deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #632 from Microsoft/master

Browse Source 
Publish to live
This commit is contained in:
Brian Lich 2017-04-18 14:38:15 -07:00 committed by GitHub
commit 7d29b385da
6 changed files with 104 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
education/windows/configure-windows-for-education.md
View File

@ -115,6 +115,20 @@ Use one of these methods to set this policy.
### Group Policy ### Group Policy
**SetEduPolicies** is not natively supported in Group Policy. Instead, use the [MDM Bridge WMI Provider](https://msdn.microsoft.com/en-us/library/windows/desktop/dn905224(v=vs.85).aspx) to set the policy in [MDM SharedPC](https://msdn.microsoft.com/en-us/library/windows/desktop/mt779129(v=vs.85).aspx). **SetEduPolicies** is not natively supported in Group Policy. Instead, use the [MDM Bridge WMI Provider](https://msdn.microsoft.com/en-us/library/windows/desktop/dn905224(v=vs.85).aspx) to set the policy in [MDM SharedPC](https://msdn.microsoft.com/en-us/library/windows/desktop/mt779129(v=vs.85).aspx).
For example:
- Open PowerShell as an administrator and enter the following:
```
$sharedPC = Get-CimInstance -Namespace "root\cimv2\mdm\dmmap" -ClassName "MDM_SharedPC"
$sharedPC.SetEduPolicies = $True
Set-CimInstance -CimInstance $sharedPC
Get-CimInstance -Namespace $namespaceName -ClassName $MDM_SharedPCClass
```
### Provisioning tools ### Provisioning tools
- [Set up School PCs](use-set-up-school-pcs-app.md) always sets this policy in provisioning packages it creates. - [Set up School PCs](use-set-up-school-pcs-app.md) always sets this policy in provisioning packages it creates.
- [Windows Configuration Designer](https://technet.microsoft.com/en-us/itpro/windows/configure/provisioning-create-package) - [Windows Configuration Designer](https://technet.microsoft.com/en-us/itpro/windows/configure/provisioning-create-package)

55
windows/deploy/upgrade-readiness-data-sharing.md Normal file
View File

@ -0,0 +1,55 @@
---
title: Upgrade Readiness data sharing
description: Connectivity scenarios for data sharing with Upgrade Readiness
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: deploy
author: greg-lindsay
---
# Upgrade Readiness data sharing
To enable data sharing with the Upgrade Readiness solution, the following endpoints must be accessible:
| **Endpoint** | **Function** |
|---------------------------------------------------------|-----------|
| `https://v10.vortex-win.data.microsoft.com/collect/v1`<br>`https://Vortex-win.data.microsoft.com/health/keepalive` | Connected User Experience and Telemetry component endpoint. User computers send data to Microsoft through this endpoint. |
| `https://settings.data.microsoft.com/qos` | Enables the compatibility update KB to send data to Microsoft. |
| `https://go.microsoft.com/fwlink/?LinkID=544713`<br>`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc` | This service provides driver information about whether there will be a driver available post-upgrade for the hardware on the system. |
Whitelist these endpoints on your network. This might require working with your organizations's network security group.
## Connectivity to the Internet
There are several different methods your organization can use to connect to the Internet, and these methods can affect how authentication is performed by the deployment script.
### Direct connection to the Internet
This scenario is very simple since there is no proxy involved. If you are using a network firewall which is blocking outgoing traffic, please keep in mind that even though we provide DNS names for the endpoints needed to communicate to the Microsoft telemetry backend, We therefore do not recommend to attempt to whitelist endpoints on your firewall based on IP-addresses.
In order to use the direct connection scenario, set the parameter **ClientProxy=Direct** in **runconfig.bat**.
### Connection through the WinHTTP proxy
This is the first and most simple proxy scenario. The WinHTTP stack was designed for use in services and does not support proxy autodetection, PAC scripts or authentication.
In order to set the WinHTTP proxy system-wide on your computers, you need to
•Use the command netsh winhttp set proxy \<server\>:\<port\>
•Set ClientProxy=System in runconfig.bat
The WinHTTP scenario is most appropriate for customers who use a single proxy or f. If you have more advanced proxy requirements, refer to Scenario 3.
If you want to learn more about Proxy considerations on Windows, please take a look at this post in the ieinternals blog
### Logged-in users Internet connection
In order to accommodate complex proxy scenarios, we also support using the currently logged-in users internet connection. This scenario supports PAC scripts, proxy autodetection and authentication. Essentially, if the logged in user can reach the Windows Telemetry endpoints, the telemetry client can send data. If runconfig.bat runs while no user is logged in, telemetry events get written into a buffer which gets flushed when a user logs in.
In order to enable this scenario, you need:
- A current quality update Rollup for Windows 7, 8.1 or Windows 10 Version 1511. Updates shipped after October 2016 have the needed code
- Set the reg key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection\DisableEnterpriseAuthProxy to 0. If the value does not exist, create a new DWORD, name it DisableEnterpriseAuthProxy and set the value to 0. The deployment script will check this is configured correctly.
- Set ClientProxy=User in bat.

20
windows/deploy/upgrade-readiness-deployment-script.md
View File

@ -264,6 +264,26 @@ or <div style='font-size:7.0pt'>**HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersio
<TD>Function **EndImpersonatingLoggedOnUser** failed with an unexpected exception. <TD>Function **EndImpersonatingLoggedOnUser** failed with an unexpected exception.
<TD>Check the logs for the exception message and HResult. <TD>Check the logs for the exception message and HResult.
<TR><TD>44</TD>
<TD>Function **Diagtrack.dll** version is old and so Auth Proxy will not work.
<TD>Update the computer using Windows Update or WSUS.
<TR><TD>45</TD>
<TD>**Diagtrack.dll** not found.
<TD>Update the computer using Windows Update or WSUS.
<TR><TD>46</TD>
<TD>**DisableEnterpriseAuthProxy** property should be set to 1 for ClientProxy=Telemetry to work.
<TD>The ClientProxy=Telemetry scenario requires the **DisableEnterpriseAuthProxy** registry key to be set to 1 at registry path: **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection**.
<TR><TD>47</TD>
<TD>**TelemetryProxyServer** property is not present in the Windows registry at **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection**.
<TD>ClientProxy selected is Telemetry. The **TelemetryProxyServer** key is not present at Windows registry path: **HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection**.
<TR><TD>48</TD>
<TD>The **CommercialID** referenced in RunConfig.bat must be a GUID.
<TD>The **CommercialID** that is entered in RunConfig.bat must be a GUID. Copy the commercial ID from your workspace. To find the commercialID on the OMS portal, view Upgrade Readiness > Settings. You will find the commercial ID on the settings page.
</TABLE> </TABLE>
</div> </div>

13
windows/deploy/upgrade-readiness-get-started.md
View File

@ -79,14 +79,23 @@ For Upgrade Readiness to receive and display upgrade readiness data from Microso
To enable data sharing, whitelist the following endpoints. Note that you may need to get approval from your security group to do this. To enable data sharing, whitelist the following endpoints. Note that you may need to get approval from your security group to do this.
Note: The compatibility update KB runs under the computers system account. If you are using user authenticated proxies, read [this blog post](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) to learn what you need to do to run it under the logged on user account.
| **Endpoint** | **Function** | | **Endpoint** | **Function** |
|---------------------------------------------------------|-----------| |---------------------------------------------------------|-----------|
| `https://v10.vortex-win.data.microsoft.com/collect/v1`<br>`https://Vortex-win.data.microsoft.com/health/keepalive` | Connected User Experience and Telemetry component endpoint. User computers send data to Microsoft through this endpoint. | | `https://v10.vortex-win.data.microsoft.com/collect/v1`<br>`https://Vortex-win.data.microsoft.com/health/keepalive` | Connected User Experience and Telemetry component endpoint. User computers send data to Microsoft through this endpoint. |
| `https://settings.data.microsoft.com/qos` | Enables the compatibility update KB to send data to Microsoft. | | `https://settings.data.microsoft.com/qos` | Enables the compatibility update KB to send data to Microsoft. |
| `https://go.microsoft.com/fwlink/?LinkID=544713`<br>`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc` | This service provides driver information about whether there will be a driver available post-upgrade for the hardware on the system. | | `https://go.microsoft.com/fwlink/?LinkID=544713`<br>`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc` | This service provides driver information about whether there will be a driver available post-upgrade for the hardware on the system. |
Note: The compatibility update KB runs under the computers system account.
### Connection settings
The settings that are used to enable client computers to connect to Windows Telemetry depend on the type of connection scenario you use. These scenarios are discussed in [this blog post](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) and are summarized below.
| **Connection scenario** | **ClientProxy setting** <BR>in **runconfig.bat** | **Local computer configuration** |
|---------------------------------------------------------|-----------|-----------|
| Direct connection to the Internet (no proxy) | **ClientProxy=Direct** | No additional configuration necessary |
| WinHTTP proxy | **ClientProxy=System** | Specify `netsh winhttp set proxy <server>:<port>` on client computers |
| Other proxy | **ClientProxy=User** | Configure the Windows Registry value: <p style="font-size: 12px"> **HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection\DisableEnterpriseAuthProxy** </p> to 0 on client computers |
## Deploy the compatibility update and related KBs ## Deploy the compatibility update and related KBs

2
windows/update/waas-overview.md
View File

@ -21,6 +21,8 @@ localizationpriority: high
The Windows 10 operating system introduces a new way to build, deploy, and service Windows: Windows as a service. Microsoft has reimagined each part of the process, to simplify the lives of IT pros and maintain a consistent Windows 10 experience for its customers. These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time. The Windows 10 operating system introduces a new way to build, deploy, and service Windows: Windows as a service. Microsoft has reimagined each part of the process, to simplify the lives of IT pros and maintain a consistent Windows 10 experience for its customers. These improvements focus on maximizing customer involvement in Windows development, simplifying the deployment and servicing of Windows client computers, and leveling out the resources needed to deploy and maintain Windows over time.
<iframe width="560" height="315" align="center" src="https://www.youtube.com/embed/MLc4-Suv0LU" frameborder="0" allowfullscreen></iframe>
## Building ## Building
Prior to Windows 10, Microsoft released new versions of Windows every few years. This traditional deployment schedule imposed a training burden on users because the feature revisions were often significant. That schedule also meant waiting long periods without new features — a scenario that doesnt work in todays rapidly changing world, a world in which new security, management, and deployment capabilities are necessary to address challenges. Windows as a service will deliver smaller feature updates two to three times per year to help address these issues. Prior to Windows 10, Microsoft released new versions of Windows every few years. This traditional deployment schedule imposed a training burden on users because the feature revisions were often significant. That schedule also meant waiting long periods without new features — a scenario that doesnt work in todays rapidly changing world, a world in which new security, management, and deployment capabilities are necessary to address challenges. Windows as a service will deliver smaller feature updates two to three times per year to help address these issues.

2
windows/whats-new/whats-new-windows-10-version-1703.md
View File

@ -202,7 +202,7 @@ To check out all the details, see [Configure Delivery Optimization for Windows 1
### Uninstalled in-box apps no longer automatically reinstall ### Uninstalled in-box apps no longer automatically reinstall
When upgrading to Windows 10, version 1703, in-box apps that were uninstalled by the user won't automatically reinstall as part of the feature update installation process. (Apps de-provisioned by IT administrators will still be reinstalled.) Starting with Windows 10, version 1703, in-box apps that were uninstalled by the user won't automatically reinstall as part of the next feature update installation process. (Apps de-provisioned by IT administrators will still be reinstalled)
## Management ## Management