deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 12:53:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/MicrosoftDocs/windows-docs-pr into planappready

Browse Source
This commit is contained in:
jaimeo
2020-05-20 11:11:58 -07:00
parent a63b102543 d19f01ad8d
commit 6b119869c1
9 changed files with 35 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.openpublishing.redirection.json
View File

@ -15533,7 +15533,7 @@
}, },
{ {
"source_path": "windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md", "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exploit-protection", "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction",
"redirect_document_id": false "redirect_document_id": false
}, },
{ {

2
windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md
View File

@ -15,7 +15,7 @@ manager: dansimp
# Use Group Policy and mobile device management (MDM) settings to configure Cortana in your organization # Use Group Policy and mobile device management (MDM) settings to configure Cortana in your organization
>[!NOTE] >[!NOTE]
>For specific info about how to set, manage, and use each of these MDM policies to configure Cortana in your enterprise, see the [Policy CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider) topic, located in the configuration service provider reference topics. >For specific info about how to set, manage, and use each of these MDM policies to configure Cortana in your enterprise, see the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider) topic, located in the configuration service provider reference topics.
|**Group policy** |**MDM policy** |**Description** | |**Group policy** |**MDM policy** |**Description** |

2
windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md
View File

@ -20,7 +20,7 @@ manager: dansimp
Cortana will respond with the information from Bing. Cortana will respond with the information from Bing.
:::image type="content" source="../../media/screenshot5.png" alt-text="Screenshot: Cortana showing current time in Hyderbad"::: :::image type="content" source="../../../images/screenshot5.png" alt-text="Screenshot: Cortana showing current time in Hyderbad":::
>[!NOTE] >[!NOTE]
>This scenario requires Bing Answers to be enabled. For more information, see [Set up and configure the Bing Answers feature](https://docs.microsoft.com/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10#set-up-and-configure-the-bing-answers-feature). >This scenario requires Bing Answers to be enabled. For more information, see [Set up and configure the Bing Answers feature](https://docs.microsoft.com/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10#set-up-and-configure-the-bing-answers-feature).

2
windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10.md
View File

@ -18,8 +18,6 @@ ms.author: dansimp
- If your enterprise had previously disabled Cortana for your employees using the **Computer Configuration\Administrative Templates\Windows Components\Search\Allow Cortana** Group Policy or the **Experience\AllowCortana** MDM setting but want to enable it now that Cortana is part of Microsoft 365, you will need to re-enable it at least for Windows 10, version 2004 and later. - If your enterprise had previously disabled Cortana for your employees using the **Computer Configuration\Administrative Templates\Windows Components\Search\Allow Cortana** Group Policy or the **Experience\AllowCortana** MDM setting but want to enable it now that Cortana is part of Microsoft 365, you will need to re-enable it at least for Windows 10, version 2004 and later.
- **Cortana is regularly updated through the Microsoft Store.** Beginning with Windows 10, version 2004, Cortana is an appx preinstalled with Windows and is regularly updated through the Microsoft Store. To receive the latest updates to Cortana, you will need to [enable updates through the Microsoft Store](https://docs.microsoft.com/windows/configuration/stop-employees-from-using-microsoft-store). - **Cortana is regularly updated through the Microsoft Store.** Beginning with Windows 10, version 2004, Cortana is an appx preinstalled with Windows and is regularly updated through the Microsoft Store. To receive the latest updates to Cortana, you will need to [enable updates through the Microsoft Store](https://docs.microsoft.com/windows/configuration/stop-employees-from-using-microsoft-store).
INSERT SCREENSHOT 1
## Set up and configure the Bing Answers feature ## Set up and configure the Bing Answers feature
Bing Answers provides fast, authoritative results to search queries based on search terms. When the Bing Answers feature is enabled, users will be able to ask Cortana web-related questions in the Cortana in Windows app, such as "What's the current weather?" or "Who is the president of the U.S.?," and get a response, based on public results from Bing.com. Bing Answers provides fast, authoritative results to search queries based on search terms. When the Bing Answers feature is enabled, users will be able to ask Cortana web-related questions in the Cortana in Windows app, such as "What's the current weather?" or "Who is the president of the U.S.?," and get a response, based on public results from Bing.com.

2
windows/configuration/cortana-at-work/test-scenario-6.md
View File

@ -24,7 +24,7 @@ Cortana automatically finds patterns in your email, suggesting reminders based t
## Use Cortana to create suggested reminders for you ## Use Cortana to create suggested reminders for you
1. Make sure that you've connected Cortana to Office 365. For the steps to connect, see [Set up and test Cortana with Office 365 in your organization](https://docs.microsoft.com/en-us/windows/configuration/cortana-at-work/cortana-at-work-o365). 1. Make sure that you've connected Cortana to Office 365. For the steps to connect, see [Set up and test Cortana with Office 365 in your organization](https://docs.microsoft.com/windows/configuration/cortana-at-work/cortana-at-work-o365).
2. Click on the **Cortana** search box in the taskbar, click the **Notebook** icon, and then click **Permissions**. 2. Click on the **Cortana** search box in the taskbar, click the **Notebook** icon, and then click **Permissions**.

2
windows/deployment/windows-autopilot/bitlocker.md
View File

@ -39,7 +39,7 @@ An example of Microsoft Intune Windows Encryption settings is shown below.
![BitLocker encryption settings](images/bitlocker-encryption.png) ![BitLocker encryption settings](images/bitlocker-encryption.png)
Note that a device which is encrypted automatically will need to be decrypted prior to changing the encyption algorithm. Note that a device which is encrypted automatically will need to be decrypted prior to changing the encryption algorithm.
The settings are available under Device Configuration -> Profiles -> Create profile -> Platform = Windows 10 and later, Profile type = Endpoint protection -> Configure -> Windows Encryption -> BitLocker base settings, Configure encryption methods = Enable. The settings are available under Device Configuration -> Profiles -> Create profile -> Platform = Windows 10 and later, Profile type = Endpoint protection -> Configure -> Windows Encryption -> BitLocker base settings, Configure encryption methods = Enable.

4
windows/deployment/windows-autopilot/registration-auth.md
View File

@ -80,6 +80,10 @@ Each OEM has a unique link to provide to their respective customers, which the O
![Not global admin](images/csp7.png) ![Not global admin](images/csp7.png)
3. Customer selects the **Yes** checkbox, followed by the **Accept** button, and theyre done. Authorization happens instantaneously. 3. Customer selects the **Yes** checkbox, followed by the **Accept** button, and theyre done. Authorization happens instantaneously.
> [!NOTE]
> Once this process has completed, it is not currently possible for an administrator to remove an OEM. To remove an OEM or revoke
their permissions, send a request to msoemops@microsoft.com
4. The OEM can use the Validate Device Submission Data API to verify the consent has completed. This API is discussed in the latest version of the API Whitepaper, p. 14ff [https://devicepartner.microsoft.com/assets/detail/windows-autopilot-integration-with-oem-api-design-whitepaper-docx](https://devicepartner.microsoft.com/assets/detail/windows-autopilot-integration-with-oem-api-design-whitepaper-docx). **Note**: this link is only accessible by Microsoft Device Partners. As discussed in this whitepaper, its a best practice recommendation for OEM partners to run the API check to confirm theyve received customer consent before attempting to register devices, thus avoiding errors in the registration process. 4. The OEM can use the Validate Device Submission Data API to verify the consent has completed. This API is discussed in the latest version of the API Whitepaper, p. 14ff [https://devicepartner.microsoft.com/assets/detail/windows-autopilot-integration-with-oem-api-design-whitepaper-docx](https://devicepartner.microsoft.com/assets/detail/windows-autopilot-integration-with-oem-api-design-whitepaper-docx). **Note**: this link is only accessible by Microsoft Device Partners. As discussed in this whitepaper, its a best practice recommendation for OEM partners to run the API check to confirm theyve received customer consent before attempting to register devices, thus avoiding errors in the registration process.
> [!NOTE] > [!NOTE]

48
windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
View File

@ -13,7 +13,7 @@ ms.author: macapara
ms.localizationpriority: medium ms.localizationpriority: medium
manager: dansimp manager: dansimp
audience: ITPro audience: ITPro
ms.collection: M365-security-compliance ms.collection: M365-security-compliance
ms.topic: article ms.topic: article
--- ---
@ -35,7 +35,7 @@ ms.topic: article
Microsoft Defender ATP extends support to also include the Windows Server operating system. This support provides advanced attack detection and investigation capabilities seamlessly through the Microsoft Defender Security Center console. Microsoft Defender ATP extends support to also include the Windows Server operating system. This support provides advanced attack detection and investigation capabilities seamlessly through the Microsoft Defender Security Center console.
The service supports the onboarding of the following servers: The service supports the onboarding of the following servers:
- Windows Server 2008 R2 SP1 - Windows Server 2008 R2 SP1
- Windows Server 2012 R2 - Windows Server 2012 R2
- Windows Server 2016 - Windows Server 2016
- Windows Server (SAC) version 1803 and later - Windows Server (SAC) version 1803 and later
@ -57,11 +57,11 @@ There are two options to onboard Windows Server 2008 R2 SP1, Windows Server 2012
### Option 1: Onboard servers through Microsoft Defender Security Center ### Option 1: Onboard servers through Microsoft Defender Security Center
You'll need to take the following steps if you choose to onboard servers through Microsoft Defender Security Center. You'll need to take the following steps if you choose to onboard servers through Microsoft Defender Security Center.
- For Windows Server 2008 R2 SP1 or Windows Server 2012 R2, ensure that you install the following hotfix: - For Windows Server 2008 R2 SP1 or Windows Server 2012 R2, ensure that you install the following hotfix:
- [Update for customer experience and diagnostic telemetry](https://support.microsoft.com/en-us/help/3080149/update-for-customer-experience-and-diagnostic-telemetry) - [Update for customer experience and diagnostic telemetry](https://support.microsoft.com/en-us/help/3080149/update-for-customer-experience-and-diagnostic-telemetry)
- In addition, for Windows Server 2008 R2 SP1, ensure that you fulfill the following requirements: - In addition, for Windows Server 2008 R2 SP1, ensure that you fulfill the following requirements:
- Install the [February monthly update rollup](https://support.microsoft.com/en-us/help/4074598/windows-7-update-kb4074598) - Install the [February monthly update rollup](https://support.microsoft.com/en-us/help/4074598/windows-7-update-kb4074598)
- Install either [.NET framework 4.5](https://www.microsoft.com/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework) - Install either [.NET framework 4.5](https://www.microsoft.com/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework)
@ -73,7 +73,7 @@ You'll need to take the following steps if you choose to onboard servers through
- Turn on server monitoring from Microsoft Defender Security Center. - Turn on server monitoring from Microsoft Defender Security Center.
- If you're already leveraging System Center Operations Manager (SCOM) or Azure Monitor (formerly known as Operations Management Suite (OMS)), attach the Microsoft Monitoring Agent (MMA) to report to your Microsoft Defender ATP workspace through Multihoming support. - If you're already leveraging System Center Operations Manager (SCOM) or Azure Monitor (formerly known as Operations Management Suite (OMS)), attach the Microsoft Monitoring Agent (MMA) to report to your Microsoft Defender ATP workspace through Multihoming support.
Otherwise, install and configure MMA to report sensor data to Microsoft Defender ATP as instructed below. For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent). Otherwise, install and configure MMA to report sensor data to Microsoft Defender ATP as instructed below. For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent).
@ -82,10 +82,10 @@ You'll need to take the following steps if you choose to onboard servers through
### Configure and update System Center Endpoint Protection clients ### Configure and update System Center Endpoint Protection clients
Microsoft Defender ATP integrates with System Center Endpoint Protection. The integration provides visibility to malware detections and to stop propagation of an attack in your organization by banning potentially malicious files or suspected malware. Microsoft Defender ATP integrates with System Center Endpoint Protection. The integration provides visibility to malware detections and to stop propagation of an attack in your organization by banning potentially malicious files or suspected malware.
The following steps are required to enable this integration: The following steps are required to enable this integration:
- Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie) - Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie)
- Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting - Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting
@ -95,19 +95,19 @@ The following steps are required to enable this integration:
1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**. 1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**.
2. Select Windows Server 2012 R2 and 2016 as the operating system. 2. Select Windows Server 2012 R2 and 2016 as the operating system.
3. Click **Turn on server monitoring** and confirm that you'd like to proceed with the environment setup. When the setup completes, the **Workspace ID** and **Workspace key** fields are populated with unique values. You'll need to use these values to configure the MMA agent. 3. Click **Turn on server monitoring** and confirm that you'd like to proceed with the environment setup. When the setup completes, the **Workspace ID** and **Workspace key** fields are populated with unique values. You'll need to use these values to configure the MMA agent.
<span id="server-mma"/> <span id="server-mma"/>
### Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Microsoft Defender ATP ### Install and configure Microsoft Monitoring Agent (MMA) to report sensor data to Microsoft Defender ATP
1. Download the agent setup file: [Windows 64-bit agent](https://go.microsoft.com/fwlink/?LinkId=828603). 1. Download the agent setup file: [Windows 64-bit agent](https://go.microsoft.com/fwlink/?LinkId=828603).
2. Using the Workspace ID and Workspace key provided in the previous procedure, choose any of the following installation methods to install the agent on the server: 2. Using the Workspace ID and Workspace key provided in the previous procedure, choose any of the following installation methods to install the agent on the server:
- [Manually install the agent using setup](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#install-the-agent-using-setup) <br> - [Manually install the agent using setup](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#install-the-agent-using-setup) <br>
On the **Agent Setup Options** page, choose **Connect the agent to Azure Log Analytics (OMS)**. On the **Agent Setup Options** page, choose **Connect the agent to Azure Log Analytics (OMS)**.
- [Install the agent using the command line](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#install-the-agent-using-the-command-line) and [configure the agent using a script](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#add-a-workspace-using-a-script). - [Install the agent using the command line](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#install-the-agent-using-the-command-line) and [configure the agent using a script](https://docs.microsoft.com/azure/log-analytics/log-analytics-windows-agents#add-a-workspace-using-a-script).
3. You'll need to configure proxy settings for the Microsoft Monitoring Agent. For more information, see [Configure proxy settings](configure-proxy-internet.md). 3. You'll need to configure proxy settings for the Microsoft Monitoring Agent. For more information, see [Configure proxy settings](configure-proxy-internet.md).
@ -116,7 +116,7 @@ Once completed, you should see onboarded servers in the portal within an hour.
<span id="server-proxy"/> <span id="server-proxy"/>
### Configure server proxy and Internet connectivity settings ### Configure server proxy and Internet connectivity settings
- Each Windows server must be able to connect to the Internet using HTTPS. This connection can be direct, using a proxy, or through the <a href="https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-gateway" data-raw-source="[OMS Gateway](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-gateway)">OMS Gateway</a>. - Each Windows server must be able to connect to the Internet using HTTPS. This connection can be direct, using a proxy, or through the <a href="https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-gateway" data-raw-source="[OMS Gateway](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-gateway)">OMS Gateway</a>.
- If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that you [enable access to Microsoft Defender ATP service URLs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server). - If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that you [enable access to Microsoft Defender ATP service URLs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server).
@ -127,7 +127,7 @@ Once completed, you should see onboarded servers in the portal within an hour.
2. Select Windows Server 2008 R2 SP1, 2012 R2 and 2016 as the operating system. 2. Select Windows Server 2008 R2 SP1, 2012 R2 and 2016 as the operating system.
3. Click **Onboard Servers in Azure Security Center**. 3. Click **Onboard Servers in Azure Security Center**.
4. Follow the onboarding instructions in [Microsoft Defender Advanced Threat Protection with Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-wdatp). 4. Follow the onboarding instructions in [Microsoft Defender Advanced Threat Protection with Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-wdatp).
@ -140,16 +140,16 @@ To onboard Windows Server (SAC) version 1803, Windows Server 2019, or Windows Se
Supported tools include: Supported tools include:
- Local script - Local script
- Group Policy - Group Policy
- Microsoft Endpoint Configuration Manager - Microsoft Endpoint Configuration Manager
- System Center Configuration Manager 2012 / 2012 R2 1511 / 1602 - System Center Configuration Manager 2012 / 2012 R2 1511 / 1602
- VDI onboarding scripts for non-persistent machines - VDI onboarding scripts for non-persistent machines
For more information, see [Onboard Windows 10 machines](configure-endpoints.md). For more information, see [Onboard Windows 10 machines](configure-endpoints.md).
Support for Windows Server, provide deeper insight into activities happening on the server, coverage for kernel and memory attack detection, and enables response actions on Windows Server endpoint as well. Support for Windows Server, provide deeper insight into activities happening on the server, coverage for kernel and memory attack detection, and enables response actions on Windows Server endpoint as well.
1. Configure Microsoft Defender ATP onboarding settings on the server. For more information, see [Onboard Windows 10 machines](configure-endpoints.md). 1. Configure Microsoft Defender ATP onboarding settings on the server. For more information, see [Onboard Windows 10 machines](configure-endpoints.md).
2. If you're running a third-party antimalware solution, you'll need to apply the following Windows Defender AV passive mode settings. Verify that it was configured correctly: 2. If you're running a third-party antimalware solution, you'll need to apply the following Windows Defender AV passive mode settings. Verify that it was configured correctly:
@ -165,12 +165,12 @@ Support for Windows Server, provide deeper insight into activities happening on
``` ```
1. Confirm that a recent event containing the passive mode event is found: 1. Confirm that a recent event containing the passive mode event is found:
![Image of passive mode verification result](images/atp-verify-passive-mode.png) ![Image of passive mode verification result](images/atp-verify-passive-mode.png)
3. Run the following command to check if Windows Defender AV is installed: 3. Run the following command to check if Windows Defender AV is installed:
```sc query Windefend``` ```sc.exe query Windefend```
If the result is 'The specified service does not exist as an installed service', then you'll need to install Windows Defender AV. For more information, see [Windows Defender Antivirus in Windows 10](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). If the result is 'The specified service does not exist as an installed service', then you'll need to install Windows Defender AV. For more information, see [Windows Defender Antivirus in Windows 10](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10).
@ -188,12 +188,12 @@ The following capabilities are included in this integration:
- Server investigation - Azure Security Center customers can access Microsoft Defender Security Center to perform detailed investigation to uncover the scope of a potential breach - Server investigation - Azure Security Center customers can access Microsoft Defender Security Center to perform detailed investigation to uncover the scope of a potential breach
> [!IMPORTANT] > [!IMPORTANT]
> - When you use Azure Security Center to monitor servers, a Microsoft Defender ATP tenant is automatically created. The Microsoft Defender ATP data is stored in Europe by default. > - When you use Azure Security Center to monitor servers, a Microsoft Defender ATP tenant is automatically created. The Microsoft Defender ATP data is stored in Europe by default.
> - If you use Microsoft Defender ATP before using Azure Security Center, your data will be stored in the location you specified when you created your tenant even if you integrate with Azure Security Center at a later time. > - If you use Microsoft Defender ATP before using Azure Security Center, your data will be stored in the location you specified when you created your tenant even if you integrate with Azure Security Center at a later time.
> - When you use Azure Security Center to monitor servers, a Microsoft Defender ATP tenant is automatically created and the Microsoft Defender ATP data is stored in Europe by default. If you need to move your data to another location, you need to contact Microsoft Support to reset the tenant. Server endpoint monitoring utilizing this integration has been disabled for Office 365 GCC customers.
## Offboard servers
## Offboard servers
You can offboard Windows Server (SAC), Windows Server 2019, and Windows Server 2019 Core edition in the same method available for Windows 10 client machines. You can offboard Windows Server (SAC), Windows Server 2019, and Windows Server 2019 Core edition in the same method available for Windows 10 client machines.
For other server versions, you have two options to offboard servers from the service: For other server versions, you have two options to offboard servers from the service:
@ -210,10 +210,10 @@ For more information, see [To disable an agent](https://docs.microsoft.com/azure
### Remove the Microsoft Defender ATP workspace configuration ### Remove the Microsoft Defender ATP workspace configuration
To offboard the server, you can use either of the following methods: To offboard the server, you can use either of the following methods:
- Remove the Microsoft Defender ATP workspace configuration from the MMA agent - Remove the Microsoft Defender ATP workspace configuration from the MMA agent
- Run a PowerShell command to remove the configuration - Run a PowerShell command to remove the configuration
#### Remove the Microsoft Defender ATP workspace configuration from the MMA agent #### Remove the Microsoft Defender ATP workspace configuration from the MMA agent
1. In the **Microsoft Monitoring Agent Properties**, select the **Azure Log Analytics (OMS)** tab. 1. In the **Microsoft Monitoring Agent Properties**, select the **Azure Log Analytics (OMS)** tab.
@ -228,7 +228,7 @@ To offboard the server, you can use either of the following methods:
1. In the navigation pane, select **Settings** > **Onboarding**. 1. In the navigation pane, select **Settings** > **Onboarding**.
1. Select **Windows Server 2012 R2 and 2016** as the operating system and get your Workspace ID: 1. Select **Windows Server 2012 R2 and 2016** as the operating system and get your Workspace ID:
![Image of server onboarding](images/atp-server-offboarding-workspaceid.png) ![Image of server onboarding](images/atp-server-offboarding-workspaceid.png)
2. Open an elevated PowerShell and run the following command. Use the Workspace ID you obtained and replacing `WorkspaceID`: 2. Open an elevated PowerShell and run the following command. Use the Workspace ID you obtained and replacing `WorkspaceID`:

2
windows/security/threat-protection/microsoft-defender-atp/preview.md
View File

@ -47,6 +47,8 @@ Turn on the preview experience setting to be among the first to try upcoming fea
## Preview features ## Preview features
The following features are included in the preview release: The following features are included in the preview release:
- [Attack simulators in the evaluation lab](evaluation-lab.md#threat-simulator-scenarios) <br> Microsoft Defender ATP has partnered with various threat simulation platforms to give you convenient access to test the capabilities of the platform right from the within the portal.
- [Create indicators for certificates](manage-indicators.md) <br> Create indicators to allow or block certificates. - [Create indicators for certificates](manage-indicators.md) <br> Create indicators to allow or block certificates.
- [Microsoft Defender ATP for Linux](microsoft-defender-atp-linux.md) <br> Microsoft Defender ATP now adds support for Linux. Learn how to install, configure, update, and use Microsoft Defender ATP for Linux. - [Microsoft Defender ATP for Linux](microsoft-defender-atp-linux.md) <br> Microsoft Defender ATP now adds support for Linux. Learn how to install, configure, update, and use Microsoft Defender ATP for Linux.