diff --git a/devices/surface-hub/manage-surface-hub.md b/devices/surface-hub/manage-surface-hub.md index 25cca9e168..bd66726afe 100644 --- a/devices/surface-hub/manage-surface-hub.md +++ b/devices/surface-hub/manage-surface-hub.md @@ -40,3 +40,6 @@ Learn about managing and updating Surface Hub. | [Miracast on existing wireless network or LAN](miracast-over-infrastructure.md) | You can use Miracast on your wireless network or LAN to connect to Surface Hub. | | [Using a room control system]( https://technet.microsoft.com/itpro/surface-hub/use-room-control-system-with-surface-hub) | Room control systems can be used with your Microsoft Surface Hub.| +## Related topics + +- [View Power BI presentation mode on Surface Hub & Windows 10](https://powerbi.microsoft.com/documentation/powerbi-mobile-win10-app-presentation-mode/) \ No newline at end of file diff --git a/windows/application-management/TOC.md b/windows/application-management/TOC.md index 5c764b532e..b99f534e69 100644 --- a/windows/application-management/TOC.md +++ b/windows/application-management/TOC.md @@ -100,5 +100,6 @@ #### [Viewing App-V Server Publishing Metadata](app-v/appv-viewing-appv-server-publishing-metadata.md) #### [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](app-v/appv-running-locally-installed-applications-inside-a-virtual-environment.md) ## [Service Host process refactoring](svchost-service-refactoring.md) +## [Per User services in Windows](per-user-services-in-windows.md) ## [Deploy app upgrades on Windows 10 Mobile](deploy-app-upgrades-windows-10-mobile.md) ## [Change history for Application management](change-history-for-application-management.md) diff --git a/windows/application-management/media/gpp-hklm.png b/windows/application-management/media/gpp-hklm.png new file mode 100644 index 0000000000..6e73a3b078 Binary files /dev/null and b/windows/application-management/media/gpp-hklm.png differ diff --git a/windows/application-management/media/gpp-per-user-services.png b/windows/application-management/media/gpp-per-user-services.png new file mode 100644 index 0000000000..6d2d181d93 Binary files /dev/null and b/windows/application-management/media/gpp-per-user-services.png differ diff --git a/windows/application-management/media/gpp-svc-disabled.png b/windows/application-management/media/gpp-svc-disabled.png new file mode 100644 index 0000000000..ba082cec1b Binary files /dev/null and b/windows/application-management/media/gpp-svc-disabled.png differ diff --git a/windows/application-management/media/gpp-svc-start.png b/windows/application-management/media/gpp-svc-start.png new file mode 100644 index 0000000000..6966b6453f Binary files /dev/null and b/windows/application-management/media/gpp-svc-start.png differ diff --git a/windows/application-management/media/regedit-change-service-startup-type.png b/windows/application-management/media/regedit-change-service-startup-type.png new file mode 100644 index 0000000000..ab7fd3b02a Binary files /dev/null and b/windows/application-management/media/regedit-change-service-startup-type.png differ diff --git a/windows/application-management/per-user-services-in-windows.md b/windows/application-management/per-user-services-in-windows.md new file mode 100644 index 0000000000..6d2daad557 --- /dev/null +++ b/windows/application-management/per-user-services-in-windows.md @@ -0,0 +1,169 @@ +--- +title: Per-user services in Windows 10 and Windows Server 2016 +description: Learn about per-user services introduced in Windows 10. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: mobile +ms.author: elizapo +author: lizap +ms.date: 08/14/2017 +--- + +# Per-user services in Windows 10 and Windows Server 2016 + +Per-user services are services that are created when a user signs into Windows or Windows Server and are stopped and deleted when that user signs out. These services run in the security context of the user account - this provides better resource management than the previous approach of running these kinds of services in Explorer, associated with a preconfigured account, or as tasks. + +> [!NOTE] +> Per-user services are only in available in Windows Server if you have installed the Desktop Experience. If you are running a Server Core or Nano Server installation, you won't see these services. + +You can't prevent per-user services from being created, but you can configure the template service to create them in a stopped and disabled state. You do this by setting the template service's **Startup Type** to **Disabled**. + +> [!IMPORTANT] +> If you change the template service's Startup Type, make sure you carefully test that change prior to rolling it out in your production environment. + +Use the following information to understand per-user services, change the template service Startup Type, and manage per-user services through Group Policy and security templates. + +## Per-user services + +Windows 10 and Windows Server 2016 (with the Desktop Experience) have the following per-user services. The template services are located in the registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services. + +Before you disable any of these services, review the **Description** column in this table to understand the implications, including dependent apps that will no longer work correctly. + +| Key name | Display name | Default start type | Dependencies | Description | +|------------------------|-----------------------------------------|--------------------|--------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| CDPUserSvc | CDPUserSvc | Auto | | Used for Connected Devices Platform scenarios | +| OneSyncSvc | Sync Host | Auto (delayed) | | Synchronizes mail, contacts, calendar, and other user data. Mail and other applications dependent on this service don't work correctly when this service is not running. | +| PimIndexMaintenanceSvc | Contact Data | Manual | UnistoreSvc | Indexes contact data for fast contact searching. If you stop or disable this service, search results might not display all contacts. | +| UnistoreSvc | User Data Storage | Manual | | Handles storage of structured user data, including contact info, calendars, and messages. If you stop or disable this service, apps that use this data might not work correctly. | +| UserDataSvc | User Data Access | Manual | UnistoreSvc | Provides apps access to structured user data, including contact info, calendars, and messages. If you stop or disable this service, apps that use this data might not work correctly. | +| WpnUserService | Windows Push Notifications User Service | Manual | | Hosts Windows notification platform, which provides support for local and push notifications. Supported notifications are tile, toast, and raw. | + +## Disable per-user services + +The template service isn't displayed in the Services console (services.msc) so you need to edit the registry directly, either with Group Policy or a scripted solution, to disable a per-user service. + +> [!NOTE] +> Disabling a per-user service simply means that it is created in a stopped and disabled state. When the user signs out, the per-user service is removed. + +You can't manage all of the per-user service templates services using normal Group Policy management methods. Because the per-user services aren't displayed in the Services management console, they're also not displayed in the Group Policy Services policy editor UI. + +Additionally, there are four template services that can't be managed with a security template: +- PimIndexMaintenanceSvc +- UnistoreSvc +- UserDataSvc +- WpnUserService + +In light of these restrictions, you can use the following methods to manage per-user services template services: + +- A combination of a security template and a script or Group Policy preferences registry policy +- Group Policy preferences for all of the services +- A script for all of the services + +### Manage template services using a security template + +You can manage the CDPUserSvc and OneSyncSvc per-user services with a [security template](/windows/device-security/security-policy-settings/administer-security-policy-settings#bkmk-sectmpl). See [Administer security policy settings](/windows/device-security/security-policy-settings/administer-security-policy-settings) for more information. + +device-security/security-policy-settings/administer-security-policy-settings + +For example: + +``` +[Unicode] +Unicode=yes +[Version] +signature="$CHICAGO$" +Revision=1 +[Service General Setting] +"CDPUserSVC".4,"" +``` + +### Manage template services using Group Policy preferences + +If a per-user service can't be disabled using a the security template, you can disable it by using Group Policy preferences. + +1. On a Windows Server domain controller or Windows 10 PC that has the [Remote Server Administration Tools (RSAT)](https://www.microsoft.com/en-us/download/details.aspx?id=45520) installed, click **Start**, type GPMC.MSC, and then press **Enter** to open the **Group Policy Management Console**. + +2. Create a new Group Policy Object (GPO) or use an existing GPO. + +3. Right-click the GPO and click **Edit** to launch the Group Policy Object Editor. + +4. Depending on how you want to target the Group Policy, under **Computer configuration** or **User configuration** browse to Preferences\Windows Settings\Registry. + +5. Right-click **Registry** > **New** > **Registry Item**. + + ![Group Policy preferences disabling per-user services](media/gpp-per-user-services.png) + +6. Make sure that HKEY_Local_Machine is selected for Hive and then click ... (the ellipses) next to Key Path. + + ![Choose HKLM](media/gpp-hklm.png) + +7. Browse to **System\CurrentControlSet\Services\PimIndexMaintenanceSvc**. In the list of values, highlight **Start** and click **Select**. + + ![Select Start](media/gpp-svc-start.png) + +8. Change **Value data** from **00000003** to **00000004** and click **OK**. Note setting the Value data to **4** = **Disabled**. + + ![Startup Type is Disabled](media/gpp-svc-disabled.png) + +9. To add the other services that cannot be managed with a Group Policy templates, edit the policy and repeat steps 5-8. + +### Managing Template Services with reg.exe + +If you cannot use GPP to manage the per-user services you can edit the registry with reg.exe. +To disable the Template Services change the Startup Type for each service to 4 (disabled). +For example: + +```code +REG.EXE ADD HKLM\System\CurrentControlSet\Services\CDPUserSvc /v Start /t REG_DWORD /d 4 /f +REG.EXE ADD HKLM\System\CurrentControlSet\Services\OneSyncSvc /v Start /t REG_DWORD /d 4 /f +REG.EXE ADD HKLM\System\CurrentControlSet\Services\PimIndexMaintenanceSvc /v Start /t REG_DWORD /d 4 /f +REG.EXE ADD HKLM\System\CurrentControlSet\Services\UnistoreSvc /v Start /t REG_DWORD /d 4 /f +REG.EXE ADD HKLM\System\CurrentControlSet\Services\UserDataSvc /v Start /t REG_DWORD /d 4 /f +REG.EXE ADD HKLM\System\CurrentControlSet\Services\WpnUserService /v Start /t REG_DWORD /d 4 /f +``` + +> [!CAUTION] +> We recommend that you do not directly edit the registry unless there is no other alternative. Modifications to the registry are not validated by the Registry Editor or by the Windows operating system before they are applied. As a result, incorrect values can be stored, and this can result in unrecoverable errors in the system. When possible, instead of editing the registry directly, use Group Policy or other Windows tools such as the Microsoft Management Console (MMC) to accomplish tasks. If you must edit the registry, use extreme caution. + +### Managing Template Services with regedit.exe + +If you cannot use Group Policy preferences to manage the per-user services, you can edit the registry with regedit.exe. To disable the Template Services change the Startup Type for each service to 4 (disabled), as shown in the following example: + +![Using Regedit to change servive Starup Type](media/regedit-change-service-startup-type.png) + +> [!CAUTION] +> We recommend that you do not directly edit the registry unless there is no other alternative. Modifications to the registry are not validated by the Registry Editor or by the Windows operating system before they are applied. As a result, incorrect values can be stored, and this can result in unrecoverable errors in the system. When possible, instead of editing the registry directly, use Group Policy or other Windows tools such as the Microsoft Management Console (MMC) to accomplish tasks. If you must edit the registry, use extreme caution. + +### Manage template services by modifying the Windows image + +If you're using custom images to deploy Windows, you can modify the Startup Type for the template services as part of the normal imaging process. + +### Use a script to manage per-user services + +You can create a script to change the Startup Type for the per-user services. Then use Group Policy or another management solution to deploy the script in your environment. + +Sample script using [sc.exe](https://technet.microsoft.com/library/cc990290%28v=ws.11%29.aspx?f=255&MSPPError=-2147217396): + +``` +sc.exe configure start= disabled +``` +Note that the space after "=" is intentional. + +Sample script using the [Set-Service PowerShell cmdlet](https://technet.microsoft.com/library/ee176963.aspx): + +```powershell +Set-Service -StartupType Disabled +``` + +## View per-user services in the Services console (services.msc) + +As mentioned you can't view the template services in the Services console, but you can see the user-specific per-user services - they are displayed using the _LUID format (where LUID is the locally unique identifier). + +For example, you might see the following per-user services listed in the Services console: + +- CPDUserSVC_443f50 +- ContactData_443f50 +- Sync Host_443f50 +- User Data Access_443f50 +- User Data Storage_443f50 \ No newline at end of file diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 8d2e232161..f1d59d391c 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -1044,6 +1044,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
  • Education/PreventAddingNewPrinters
  • Education/PrinterNames
  • Security/ClearTPMIfNotReady
    • +
  • System/LimitEnhancedDiagnosticDataWindowsAnalytics
  • Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork
  • Update/DisableDualScan
  • Update/ScheduledInstallEveryWeek
    • @@ -1335,6 +1336,31 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware ## Change history in MDM documentation +### September 2017 + + ++++ + + + + + + + + + + + +
    New or updated topicDescription
    [Policy CSP](policy-configuration-service-provider.md)

    Added the following new policies for Windows 10, version 1709:

    +
      +
    • Search/AllowCloudSearch
      • +
    • System/LimitEnhancedDiagnosticDataWindowsAnalytics
      • +
    +
    + ### August 2017 diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index a36b8b8b5f..de942d3846 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -2646,6 +2646,9 @@ The following diagram shows the Policy configuration service provider in tree fo
    System/DisableSystemRestore
    +
    + System/LimitEnhancedDiagnosticDataWindowsAnalytics +
    System/TelemetryProxy
    diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md index 81e87eb957..3f35e2d4eb 100644 --- a/windows/client-management/mdm/policy-csp-defender.md +++ b/windows/client-management/mdm/policy-csp-defender.md @@ -572,7 +572,7 @@ ms.date: 08/30/2017

    Added in Windows 10, version 1709. This policy setting allows you to prevent Attack Surface reduction rules from matching on files under the paths specified or for the fully qualified resources specified. Paths should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a path or a fully qualified resource name. As an example, a path might be defined as: "c:\Windows" to exclude all files in this directory. A fully qualified resource name might be defined as: "C:\Windows\App.exe".. -Value type is string. +

    Value type is string. @@ -609,7 +609,9 @@ Value type is string.

    Added in Windows 10, version 1709. This policy setting enables setting the state (Block/Audit/Off) for each Attack surface reduction (ASR) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule. -Value type is string. +

    For more information about ASR rule ID and status ID, see [Enable Attack Surface Reduction](https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction). + +

    Value type is string. diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md index 53b9ec2f30..d077ea3454 100644 --- a/windows/client-management/mdm/policy-csp-system.md +++ b/windows/client-management/mdm/policy-csp-system.md @@ -554,6 +554,51 @@ ADMX Info: +**System/LimitEnhancedDiagnosticDataWindowsAnalytics** + + +

    + + + + + + + + + + + + + + + + + + +
    HomeProBusinessEnterpriseEducationMobileMobile Enterprise
    cross markcheck mark3check mark3check mark3check mark3check mark3check mark3
    + + + +

    This policy setting, in combination with the System/AllowTelemetry + policy setting, enables organizations to send Microsoft a specific set of diagnostic data for IT insights via Windows Analytics services. + +

    To enable this behavior you must complete two steps: +

      +
    • Enable this policy setting
      • +
    • Set Allow Telemetry to level 2 (Enhanced)
      • +
    + +

    When you configure these policy settings, a basic level of diagnostic data plus additional events that are required for Windows Analytics are sent to Microsoft. These events are documented here: [Windows 10, version 1703 basic level Windows diagnostic events and fields](https://go.microsoft.com/fwlink/?linkid=847594). + +

    Enabling enhanced diagnostic data in the System/AllowTelemetry policy in combination with not configuring this policy will also send the required events for Windows Analytics, plus additional enhanced level telemetry data. This setting has no effect on computers configured to send full, basic or security level diagnostic data to Microsoft. + +

    If you disable or do not configure this policy setting, then the level of diagnostic data sent to Microsoft is determined by the System/AllowTelemetry policy. + + + + + **System/TelemetryProxy** diff --git a/windows/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md index 5221675063..0018059252 100644 --- a/windows/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md +++ b/windows/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md @@ -8,7 +8,6 @@ ms.pagetype: security author: eross-msft ms.author: lizross ms.date: 08/11/2017 -localizationpriority: high --- # Configure Windows Defender Application Guard policy settings diff --git a/windows/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md b/windows/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md index 78a7228f40..d5206df9fb 100644 --- a/windows/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md +++ b/windows/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md @@ -8,7 +8,6 @@ ms.pagetype: security author: eross-msft ms.author: lizross ms.date: 08/11/2017 -localizationpriority: high --- # Frequently asked questions - Windows Defender Application Guard diff --git a/windows/threat-protection/windows-defender-application-guard/install-wd-app-guard.md b/windows/threat-protection/windows-defender-application-guard/install-wd-app-guard.md index a93a6519fc..0504f9f546 100644 --- a/windows/threat-protection/windows-defender-application-guard/install-wd-app-guard.md +++ b/windows/threat-protection/windows-defender-application-guard/install-wd-app-guard.md @@ -8,7 +8,6 @@ ms.pagetype: security author: eross-msft ms.author: lizross ms.date: 08/11/2017 -localizationpriority: high --- # Prepare and install Windows Defender Application Guard diff --git a/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md index c9f657f6f9..15b33475fa 100644 --- a/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md +++ b/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md @@ -8,7 +8,6 @@ ms.pagetype: security author: eross-msft ms.author: lizross ms.date: 08/11/2017 -localizationpriority: high --- # System requirements for Windows Defender Application Guard diff --git a/windows/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md b/windows/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md index 152f404382..b7cb312c08 100644 --- a/windows/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md +++ b/windows/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md @@ -8,7 +8,6 @@ ms.pagetype: security author: eross-msft ms.author: lizross ms.date: 08/11/2017 -localizationpriority: high --- # Testing scenarios using Windows Defender Application Guard in your business or organization diff --git a/windows/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md b/windows/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md index ac7c37e883..df475ea509 100644 --- a/windows/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md +++ b/windows/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md @@ -8,7 +8,6 @@ ms.pagetype: security author: eross-msft ms.author: lizross ms.date: 08/11/2017 -localizationpriority: high --- # Windows Defender Application Guard overview diff --git a/windows/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md index b10e923513..c482403b20 100644 --- a/windows/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md @@ -73,5 +73,9 @@ Your data will be kept for a period of at least 90 days, during which it will be ## Can Microsoft help us maintain regulatory compliance? -Microsoft provides customers with detailed information about Microsoft's security and compliance programs, including audit reports and compliance packages, to help customers assess Windows Defender ATP services against their own legal and regulatory requirements. Windows Defender ATP has a roadmap for obtaining national, regional and industry-specific certifications, starting with ISO 27001. The service is designed, implemented, and maintained according to the compliance and privacy principles of ISO 27001, as well as Microsoft’s compliance standards. -By providing customers with compliant, independently-verified services, Microsoft makes it easier for customers to achieve compliance for the infrastructure and applications they run, including this new Microsoft cloud service. +Microsoft provides customers with detailed information about Microsoft's security and compliance programs, including audit reports and compliance packages, to help customers assess Windows Defender ATP services against their own legal and regulatory requirements. Windows Defender ATP is ISO 27001 certified and has a roadmap for obtaining national, regional and industry-specific certifications. + + +By providing customers with compliant, independently-verified services, Microsoft makes it easier for customers to achieve compliance for the infrastructure and applications they run. + +For more information on the Windows Defender ATP ISO certification reports, see [Microsoft Trust Center](https://www.microsoft.com/en-us/trustcenter/compliance/iso-iec-27001). diff --git a/windows/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md index 158de675fc..b43ff9eb93 100644 --- a/windows/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md @@ -38,7 +38,7 @@ Windows Defender Advanced Threat Protection requires one of the following Micros - Windows 10 Enterprise E5 - Windows 10 Education E5 -- Secure Productive Enterprise E5 (SPE E5) which includes Windows 10 Enterprise E5 +- Microsoft 365 E5 (M365 E5) which includes Windows 10 Enterprise E5 For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2). diff --git a/windows/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md index 1419c95077..afcd9030c3 100644 --- a/windows/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md @@ -78,9 +78,12 @@ You can create a custom dashboard in Power BI Desktop to create visualizations t 7. Click **File** > **Options and settings** > **Custom data connectors**. 8. Select **New table and matrix visuals** and **Custom data connectors** and click **OK**. + + >[NOTE] + >If you are using Power BI Desktop July 2017 version (or later), you won't need to select **New table and matrix visuals**. You'll only need to select **Custom data connectors**. ![Power BI options page](images/atp-powerbi-options.png) - + 9. Restart Power BI Desktop. ## Customize the Windows Defender ATP Power BI dashboard diff --git a/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md b/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md index 5e1df99718..853ef9a50d 100644 --- a/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md +++ b/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.pagetype: security ms.sitesec: library author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Unenlightened and enlightened app behavior while using Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md b/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md index 2b6985d243..922db68920 100644 --- a/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md +++ b/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md @@ -6,7 +6,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # How to collect Windows Information Protection (WIP) audit event logs diff --git a/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md b/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md index 50bf85a578..cee2d5b687 100644 --- a/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md +++ b/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate diff --git a/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md b/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md index e4edc3e586..163ef51a0f 100644 --- a/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md +++ b/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune-azure.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Associate and deploy a VPN policy for Windows Information Protection (WIP) using the Azure portal for Microsoft Intune diff --git a/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md b/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md index 7b54968b51..83010d82bf 100644 --- a/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md +++ b/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md @@ -8,7 +8,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Associate and deploy a VPN policy for Windows Information Protection (WIP) using the classic console for Microsoft Intune diff --git a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune-azure.md index 6f9d99a876..48b2f0abd2 100644 --- a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune-azure.md +++ b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune-azure.md @@ -6,7 +6,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Create a Windows Information Protection (WIP) with enrollment policy using the Azure portal for Microsoft Intune diff --git a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md index 2f74bae405..b40ee0a441 100644 --- a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md +++ b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Create a Windows Information Protection (WIP) policy using the classic console for Microsoft Intune diff --git a/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md b/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md index 25be0c5cdc..af978f2b5a 100644 --- a/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md +++ b/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md @@ -8,7 +8,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Create and deploy a Windows Information Protection (WIP) policy using System Center Configuration Manager diff --git a/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md b/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md index b953181936..1324eed5be 100644 --- a/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md +++ b/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune-azure.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Deploy your Windows Information Protection (WIP) policy using the Azure portal for Microsoft Intune diff --git a/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune.md b/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune.md index 1cdad28951..8dd0fcf76f 100644 --- a/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune.md +++ b/windows/threat-protection/windows-information-protection/deploy-wip-policy-using-intune.md @@ -8,7 +8,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Deploy your Windows Information Protection (WIP) policy using the classic console for Microsoft Intune diff --git a/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md index 3694e13ba8..f3ef168e1c 100644 --- a/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md +++ b/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md @@ -8,7 +8,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # List of enlightened Microsoft apps for use with Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md b/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md index 73eddd870d..08e74a6265 100644 --- a/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md +++ b/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md @@ -8,7 +8,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # General guidance and best practices for Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/limitations-with-wip.md b/windows/threat-protection/windows-information-protection/limitations-with-wip.md index 67b6897a16..9c61e080b5 100644 --- a/windows/threat-protection/windows-information-protection/limitations-with-wip.md +++ b/windows/threat-protection/windows-information-protection/limitations-with-wip.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Limitations while using Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md b/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md index d810066027..34070f6316 100644 --- a/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md +++ b/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Mandatory tasks and settings required to turn on Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md b/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md index 428c25c20d..6dcd047747 100644 --- a/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md +++ b/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Create a Windows Information Protection (WIP) policy diff --git a/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md b/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md index 934aa9ae7c..d374d95478 100644 --- a/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md +++ b/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md @@ -8,7 +8,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Protect your enterprise data using Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md index 418c24c0ef..5bd3eccc1f 100644 --- a/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md +++ b/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Recommended Enterprise Cloud Resources and Neutral Resources network settings with Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md b/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md index 0c5aff23c1..88f14510a5 100644 --- a/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md +++ b/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md @@ -8,7 +8,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Testing scenarios for Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/using-owa-with-wip.md b/windows/threat-protection/windows-information-protection/using-owa-with-wip.md index e2aacd97c4..dbba82c416 100644 --- a/windows/threat-protection/windows-information-protection/using-owa-with-wip.md +++ b/windows/threat-protection/windows-information-protection/using-owa-with-wip.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Using Outlook on the web with Windows Information Protection (WIP) diff --git a/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md b/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md index fbf77802f5..bc89db2205 100644 --- a/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md +++ b/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md @@ -7,7 +7,7 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security author: eross-msft -ms.localizationpriority: high +ms.localizationpriority: medium --- # Determine the Enterprise Context of an app running in Windows Information Protection (WIP)