deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merged PR 5634: RemoteWipe CSP added new nodes

Browse Source
This commit is contained in:
Maricia Alforque 2018-02-01 18:45:51 +00:00
parent 8f833a5e25
commit 6f84c3ebc4
4 changed files with 120 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
windows/client-management/mdm/images/provisioning-csp-remotewipe-dmandcp.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 14 KiB

10
windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
View File

@ -1516,6 +1516,16 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
<td style="vertical-align:top"><p>Updated the description for AllowWarningForOtherDiskEncryption to describe changes added in Windows 10, next major update.</p>
</td></tr>
<tr class="odd">
<td style="vertical-align:top">[RemoteWipe CSP](remotewipe-csp.md)</td>
<td style="vertical-align:top"><p>Added the following nodes in Windows 10, next major update:</p>
<ul>
<li>AutomaticRedeployment</li>
<li>doAutomaticRedeployment</li>
<li>LastError</li>
<li>Status</li>
</ul>
</td></tr>
<tr class="odd">
<td style="vertical-align:top">[Defender CSP](defender-csp.md)</td>
<td style="vertical-align:top"><p>Added new node (OfflineScan) in Windows 10, next major update.</p>
</td></tr>

26
windows/client-management/mdm/remotewipe-csp.md
View File

@ -7,12 +7,15 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 11/13/2017
ms.date: 01/29/2018
---
# RemoteWipe CSP
> [!WARNING]
> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
The RemoteWipe configuration service provider can be used by mobile operators DM server or enterprise management server to remotely wipe a device. The RemoteWipe configuration service provider can make the data stored in memory and hard disks difficult to recover if the device is remotely wiped after being lost or stolen.
The following diagram shows the RemoteWipe configuration service provider management object in tree format as used by both OMA DM and OMA Client Provisioning. Enterprise IT Professionals can update these settings by using the Exchange Server.
@ -45,14 +48,27 @@ Supported operation is Exec.
<a href="" id="doWipePersistUserData"></a>**doWipePersistUserData**
Added in Windows 10, version 1709. Exec on this node will perform a remote reset on the device and persist user accounts and data. The return status code shows whether the device accepted the Exec command.
## The Remote Wipe Process
<a href="" id="automaticredeployment"></a>**AutomaticRedeployment**
Added in Windows 10, next major update. Node for the Automatic Redeployment operation.
<a href="" id="doautomaticredeployment"></a>**AutomaticRedeployment/doAutomaticRedeployment**
Added in Windows 10, next major update. Exec on this node triggers Automatic Redeployment operation. This works like PC Reset, similar to other existing nodes in this RemoteWipe CSP, except that it keeps the device enrolled in Azure AD and MDM, keeps Wi-Fi profiles, and a few other settings like region, language, keyboard.
The remote wipe command is sent as an XML provisioning file to the device. Since the RemoteWipe Configuration Service Provider uses OMA DM and WAP, authentication between client and server and delivery of the XML provisioning file is handled by provisioning.
<a href="" id="lasterror"></a>**AutomaticRedeployment/LastError**
Added in Windows 10, next major update. Error value, if any, associated with Automatic Redeployment operation (typically an HRESULT).
In Windows 10 Mobile, the remote wipe command is implemented on the device by using the **ResetPhone** function. On the desktop, the remote wipe triggers the **Reset this PC** functionality with the **Remove everything** option.
<a href="" id="status"></a>**AutomaticRedeployment/Status**
Added in Windows 10, next major update. Status value indicating current state of an Automatic Redeployment operation.
> **Note**  On the desktop, the remote wipe effectively performs a factory reset and the PC does not retain any information about the command once the wipe completes. Any response from the device about the actual status or result of the command may be inconsistent and unreliable because the MDM information has been removed.
Supported values:
- 0: Never run (not started). The default state.
- 1: Complete.
- 10: Reset has been scheduled.
- 20: Reset is scheduled and waiting for a reboot.
- 30: Failed during CSP Execute ("Exec" in SyncML).
- 40: Failed: power requirements not met.
- 50: Failed: reset internals failed during reset attempt.
 

92
windows/client-management/mdm/remotewipe-ddf-file.md
View File

@ -7,7 +7,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 12/05/2017
ms.date: 01/29/2018
---
# RemoteWipe DDF file
@ -17,7 +17,7 @@ This topic shows the OMA DM device description framework (DDF) for the **RemoteW
Looking for the DDF XML files? See [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download).
The XML below is the DDF for Windows 10, version 1709.
The XML below is the DDF for Windows 10, next major update.
``` syntax
<?xml version="1.0" encoding="UTF-8"?>
@ -43,7 +43,7 @@ The XML below is the DDF for Windows 10, version 1709.
<Permanent />
</Scope>
<DFType>
<DDFName></DDFName>
<MIME>com.microsoft/1.1/MDM/RemoteWipe</MIME>
</DFType>
<Description>The root node for remote wipe function.</Description>
</DFProperties>
@ -131,8 +131,94 @@ The XML below is the DDF for Windows 10, version 1709.
<Description>Exec on this node will perform a remote reset on the device and persist user accounts and data. The return status code shows whether the device accepted the Exec command.</Description>
</DFProperties>
</Node>
<Node>
<NodeName>AutomaticRedeployment</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<DFFormat>
<node />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Permanent />
</Scope>
<DFType>
<DDFName></DDFName>
</DFType>
</DFProperties>
<Node>
<NodeName>doAutomaticRedeployment</NodeName>
<DFProperties>
<AccessType>
<Get />
<Exec />
</AccessType>
<DFFormat>
<chr />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Permanent />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
<Node>
<NodeName>LastError</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<DefaultValue>0</DefaultValue>
<Description>Error value, if any, associated with Automatic Redeployment operation (typically an HRESULT).</Description>
<DFFormat>
<int />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Permanent />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
<Node>
<NodeName>Status</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<DefaultValue>0</DefaultValue>
<Description>Status value indicating current state of an Automatic Redeployment operation. 0: Never run (not started). The default state. 1: Complete. 10: Reset has been scheduled. 20: Reset is scheduled and waiting for a reboot. 30: Failed during CSP Execute ("Exec" in SyncML). 40: Failed: power requirements not met. 50: Failed: reset internals failed during reset attempt.</Description>
<DFFormat>
<int />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Permanent />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
</Node>
</Node>
</MgmtTree>
```
## Related topics