deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 10:23:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/master' into Aug2

Browse Source
This commit is contained in:
Joey Caparas
2016-07-27 13:51:33 +10:00
parent 576d4631d0 56915eefee
commit 81395dea60
5 changed files with 68 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
windows/deploy/configure-a-pxe-server-to-load-windows-pe.md
View File

@ -59,6 +59,8 @@ All four of the roles specified above can be hosted on the same computer or each
```
Dism /mount-image /imagefile:c:\winpe_amd64\media\sources\boot.wim /index:1 /mountdir:C:\winpe_amd64\mount
```
Verify that "The operation completed successfully" is displayed. Note: To view currently mounted images, type **dism /get-MountedWiminfo**.
5. Map a network share to the root TFTP directory on the PXE/TFTP server and create a \Boot folder. Consult your TFTP server documentation to determine the root TFTP server directory, then enable sharing for this directory, and verify it can be accessed on the network. In the following example, the PXE server name is PXE-1 and the TFTP root directory is shared using a network path of **\\\PXE-1\TFTPRoot**:
```
@ -66,7 +68,7 @@ All four of the roles specified above can be hosted on the same computer or each
y:
md boot
```
6. Copy the PXE boot files from the mounted directory to the \Boot folder. For example:
6. Copy the PXE boot files from the mounted directory to the \boot folder. For example:
```
copy c:\winpe_amd64\mount\windows\boot\pxe\*.* y:\boot
@ -76,11 +78,16 @@ All four of the roles specified above can be hosted on the same computer or each
```
copy C:\winpe_amd64\media\boot\boot.sdi y:\boot
```
8. Copy the bootable Windows PE image (boot.wim) to the \Boot folder.
8. Copy the bootable Windows PE image (boot.wim) to the \boot folder.
```
copy C:\winpe_amd64\media\sources\boot.wim y:\boot
```
9. (Optional) Copy true type fonts to the \boot folder
```
copy C:\winpe_amd64\media\Boot\Fonts y:\boot\Fonts
```
## Step 2: Configure boot settings and copy the BCD file
@ -93,29 +100,37 @@ All four of the roles specified above can be hosted on the same computer or each
```
bcdedit /store c:\BCD /create {ramdiskoptions} /d "Ramdisk options"
bcdedit /store c:\BCD /set {ramdiskoptions} ramdisksdidevice partition=C:
bcdedit /store c:\BCD /set {ramdiskoptions} ramdisksdipath \winpe_amd64\media\boot\boot.sdi
bcdedit /store c:\BCD /set {ramdiskoptions} ramdisksdidevice boot
bcdedit /store c:\BCD /set {ramdiskoptions} ramdisksdipath \boot\boot.sdi
bcdedit /store c:\BCD /create /d "winpe boot image" /application osloader
```
The last command will return a GUID, for example:
```
The entry {a4f89c62-2142-11e6-80b6-00155da04110} was successfully created.
```
Copy this GUID for use in the next set of commands. In each command shown, replace "GUID1" with your GUID.
3. Create a new boot application entry for the Windows PE image:
```
bcdedit /store c:\BCD /set {GUID1} device ramdisk=[c:]\winpe_amd64\media\sources\boot.wim,{ramdiskoptions}
bcdedit /store c:\BCD /set {GUID1} device ramdisk=[boot]\boot\boot.wim,{ramdiskoptions}
bcdedit /store c:\BCD /set {GUID1} path \windows\system32\winload.exe
bcdedit /store c:\BCD /set {GUID1} osdevice ramdisk=[c:]\winpe_amd64\media\sources\boot.wim,{ramdiskoptions}
bcdedit /store c:\BCD /set {GUID1} osdevice ramdisk=[boot]\boot\boot.wim,{ramdiskoptions}
bcdedit /store c:\BCD /set {GUID1} systemroot \windows
bcdedit /store c:\BCD /set {GUID1} detecthal Yes
bcdedit /store c:\BCD /set {GUID1} winpe Yes
```
4. Configure BOOTMGR settings:
4. Configure BOOTMGR settings (remember to replace GUID1 in the third command with your GUID):
```
bcdedit /store c:\BCD /create {bootmgr} /d "boot manager"
bcdedit /store c:\BCD /set {bootmgr} timeout 30
bcdedit /store c:\BCD -displayorder {GUID1} -addlast
```
5. Copy the BCD file to your TFTP server:
```
copy c:\BCD \\PXE-1\TFTPRoot\Boot
copy c:\BCD \\PXE-1\TFTPRoot\boot\BCD
```
Your PXE/TFTP server is now configured. You can view the BCD settings that have been configured using the command bcdedit /store <BCD file location> /enum all. See the following example. Note: Your GUID will be different than the one shown below.
@ -151,10 +166,11 @@ ramdisksdipath \boot\boot.sdi
The following summarizes the PXE client boot process.
1. A client is directed by DHCP options 066 and 067 to download boot\\wdsnbp.com from the TFTP server.
2. Wdsnbp.com validates the DHCP/PXE response packet and then the client downloads boot\\pxeboot.com.
3. Pxeboot.com requires the client to press the F12 key to initiate a PXE boot.
4. The client downloads boot\\bootmgr.exe and the boot\\BCD file from the TFTP server. Note: The BCD store must reside in the \\boot directory on the TFTP server and must be named BCD.
>The following assumes that you have configured DHCP option 67 (Bootfile Name) to "boot\PXEboot.n12" which enables direct boot to PXE with no user interaction. For more information about DHCP options for network boot, see [Managing Network Boot Programs](https://technet.microsoft.com/en-us/library/cc732351.aspx).
1. A client is directed by DHCP options 066 and 067 to download boot\\PXEboot.n12 from the TFTP server.
2. PXEboot.n12 immediately begins a network boot.
3. The client downloads boot\\bootmgr.exe and the boot\\BCD file from the TFTP server. Note: The BCD store must reside in the \\boot directory on the TFTP server and must be named BCD.
5. Bootmgr.exe reads the BCD operating system entries and downloads boot\\boot.sdi and the Windows PE image (boot\\boot.wim). Optional files that can also be downloaded include true type fonts (boot\\Fonts\\wgl4\_boot.ttf) and the hibernation state file (\\hiberfil.sys) if these files are present.
6. Bootmgr.exe starts Windows PE by calling winload.exe within the Windows PE image.
7. Windows PE loads, a command prompt opens and wpeinit.exe is run to initialize Windows PE.

34
windows/deploy/upgrade-analytics-release-notes.md
View File

@ -1,33 +1,5 @@
---
title: Upgrade Analytics release notes (Windows 10)
description: Provides release notes for Upgrade Analytics.
ms.prod: w10
author: MaggiePucciEvans
---
# Upgrade Analytics release notes
## Supported versions of Windows
The compatibility update KB that sends telemetry data from user computers to Upgrade Analytics works only with Windows 7 SP1 and Windows 8.1. Upgrade Analytics cannot evaluate Windows XP or Windows Vista for upgrade eligibility.
<!--With Windows 10, edition 1607, the compatibility update KB is installed automatically.-->
## User authenticated proxies not supported in this release
User computers communicate with Upgrade Analytics through Windows telemetry. The Windows telemetry client runs in System context and requires a connection to various Microsoft telemetry endpoints. User authenticated proxies are not supported at this time. Work with your Network Administrator to ensure that user computers can communicate with telemetry endpoints.
## Upgrade Analytics does not support on-premise Windows deployments
Upgrade Analytics is built as a cloud service, which allows Upgrade Analytics to provide you with insights based on the data from user computers and other Microsoft compatibility services. Cloud services are easy to get up and running and are cost-effective because there is no requirement to physically implement and maintain services on-premise.
## In-region data storage requirements
Windows telemetry data from user computers is encrypted, sent to, and processed at Microsoft-managed secure data centers located in the US. Our analysis of the upgrade readiness-related data is then provided to you through the Upgrade Analytics solution in the Microsoft Operations Management Suite (OMS) portal. At the time this topic is being published, only OMS workspaces created in the East US and West Europe are supported. Well be frequently adding support for additional regions and well update this information when new international regions are supported.
## Known issues
- When viewing inventory items in table view, the maximum number of rows that can be viewed and exported is limited to 5,000. If you need to view or export more than 5,000 items, reduce the scope of the query so you can export a list with fewer items.
- Sorting data by clicking a column heading may not sort your complete list of items. For information about how to sort data in OMS, see [Sorting DocumentDB data using Order By](https://azure.microsoft.com/documentation/articles/documentdb-orderby).
description: Provides tips and limitations about Upgrade Analytics.
redirect_url: https://technet.microsoft.com/itpro/windows/deploy/upgrade-analytics-requirements
---

29
windows/deploy/upgrade-analytics-requirements.md
View File

@ -13,6 +13,10 @@ This article introduces concepts and steps needed to get up and running with Upg
To perform an in-place upgrade, user computers must be running the latest version of either Windows 7 SP1 or Windows 8.1. After you enable Windows telemetry, Upgrade Analytics performs a full inventory of computers so that you can see which version of Windows is installed on each computer.
The compatibility update KB that sends telemetry data from user computers to Microsoft data centers works with Windows 7 SP1 and Windows 8.1 only. Upgrade Analytics cannot evaluate Windows XP or Windows Vista for upgrade eligibility.
<!--With Windows 10, edition 1607, the compatibility update KB is installed automatically.-->
If you need to update user computers to Windows 7 SP1 or Windows 8.1, use Windows Update or download and deploy the applicable package from the Microsoft Download Center.
Note: Upgrade Analytics is designed to best support in-place upgrades. In-place upgrades do not support migrations from BIOS to UEFI or from 32-bit to 64-bit architecture. If you need to migrate computers in these scenarios, use the wipe-and-reload method. Upgrade Analytics insights are still valuable in this scenario, however, you can ignore in-place upgrade specific guidance.
@ -49,7 +53,7 @@ See \[link to Steve Mays PDF doc when its published\] for more information
`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc/extended`
NOTE: The compatibility update KB runs under the computers system account and does not support user authentication in this release.
>**Note** The compatibility update KB runs under the computers system account and does not support user authentication in this release.
**Generate your commercial ID key.** Microsoft uses a unique commercial ID GUID to map data from your computers to your OMS workspace. Youll need to generate your commercial ID key in OMS. We recommend that you save your commercial ID key as youll need it later.
@ -59,9 +63,26 @@ NOTE: The compatibility update KB runs under the computers system account and
**Deploy compatibility update and related KBs.** The compatibility update KB scans your systems and enables application usage tracking. If you dont already have this KB installed, you can download the applicable version from the Microsoft Update Catalog or deploy it using Windows Server Update Services (WSUS) or your software distribution solution, such as System Center Configuration Manager.
>**Important**<br> The compatibility update and related KBs are frequently updated to include new compatibility issues as they become known to Microsoft. We recommend that you use a deployment system that allows for automatic updates of these KBs. The compatibility update KB collects inventory information from computers only when it is updated.
>**Important**<br> The compatibility update and related KBs are updated frequently to include new compatibility issues as they become known to Microsoft. We recommend that you use a deployment system that allows for automatic updates of these KBs. The compatibility update KB collects inventory information from computers only when it is updated.
**Configure and deploy Upgrade Analytics deployment script.** Configure and deploy the Upgrade Analytics deployment script to user computers to finish setting up.
See [Get started with Upgrade Analytics](https://technet.microsoft.com/en-us/itpro/windows/deploy/upgrade-analytics-get-started
) for detailed, step-by-step instructions for configuring Upgrade Analytics and getting started on your Windows upgrade project.
## Important information about this release
Before you get started configuring Upgrade Anatlyics, review the following tips and limitations about this release.
**User authenticated proxies are not supported in this release.** User computers communicate with Microsoft through Windows telemetry. The Windows telemetry client runs in System context and requires a connection to various Microsoft telemetry endpoints. User authenticated proxies are not supported at this time. Work with your Network Administrator to ensure that user computers can communicate with telemetry endpoints.
**Upgrade Analytics does not support on-premise Windows deployments.** Upgrade Analytics is built as a cloud service, which allows Upgrade Analytics to provide you with insights based on the data from user computers and other Microsoft compatibility services. Cloud services are easy to get up and running and are cost-effective because there is no requirement to physically implement and maintain services on-premise.
**In-region data storage requirements.** Windows telemetry data from user computers is encrypted, sent to, and processed at Microsoft-managed secure data centers located in the US. Our analysis of the upgrade readiness-related data is then provided to you through the Upgrade Analytics solution in the Microsoft Operations Management Suite (OMS) portal. At the time this topic is being published, only OMS workspaces created in the East US and West Europe are supported. Were adding support for additional regions and well update this information when new international regions are supported.
### Tips
- When viewing inventory items in table view, the maximum number of rows that can be viewed and exported is limited to 5,000. If you need to view or export more than 5,000 items, reduce the scope of the query so you can export a list with fewer items.
- Sorting data by clicking a column heading may not sort your complete list of items. For information about how to sort data in OMS, see [Sorting DocumentDB data using Order By](https://azure.microsoft.com/documentation/articles/documentdb-orderby).
## Get started
See [Get started with Upgrade Analytics](upgrade-analytics-get-started.md) for detailed, step-by-step instructions for configuring Upgrade Analytics and getting started on your Windows upgrade project.

21
windows/manage/configure-windows-telemetry-in-your-organization.md
View File

@ -94,10 +94,10 @@ Windows telemetry also helps Microsoft better understand how customers use (or d
**These examples show how the use of telemetry data enables Microsoft to build or enhance features which can help organizations increase employee productivity while lowering help desk calls.**
<!--
### Insights into your own organization
Sharing information with Microsoft helps make Windows and other products better, but it can also help make your internal processes and user experiences better, as well. Microsoft is in the process of developing a set of analytics customized for your internal use. The first of these, called Windows 10 Upgrade Analytics, will be available in Summer 2016.
Sharing information with Microsoft helps make Windows and other products better, but it can also help make your internal processes and user experiences better, as well. Microsoft is in the process of developing a set of analytics customized for your internal use. The first of these, called [Windows 10 Upgrade Analytics](../deploy/manage-windows-upgrades-with-upgrade-analytics.md).
#### Windows 10 Upgrade Analytics
@ -119,7 +119,6 @@ Use Upgrade Analytics to get:
The Upgrade Analytics workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
-->
## How is telemetry data handled by Microsoft?
### Data collection
@ -180,7 +179,8 @@ The levels are cumulative and are illustrated in the following diagram. Also, th
The Security level gathers only the telemetry info that is required to keep Windows devices, Windows Server, and guests protected with the latest security updates. This level is only available on Windows Server 2016, Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and Windos IoT Core editions.
> **Note:**  If your organization relies on Windows Update for updates, you shouldnt use the **Security** level. Because no Windows Update information is gathered at this level, important information about update failures is not sent. Microsoft uses this information to fix the causes of those failures and improve the quality of our updates.
> [!NOTE]
> If your organization relies on Windows Update for updates, you shouldnt use the **Security** level. Because no Windows Update information is gathered at this level, important information about update failures is not sent. Microsoft uses this information to fix the causes of those failures and improve the quality of our updates.
Windows Server Update Services (WSUS) and System Center Configuration Manager functionality is not affected at this level, nor is telemetry data about Windows Server features or System Center gathered.
@ -192,14 +192,15 @@ The data gathered at this level includes:
- **Malicious Software Removal Tool (MSRT)** The MSRT infection report contains information, including device info and IP address.
>**Note:**  You can turn off the MSRT infection report. No MSRT information is included if MSRT is not used. If Windows Update is turned off, MSRT will not be offered to users. For more info, see Microsoft KB article [891716](http://support.microsoft.com/kb/891716).
> [!NOTE]
> You can turn off the MSRT infection report. No MSRT information is included if MSRT is not used. If Windows Update is turned off, MSRT will not be offered to users. For more info, see Microsoft KB article [891716](http://support.microsoft.com/kb/891716).
 
- **Windows Defender/Endpoint Protection**. Windows Defender and System Center Endpoint Protection requires some information to function, including: anti-malware signatures, diagnostic information, User Account Control settings, Unified Extensible Firmware Interface (UEFI) settings, and IP address.
**Note**  
This reporting can be turned off and no information is included if a customer is using third party antimalware software, or if Windows Defender is turned off. For more info, see [Windows Defender](disconnect-your-organization-from-microsoft.md#windows-defender).
> [!NOTE]
> This reporting can be turned off and no information is included if a customer is using third party antimalware software, or if Windows Defender is turned off. For more info, see [Windows Defender](disconnect-your-organization-from-microsoft.md#windows-defender).
Microsoft recommends that Windows Update, Windows Defender, and MSRT remain enabled unless the enterprise uses alternative solutions such as Windows Server Update Services, System Center Configuration Manager, or a third party antimalware solution. Windows Update, Windows Defender, and MSRT provide core Windows functionality such as driver and OS updates, including security updates.
@ -300,7 +301,8 @@ IT pros can use various methods, including Group Policy and Mobile Device Manage
We do not recommend that you turn off telemetry in your organization as valuable functionality may be impacted, but we recognize that in some scenarios this may be required. Use the steps in this section to do so for Windows, Windows Server, and System Center.
>**Important:**  These telemetry levels only apply to Windows, Windows Server, and System Center components and apps that use the Connected User Experience and Telemetry component. Non-Windows components, such as Microsoft Office or other 3rd-party apps, may communicate with their cloud services outside of these telemetry levels. You should work with your app vendors to understand their telemetry policy, and how you can to opt in or opt out. For more information on how Microsoft Office uses telemetry, see [Overview of Office Telemetry](http://technet.microsoft.com/library/jj863580.aspx).
> [!IMPORTANT]
> These telemetry levels only apply to Windows, Windows Server, and System Center components and apps that use the Connected User Experience and Telemetry component. Non-Windows components, such as Microsoft Office or other 3rd-party apps, may communicate with their cloud services outside of these telemetry levels. You should work with your app vendors to understand their telemetry policy, and how you can to opt in or opt out. For more information on how Microsoft Office uses telemetry, see [Overview of Office Telemetry](http://technet.microsoft.com/library/jj863580.aspx).
You can turn on or turn off System Center telemetry gathering. The default is on and the data gathered at this level represents what is gathered by default when System Center telemetry is turned on. However, setting the operating system telemetry level to **Basic** will turn off System Center telemetry, even if the System Center telemetry switch is turned on.
@ -368,7 +370,8 @@ There are a few more settings that you can turn off that may send telemetry info
- Turn off **Linguistic Data Collection** in **Settings** &gt; **Privacy**. At telemetry levels **Enhanced** and **Full**, Microsoft uses Linguistic Data Collection info to improve language model features such as autocomplete, spellcheck, suggestions, input pattern recognition, and dictionary.
>**Note:**  Microsoft does not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user's device. If we determine that sensitive information has been inadvertently received, we delete the information.
> [!NOTE]
> Microsoft does not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user's device. If we determine that sensitive information has been inadvertently received, we delete the information.
## Additional resources