that will be used to sign into the device.
+
+1. **Local Accounts:** This account is local to the device (like a local admin account on a windows PC). This will allow only 1 user to log into the device.
+2. **MSA:** This is a personal account (like outlook, hotmail, gmail, yahoo, etc.) This will allow only 1 user to log into the device.
+3. **Azure Active Directory (Azure AD) accounts:** This is an account created in Azure AD. This grants your corporation the ability to manage the HoloLens device. This will allow multiple users to log into the HoloLens 1st Gen Commercial Suite/the HoloLens 2 device.
+
 ### Type of Features

 Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features.md).
@ -66,18 +74,10 @@ The majority of the steps found in this document will also apply to the followin
 2. Guides
 3. Customer Apps

-### Type of identity
-
-Determine the type of identity that will be used to sign into the device.
-
-1. **Local Accounts:** This account is local to the device (like a local admin account on a windows PC). This will allow only 1 user to log into the device.
-2. **MSA:** This is a personal account (like outlook, hotmail, gmail, yahoo, etc.) This will allow only 1 user to log into the device.
-3. **Azure Active Directory (Azure AD) accounts:** This is an account created in Azure AD. This grants your corporation the ability to manage the HoloLens device. This will allow multiple users to log into the HoloLens 1st Gen Commercial Suite/the HoloLens 2 device.
-
 ### Determine your enrollment method

 1. Bulk enrollment with a security token in a provisioning package.  
-  Pros: this is the most automated approach  
+  Pros: this is the most automated approach\
  Cons: takes initial server-side setup  
 1. Auto-enroll on user sign in.  
  Pros: easiest approach  
--- a/windows/client-management/troubleshoot-stop-error-on-broadcom-driver-update.md
+++ b/windows/client-management/troubleshoot-stop-error-on-broadcom-driver-update.md
@ -23,7 +23,7 @@ This issue affects computers that meet the following criteria:
 - The network adapter is a Broadcom NX1 Gigabit Ethernet network adapter.
 - The number of logical processors is large (for example, a computer that has more than 38 logical processors).

-On such a computer, when you update the in-box Broadcom network adapter driver to a later version, the computer experiences a Stop error (also known as a blue screen error or bug check error).
+On such a computer, when you update the in-box Broadcom network adapter driver to a later version or when you install the Intel chipset driver, the computer experiences a Stop error (also known as a blue screen error or bug check error).

 ## Cause

--- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
@ -24,7 +24,7 @@ ms.topic: conceptual

 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux](microsoft-defender-atp-linux.md)

-This topic describes how to deploy Microsoft Defender ATP for Linux manually. A successful deployment requires the completion of all of the following tasks:
+This article describes how to deploy Microsoft Defender ATP for Linux manually. A successful deployment requires the completion of all of the following tasks:

 - [Configure the Linux software repository](#configure-the-linux-software-repository)
 - [Application installation](#application-installation)
@ -33,7 +33,7 @@ This topic describes how to deploy Microsoft Defender ATP for Linux manually. A

 ## Prerequisites and system requirements

-Before you get started, see [the main Microsoft Defender ATP for Linux page](microsoft-defender-atp-linux.md) for a description of prerequisites and system requirements for the current software version.
+Before you get started, see [Microsoft Defender ATP for Linux](microsoft-defender-atp-linux.md) for a description of prerequisites and system requirements for the current software version.

 ## Configure the Linux software repository

@ -53,26 +53,29 @@ In order to preview new features and provide early feedback, it is recommended t
    > In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”.

    ```bash
-    $ sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/[distro]/[version]/[channel].repo 
+    sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/[distro]/[version]/[channel].repo 
    ```

    For example, if you are running CentOS 7 and wish to deploy MDATP for Linux from the *insider-fast* channel:  

    ```bash
-    $ sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/centos/7/insiders-fast.repo 
+    sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/centos/7/insiders-fast.repo 
    ```

 - Install the Microsoft GPG public key:

    ```bash
-    $ curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc
-    $ sudo rpm --import microsoft.asc
+    curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc
+    ```
+    
+    ```bash
+    sudo rpm --import microsoft.asc
    ```

 - Download and make usable all the metadata for the currently enabled yum repositories: 

    ```bash
-    $ yum makecache
+    yum makecache
    ```

 ### SLES and variants
@ -82,20 +85,23 @@ In order to preview new features and provide early feedback, it is recommended t
    In the following commands, replace *[distro]* and *[version]* with the information you've identified:

    ```bash
-    $ sudo zypper addrepo -c -f -n microsoft-[channel] https://packages.microsoft.com/config/[distro]/[version]/[channel].repo 
+    sudo zypper addrepo -c -f -n microsoft-[channel] https://packages.microsoft.com/config/[distro]/[version]/[channel].repo 
    ```

    For example, if you are running SLES 12 and wish to deploy MDATP for Linux from the *insider-fast* channel:  

    ```bash
-    $ sudo zypper addrepo -c -f -n microsoft-insiders-fast https://packages.microsoft.com/config/sles/12/insiders-fast.repo
+    sudo zypper addrepo -c -f -n microsoft-insiders-fast https://packages.microsoft.com/config/sles/12/insiders-fast.repo
    ```

 - Install the Microsoft GPG public key:

    ```bash
-    $ curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc
-    $ rpm --import microsoft.asc
+    curl https://packages.microsoft.com/keys/microsoft.asc > microsoft.asc
+    ```
+    
+    ```bash
+    rpm --import microsoft.asc
    ```

 ### Ubuntu and Debian systems
@ -103,7 +109,7 @@ In order to preview new features and provide early feedback, it is recommended t
 - Install `curl` if it is not already installed:

    ```bash
-    $ sudo apt-get install curl
+    sudo apt-get install curl
    ```

 - Note your distribution and version, and identify the closest entry for it under `https://packages.microsoft.com/config`.
@ -111,45 +117,48 @@ In order to preview new features and provide early feedback, it is recommended t
    In the below command, replace *[distro]* and *[version]* with the information you've identified:

    ```bash
-    $ curl -o microsoft.list https://packages.microsoft.com/config/[distro]/[version]/[channel].list
+    curl -o microsoft.list https://packages.microsoft.com/config/[distro]/[version]/[channel].list
    ```

    For example, if you are running Ubuntu 18.04 and wish to deploy MDATP for Linux from the *insider-fast* channel:

    ```bash
-    $ curl -o microsoft.list https://packages.microsoft.com/config/ubuntu/18.04/insiders-fast.list 
+    curl -o microsoft.list https://packages.microsoft.com/config/ubuntu/18.04/insiders-fast.list 
    ```

 - Install the repository configuration:

    ```bash
-    $ sudo mv ./microsoft.list /etc/apt/sources.list.d/microsoft-[channel].list
+    sudo mv ./microsoft.list /etc/apt/sources.list.d/microsoft-[channel].list
    ```

 - Install the gpg package if not already installed:

    ```bash
-    $ sudo apt-get install gpg
+    sudo apt-get install gpg
    ```

 - Install the Microsoft GPG public key:

    ```bash
-    $ curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
-    $ sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/
+    curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
+    ```
+    
+    ```bash
+    sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/

    ```

 - Install the https driver if it's not already present:

    ```bash
-    $ sudo apt-get install apt-transport-https
+    sudo apt-get install apt-transport-https
    ```

 - Update the repository metadata:

    ```bash
-    $ sudo apt-get update
+    sudo apt-get update
    ```

 ## Application installation
@ -186,11 +195,11 @@ Download the onboarding package from Microsoft Defender Security Center:
    Extract the contents of the archive:
  
    ```bash
-    $ ls -l
+    ls -l
    total 8
    -rw-r--r-- 1 test  staff  5752 Feb 18 11:22 WindowsDefenderATPOnboardingPackage.zip

-    $ unzip WindowsDefenderATPOnboardingPackage.zip
+    unzip WindowsDefenderATPOnboardingPackage.zip
    Archive:  WindowsDefenderATPOnboardingPackage.zip
    inflating: WindowsDefenderATPOnboarding.py
    ```
@ -202,26 +211,26 @@ Download the onboarding package from Microsoft Defender Security Center:
    Initially the client machine is not associated with an organization. Note that the *orgId* attribute is blank:

    ```bash
-    $ mdatp --health orgId
+    mdatp --health orgId
    ```

 2. Run WindowsDefenderATPOnboarding.py, and note that, in order to run this command, you must have `python` installed on the device:

    ```bash
-    $ python WindowsDefenderATPOnboarding.py
+    python WindowsDefenderATPOnboarding.py
    ```

 3. Verify that the machine is now associated with your organization and reports a valid organization identifier:

    ```bash
-    $ mdatp --health orgId
+    mdatp --health orgId
    [your organization identifier]
    ```

 4. A few minutes after you complete the installation, you can see the status by running the following command. A return value of `1` denotes that the product is functioning as expected:

    ```bash
-    $ mdatp --health healthy
+    mdatp --health healthy
    1
    ```

@ -230,20 +239,20 @@ Download the onboarding package from Microsoft Defender Security Center:
    - Ensure that real-time protection is enabled (denoted by a result of `1` from running the following command):

        ```bash
-    $ mdatp --health realTimeProtectionEnabled
+        mdatp --health realTimeProtectionEnabled
        1
        ```

    - Open a Terminal window. Copy and execute the following command:

        ``` bash
-    $ curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
+        curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
        ```

    - The file should have been quarantined by Microsoft Defender ATP for Linux. Use the following command to list all the detected threats:

        ```bash
-    $ mdatp --threat --list --pretty
+        mdatp --threat --list --pretty
        ```

 ## Log installation issues
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
@ -24,7 +24,7 @@ ms.topic: conceptual
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)

 >[!IMPORTANT]
->This article contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise organizations. To configure Microsoft Defender ATP for Mac using the command-line interface, see the [Resources](mac-resources.md#configuring-from-the-command-line) page.
+>This article contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise organizations. To configure Microsoft Defender ATP for Mac using the command-line interface, see [Resources](mac-resources.md#configuring-from-the-command-line).

 ## Summary

@ -325,6 +325,8 @@ Specify whether to enable EDR early preview features.

 Specify a tag name and its value. 

+- The GROUP tag, tags the machine with the specified value. The tag is reflected in the portal under the machine page and can be used for filtering and grouping machines.
+
 |||
 |:---|:---|
 | **Domain** | `com.microsoft.wdav` |
@ -569,6 +571,18 @@ The following configuration profile contains entries for all settings described
        <key>automaticSampleSubmission</key>
        <true/>
    </dict>
+    <key>edr</key>
+    <dict>
+        <key>tags</key>
+        <array>
+            <dict>
+                <key>key</key>
+                <string>GROUP</string>
+                <key>value</key>
+                <string>ExampleTag</string>
+            </dict>
+        </array>
+    </dict>
    <key>userInterface</key>
    <dict>
        <key>hideStatusMenuIcon</key>
@ -695,6 +709,18 @@ The following configuration profile contains entries for all settings described
                    <key>automaticSampleSubmission</key>
                    <true/>
                </dict>
+                <key>edr</key>
+                <dict>
+                    <key>tags</key>
+                    <array>
+                        <dict>
+                            <key>key</key>
+                            <string>GROUP</string>
+                            <key>value</key>
+                            <string>ExampleTag</string>
+                        </dict>
+                    </array>
+                </dict>
                <key>userInterface</key>
                <dict>
                    <key>hideStatusMenuIcon</key>
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
@ -26,6 +26,8 @@ This topic describes how to install, configure, update, and use Microsoft Defend
 > Running other third-party endpoint protection products alongside Microsoft Defender ATP for Linux is likely to cause performance problems and unpredictable system errors.


+> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP]
+
 ## How to install Microsoft Defender ATP for Linux

 ### Prerequisites
@ -39,9 +41,9 @@ This topic describes how to install, configure, update, and use Microsoft Defend
 - Logged on users do not appear in the ATP portal.
 - In SUSE distributions, if the installation of *libatomic1* fails, you should validate that your OS is registered:

-```bash
-$ sudo SUSEConnect --status-text
-```
+    ```bash
+    $ sudo SUSEConnect --status-text
+    ```

 ### Installation instructions