|
| **Microsoft EdgeHTML and modern web standards** | Microsoft Edge uses Microsoft EdgeHTML as the rendering engine. This engine focuses on modern standards letting web developers build and maintain a consistent site across all modern browsers. It also helps to defend against hacking through these security standards features:
Support for the W3C standard for [Content Security Policy (CSP)](https://developer.microsoft.com/microsoft-edge/platform/documentation/dev-guide/security/content-Security-Policy), which can help web developers defend their sites against cross-site scripting attacks.
Support for the [HTTP Strict Transport Security (HSTS)](https://developer.microsoft.com/microsoft-edge/platform/documentation/dev-guide/security/HSTS/) security feature (IETF-standard compliant). HSTS helps ensure that connections to important sites, such as to your bank, are always secured.
**NOTE:** Both Microsoft Edge and Internet Explorer 11 support HSTS. |
| **Code integrity and image loading restrictions** | Microsoft Edge content processes support code integrity and image load restrictions, helping to prevent malicious DLLs from loading or injecting into the content processes. Only [properly signed images](https://blogs.windows.com/msedgedev/2015/11/17/microsoft-edge-module-code-integrity/) are allowed to load into Microsoft Edge. Binaries on remote devices (such as UNC or WebDAV) can’t load. |
-| **Memory corruption mitigations** | Memory corruption attacks frequently happen to apps written in C or C++ don’t provide safety or buffer overflow protection. When an attacker provides malformed input to a program, the program’s memory becomes corrupt allowing the attacker to take control of the program. Although attackers have adapted and invented new ways to attack, we’ve responded with memory safety defenses, mitigating the most common forms of attack, including and especially [use-after-free (UAF)](http://cwe.mitre.org/data/definitions/416.html) vulnerabilities. |
+| **Memory corruption mitigations** | Memory corruption attacks frequently happen to apps written in C or C++ don’t provide safety or buffer overflow protection. When an attacker provides malformed input to a program, the program’s memory becomes corrupt allowing the attacker to take control of the program. Although attackers have adapted and invented new ways to attack, we’ve responded with memory safety defenses, mitigating the most common forms of attack, including and especially [use-after-free (UAF)](https://cwe.mitre.org/data/definitions/416.html) vulnerabilities. |
| **Memory Garbage Collector (MemGC) mitigation** | MemGC replaces Memory Protector and helps to protect the browser from UAF vulnerabilities. MemGC frees up memory from the programmer and automating it. Only freeing memory when the automation detects no references left pointing to a given block of memory. |
| **Control Flow Guard** | Attackers use memory corruption attacks to gain control of the CPU program counter to jump to any code location they want. Control Flow Guard, a Microsoft Visual Studio technology, compiles checks around code that performs indirect jumps based on a pointer. Those jumps get restricted to function entry points with known addresses only making attacker take-overs must more difficult constraining where an attack jumps. |
| **All web content runs in an app container sandbox** |Microsoft Edge takes the sandbox even farther, running its content processes in containers not just by default, but all of the time. Microsoft Edge doesn’t support 3rd party binary extensions, so there is no reason for it to run outside of the container, making Microsoft Edge more secure. |
diff --git a/browsers/edge/group-policies/start-pages-gp.md b/browsers/edge/group-policies/start-pages-gp.md
index 8aded2af76..55df08e642 100644
--- a/browsers/edge/group-policies/start-pages-gp.md
+++ b/browsers/edge/group-policies/start-pages-gp.md
@@ -9,6 +9,7 @@ ms.date: 10/02/2018
ms.prod: edge
ms.mktglfcycl: explore
ms.sitesec: library
+ms.topic: reference
---
# Start pages
diff --git a/browsers/edge/group-policies/sync-browser-settings-gp.md b/browsers/edge/group-policies/sync-browser-settings-gp.md
index 19670fa3e2..aac83e87ca 100644
--- a/browsers/edge/group-policies/sync-browser-settings-gp.md
+++ b/browsers/edge/group-policies/sync-browser-settings-gp.md
@@ -6,6 +6,7 @@ ms.author: pashort
author: shortpatti
ms.date: 10/02/2018
ms.localizationpriority: medium
+ms.topic: reference
---
# Sync browser settings
diff --git a/browsers/edge/group-policies/telemetry-management-gp.md b/browsers/edge/group-policies/telemetry-management-gp.md
index 446721b2a4..c83cd2848c 100644
--- a/browsers/edge/group-policies/telemetry-management-gp.md
+++ b/browsers/edge/group-policies/telemetry-management-gp.md
@@ -6,6 +6,7 @@ ms.author: pashort
author: shortpatti
ms.date: 10/02/2018
ms.localizationpriority: medium
+ms.topic: reference
---
# Telemetry and data collection
diff --git a/browsers/edge/images/compat1.png b/browsers/edge/images/compat1.png
new file mode 100644
index 0000000000..35634d70b5
Binary files /dev/null and b/browsers/edge/images/compat1.png differ
diff --git a/browsers/edge/images/compat2.png b/browsers/edge/images/compat2.png
new file mode 100644
index 0000000000..e52f7d6c2d
Binary files /dev/null and b/browsers/edge/images/compat2.png differ
diff --git a/browsers/edge/images/compat3.png b/browsers/edge/images/compat3.png
new file mode 100644
index 0000000000..f67fad2e8f
Binary files /dev/null and b/browsers/edge/images/compat3.png differ
diff --git a/browsers/edge/images/deploy-enduser.png b/browsers/edge/images/deploy-enduser.png
new file mode 100644
index 0000000000..2a313013a9
Binary files /dev/null and b/browsers/edge/images/deploy-enduser.png differ
diff --git a/browsers/edge/images/deploy-land.png b/browsers/edge/images/deploy-land.png
new file mode 100644
index 0000000000..c8fd9a1ba9
Binary files /dev/null and b/browsers/edge/images/deploy-land.png differ
diff --git a/browsers/edge/images/edgeblog.png b/browsers/edge/images/edgeblog.png
new file mode 100644
index 0000000000..544ad83db6
Binary files /dev/null and b/browsers/edge/images/edgeblog.png differ
diff --git a/browsers/edge/images/enduser-land.png b/browsers/edge/images/enduser-land.png
new file mode 100644
index 0000000000..61958be866
Binary files /dev/null and b/browsers/edge/images/enduser-land.png differ
diff --git a/browsers/edge/images/land-compat.png b/browsers/edge/images/land-compat.png
new file mode 100644
index 0000000000..f709974ced
Binary files /dev/null and b/browsers/edge/images/land-compat.png differ
diff --git a/browsers/edge/images/land-security.png b/browsers/edge/images/land-security.png
new file mode 100644
index 0000000000..468354869f
Binary files /dev/null and b/browsers/edge/images/land-security.png differ
diff --git a/browsers/edge/images/land1.png b/browsers/edge/images/land1.png
new file mode 100644
index 0000000000..b47bbd5b30
Binary files /dev/null and b/browsers/edge/images/land1.png differ
diff --git a/browsers/edge/images/new1.png b/browsers/edge/images/new1.png
new file mode 100644
index 0000000000..bfa51b83f4
Binary files /dev/null and b/browsers/edge/images/new1.png differ
diff --git a/browsers/edge/images/new2.png b/browsers/edge/images/new2.png
new file mode 100644
index 0000000000..dee2d7eb15
Binary files /dev/null and b/browsers/edge/images/new2.png differ
diff --git a/browsers/edge/images/new3.png b/browsers/edge/images/new3.png
new file mode 100644
index 0000000000..59f83920fb
Binary files /dev/null and b/browsers/edge/images/new3.png differ
diff --git a/browsers/edge/images/new4.png b/browsers/edge/images/new4.png
new file mode 100644
index 0000000000..070a4f9a11
Binary files /dev/null and b/browsers/edge/images/new4.png differ
diff --git a/browsers/edge/images/security1.png b/browsers/edge/images/security1.png
new file mode 100644
index 0000000000..f4d8b0421e
Binary files /dev/null and b/browsers/edge/images/security1.png differ
diff --git a/browsers/edge/images/security2.png b/browsers/edge/images/security2.png
new file mode 100644
index 0000000000..23ae998b39
Binary files /dev/null and b/browsers/edge/images/security2.png differ
diff --git a/browsers/edge/images/security3.png b/browsers/edge/images/security3.png
new file mode 100644
index 0000000000..3ee5d56354
Binary files /dev/null and b/browsers/edge/images/security3.png differ
diff --git a/browsers/edge/images/twitter.png b/browsers/edge/images/twitter.png
new file mode 100644
index 0000000000..3b30a9a1cc
Binary files /dev/null and b/browsers/edge/images/twitter.png differ
diff --git a/browsers/edge/images/wipinsider.png b/browsers/edge/images/wipinsider.png
new file mode 100644
index 0000000000..a1f1f0b0fe
Binary files /dev/null and b/browsers/edge/images/wipinsider.png differ
diff --git a/browsers/edge/includes/allow-web-content-new-tab-page-include.md b/browsers/edge/includes/allow-web-content-new-tab-page-include.md
index aa5efc657a..cdd5bb2adc 100644
--- a/browsers/edge/includes/allow-web-content-new-tab-page-include.md
+++ b/browsers/edge/includes/allow-web-content-new-tab-page-include.md
@@ -1,7 +1,7 @@
---
author: shortpatti
ms.author: pashort
-ms.date: 10/26/2018
+ms.date: 11/02/2018
ms.prod: edge
ms:topic: include
---
@@ -18,9 +18,8 @@ ms:topic: include
|Group Policy |MDM |Registry |Description |
|---|:---:|:---:|---|
-|Not configured |Blank |Blank |Users can choose what loads on the New Tab page. |
-|Disabled |0 |0 |Load a blank page instead of the default New Tab page and prevent users from changing it. |
-|Enabled **(default)** |1 |1 |Load the default New Tab page. |
+|Disabled |0 |0 |Load a blank page instead of the default New Tab page and prevent users from making changes. |
+|Enabled or not configured **(default)** |1 |1 |Load the default New Tab page and the users make changes. |
---
### ADMX info and settings
diff --git a/browsers/edge/includes/provision-favorites-include.md b/browsers/edge/includes/provision-favorites-include.md
index efd553631f..a67f33444b 100644
--- a/browsers/edge/includes/provision-favorites-include.md
+++ b/browsers/edge/includes/provision-favorites-include.md
@@ -21,7 +21,7 @@ ms:topic: include
|Group Policy |Description |Most restricted |
|---|---|:---:|
|Disabled or not configured **(default)** |Users can customize the favorites list, such as adding folders, or adding and removing favorites. | |
-|Enabled |Define a default list of favorites in Microsoft Edge. In this case, the Save a Favorite, Import settings, and context menu options (such as Create a new folder) are turned off.
To define a default list of favorites, do the following:
In the upper-right corner of Microsoft Edge, click the ellipses (**...**) and select **Settings**.
Click **Import from another browser**, click **Export to file** and save the file.
In the **Options** section of the Group Policy Editor, provide the location that points the file with the list of favorites to provision. Specify the URL as:
Local network: "SiteList"="\network\shares\URLs.html"
Local file: "SiteList"=file:///c:/Users/Documents/URLs.html
| |
+|Enabled |Define a default list of favorites in Microsoft Edge. In this case, the Save a Favorite, Import settings, and context menu options (such as Create a new folder) are turned off.
To define a default list of favorites, do the following:
In the upper-right corner of Microsoft Edge, click the ellipses (**...**) and select **Settings**.
Click **Import from another browser**, click **Export to file** and save the file.
In the **Options** section of the Group Policy Editor, provide the location that points the file with the list of favorites to provision. Specify the URL as:
diff --git a/browsers/edge/microsoft-edge-faq.md b/browsers/edge/microsoft-edge-faq.md
index 432331677d..f989f0e5c8 100644
--- a/browsers/edge/microsoft-edge-faq.md
+++ b/browsers/edge/microsoft-edge-faq.md
@@ -4,10 +4,11 @@ description: Answers to frequently asked questions about Microsoft Edge features
author: shortpatti
ms.author: pashort
ms.prod: edge
+ms.topic: reference
ms.mktglfcycl: general
ms.sitesec: library
ms.localizationpriority: medium
-ms.date: 10/23/2018
+ms.date: 11/05/2018
---
# Frequently Asked Questions (FAQs) for IT Pros
@@ -32,7 +33,7 @@ For more information on how Internet Explorer and Microsoft Edge can work togeth
**Q: Does Microsoft Edge work with Enterprise Mode?**
-**A:** [Enterprise Mode](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11) offers better backward compatibility and enables customers to run many legacy web applications. Microsoft Edge and Internet Explorer can be configured to use the same Enterprise Mode Site List, switching seamlessly between browsers to support both modern and legacy web apps. For guidance and additional resources, please visit the [Microsoft Edge IT Center](https://technet.microsoft.com/microsoft-edge).
+**A:** [Enterprise Mode](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/enterprise-mode-overview-for-ie11) offers better backward compatibility and enables customers to run many legacy web applications. Microsoft Edge and Internet Explorer can be configured to use the same Enterprise Mode Site List, switching seamlessly between browsers to support both modern and legacy web apps.
**Q: I have Windows 10, but I don’t seem to have Microsoft Edge. Why?**
@@ -41,7 +42,7 @@ For more information on how Internet Explorer and Microsoft Edge can work togeth
**Q: How do I get the latest Canary/Beta/Preview version of Microsoft Edge?**
-**A:** You can access the latest preview version of Microsoft Edge by updating to the latest Windows 10 preview via the [Windows Insider Program](https://insider.windows.com/). To run the preview version of Microsoft Edge on a stable version of Windows 10 (or any other OS), you can download a [Virtual Machine](https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/windows/) that we provide or use the upcoming RemoteEdge service.
+**A:** You can access the latest preview version of Microsoft Edge by updating to the latest Windows 10 preview via the [Windows Insider Program](https://insider.windows.com/). To run the preview version of Microsoft Edge on a stable version of Windows 10 (or any other OS), you can download a [Virtual Machine](https://developer.microsoft.com/microsoft-edge/tools/vms/windows/) that we provide or use the upcoming RemoteEdge service.
**Q: How do I customize Microsoft Edge and related settings for my organization?**
@@ -49,7 +50,9 @@ For more information on how Internet Explorer and Microsoft Edge can work togeth
**Q: Is Adobe Flash supported in Microsoft Edge?**
-**A:** Currently, Adobe Flash is supported as a built-in feature of Microsoft Edge on devices running the desktop version of Windows 10. In July 2017, Adobe announced that Flash will no longer be supported after 2020. With Adobe no longer supporting Flash after 2020, Microsoft has started to phase out Flash from Microsoft Edge by adding the [Configure the Adobe Flash Click-to-Run setting](#configure-the-adobe-flash-click-to-run-setting) group policy giving you a way to control the list of websites that have permission to run Adobe Flash content.
+**A:** Currently, Adobe Flash is supported as a built-in feature of Microsoft Edge on devices running the desktop version of Windows 10. In July 2017, Adobe announced that Flash will no longer be supported after 2020. With Adobe no longer supporting Flash after 2020, Microsoft has started to phase out Flash from Microsoft Edge by adding the [Configure the Adobe Flash Click-to-Run setting](available-policies.md#configure-the-adobe-flash-click-to-run-setting) group policy giving you a way to control the list of websites that have permission to run Adobe Flash content.
+
+
To learn more about Microsoft’s plan for phasing out Flash from Microsoft Edge and Internet Explorer, see [The End of an Era — Next Steps for Adobe Flash]( https://blogs.windows.com/msedgedev/2017/07/25/flash-on-windows-timeline/#3Bcc3QjRw0l7XsZ4.97) (blog article).
diff --git a/browsers/edge/microsoft-edge-forrester.md b/browsers/edge/microsoft-edge-forrester.md
new file mode 100644
index 0000000000..46e097832b
--- /dev/null
+++ b/browsers/edge/microsoft-edge-forrester.md
@@ -0,0 +1,34 @@
+---
+title: Forrester Total Economic Impact - Microsoft Edge
+description: Review the results of the Microsoft Edge study carried out by Forrester Research
+ms.prod: edge
+ms.topic: article
+author: lizap
+ms.author: elizapo
+ms.localizationpriority: high
+---
+# Measuring the impact of Microsoft Edge - Total Economic Impact (TEI) of Microsoft Edge
+
+Forrester Research measures the return on investment (ROI) of Microsoft Edge in its latest TEI report and survey. Browse and download these free resources to learn about the impact Microsoft Edge can have in your organization, including significant cost savings in reduced browser help desk tickets and improved browser security, to increased speed, performance, and user productivity.
+
+## Forrester report video summary
+View a brief overview of the Forrester TEI case study that Microsoft commissioned to examine the value your organization can achieve by utilizing Microsoft Edge:
+
+>![VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE26zQm]
+
+## Forrester Study report
+
+Forrester interviewed several customers with more than six months of experience using Microsoft Edge – all customers reported improvements in browser security, increased user productivity, and efficiencies gained in supporting the software.
+
+[Download the full report](https://www.microsoft.com/download/details.aspx?id=55847)
+
+## Forrester Study report infographic
+Get a graphical summary of the TEI of Microsoft Edge Forrester Study report and highlights of the three-year financial impact of Microsoft Edge.
+
+[Download the report infographic](https://www.microsoft.com/download/details.aspx?id=55956)
+
+## Forrester survey infographic
+
+Forrester surveyed 168 customers using Microsoft Edge form the US, Germany, UK, and Japan, ranging in size from 500 to over 100,000 employees. This document is an abridged version of this survey commissioned by Microsoft and delivery by Forrester consulting.
+
+[Download the survey infographic](https://www.microsoft.com/download/details.aspx?id=53892)
\ No newline at end of file
diff --git a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
index a3d1996719..a8f34188e6 100644
--- a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
+++ b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
@@ -1,11 +1,12 @@
---
+title: Deploy Microsoft Edge kiosk mode
description: Microsoft Edge kiosk mode works with assigned access to allow IT admins to create a tailored browsing experience designed for kiosk devices. To use Microsoft Edge kiosk mode, you must configure Microsoft Edge as an application in assigned access.
ms.assetid:
author: shortpatti
ms.author: pashort
ms.prod: edge
ms.sitesec: library
-title: Deploy Microsoft Edge kiosk mode
+ms.topic: get-started-article
ms.localizationpriority: medium
ms.date: 10/29/2018
---
diff --git a/browsers/edge/microsoft-edge.yml b/browsers/edge/microsoft-edge.yml
new file mode 100644
index 0000000000..1d5723ae94
--- /dev/null
+++ b/browsers/edge/microsoft-edge.yml
@@ -0,0 +1,61 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Microsoft Edge
+metadata:
+ document_id:
+ title: Microsoft Edge
+ description: Find the tools and resources you need to help deploy and use Microsoft Edge in your organization.
+ keywords: Microsoft Edge, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: medium
+ author: lizap
+ ms.author: elizapo
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find the tools and resources you need to help deploy and use Microsoft Edge in your organization.
+ "
+- title: What's new
+- items:
+ - type: markdown
+ text: "
+ Find out the latest and greatest news on Microsoft Edge.
+
**The latest in Microsoft Edge** See what's new for users and developers in the next update to Microsoft Edge - now available with the Windows 10 April 2018 update! Find out more
**Evaluate the impact** Review the latest Forrester Total Economic Impact (TEI) report to learn about the impact Microsoft Edge can have in your organization. Download the reports
**Microsoft Edge for iOS and Android** Microsoft Edge brings familiar features across your PC and phone, which allows browsing to go with you, no matter what device you use. Learn more
**Application Guard** Microsoft Edge with Windows Defender Application Guard is the most secure browser on Windows 10 Enterprise. Learn more
+
+ "
+- title: Compatibility
+- items:
+ - type: markdown
+ text: "
+ Even if you still have legacy apps in your organization, you can default to the secure, modern experience of Microsoft Edge and provide a consistent level of compatibility with existing legacy applications.
+
**Web Application Compatibility Lab Kit** The Web Application Compatibility Lab Kit is a primer for the features and techniques used to provide web application compatibility during a typical enterprise migration to Microsoft Edge. Find out more
+
+ "
+- title: Security
+- items:
+ - type: markdown
+ text: "
+ Microsoft Edge uses Windows Hello and SmartScreen to defend against phishing and malware. Take a look at some of the additional features behind the strong defense that Microsoft Edge provides against web-based attacks.
+
**NSS Labs web browser security reports** See the results of two global tests measuring how effective browsers are at protecting against socially engineered malware and phishing attacks. Download the reports
**Microsoft Edge sandbox** See how Microsoft Edge has significantly reduced the attack surface of the sandbox by configuring the app container to further reduce its privilege. Find out more
**Windows Defender SmartScreen** Manage your organization's computer settings with Group Policy and MDM settings to display a warning page to employees or block a site entirely. Read the docs
+
+ "
+- title: Deployment and end user readiness
+- items:
+ - type: markdown
+ text: "
+ Find resources and learn about features to help you deploy Microsoft Edge in your organization to get your users up and running quickly.
+
**Sign up for the Windows IT Pro Insider** Get the latest tools, tips, and expert guidance on deployment, management, security, and more. Learn more
**Microsoft Edge Dev blog** Keep up with the latest browser trends, security tips, and news for IT professionals. Read the blog
**Microsoft Edge Dev on Twitter** Get the latest news and updates from the Microsoft Web Platform team. Visit Twitter
+
+ "
diff --git a/browsers/edge/shortdesc/allow-web-content-on-new-tab-page-shortdesc.md b/browsers/edge/shortdesc/allow-web-content-on-new-tab-page-shortdesc.md
index 9c8dea176e..a056b0a737 100644
--- a/browsers/edge/shortdesc/allow-web-content-on-new-tab-page-shortdesc.md
+++ b/browsers/edge/shortdesc/allow-web-content-on-new-tab-page-shortdesc.md
@@ -1,9 +1,9 @@
---
author: shortpatti
ms.author: pashort
-ms.date: 10/02/2018
+ms.date: 11/02/2018
ms.prod: edge
ms:topic: include
---
-By default, Microsoft Edge loads the default New Tab page. Disabling this policy loads a blank page instead of the New Tab page and prevents users from changing it. Not configuring this policy lets users choose what loads on the New Tab page.
\ No newline at end of file
+By default, Microsoft Edge loads the default New Tab page and lets the users make changes. If you disable this policy, a blank page loads instead of the New Tab page and prevents users from changing it.
\ No newline at end of file
diff --git a/browsers/edge/web-app-compat-toolkit.md b/browsers/edge/web-app-compat-toolkit.md
new file mode 100644
index 0000000000..f2742ca22d
--- /dev/null
+++ b/browsers/edge/web-app-compat-toolkit.md
@@ -0,0 +1,55 @@
+---
+title: Web Application Compatibility lab kit
+description: Learn how to use the web application compatibility toolkit for Microsoft Edge.
+ms.prod: edge
+ms.topic: article
+ms.manager: elizapo
+author: lizap
+ms.author: elizapo
+ms.localizationpriority: high
+---
+
+# Web Application Compatibility lab kit
+
+>Updated: October, 2017
+
+Upgrading web applications to modern standards is the best long-term solution to ensure compatibility with today’s web browsers, but using backward compatibility can save time and money. Internet Explorer 11 has features that can ease your browser and operating system upgrades, reducing web application testing and remediation costs. On Windows 10, you can standardize on Microsoft Edge for faster, safer browsing and fall back to Internet Explorer 11 just for sites that need backward compatibility.
+
+The Web Application Compatibility Lab Kit is a primer for the features and techniques used to provide web application compatibility during a typical enterprise migration to Microsoft Edge. It walks you through how to configure and set up Enterprise Mode, leverage Enterprise Site Discovery, test web apps using the F12 developer tools, and manage the Enterprise Mode Site List.
+
+The Web Application Compatibility Lab Kit includes:
+
+- A pre-configured Windows 7 and Windows 10 virtual lab environment with:
+ - Windows 7 Enterprise Evaluation
+ - Windows 10 Enterprise Evaluation (version 1607)
+ - Enterprise Mode Site List Manager
+ - Enterprise Site Discovery Toolkit
+- A "lite" lab option to run the lab on your own Windows 7 or Windows 10 operating system
+- A step-by-step lab guide
+- A web application compatibility overview video
+- A white paper and IT Showcase studies
+
+Depending on your environment, your web apps may "just work” using the methods described below. Visit [Microsoft Edge Dev](https://developer.microsoft.com/microsoft-edge/) for tools and guidance for web developers.
+
+There are two versions of the lab kit available:
+
+- Full version (8 GB) - includes a complete virtual lab environment
+- Lite version (400 MB) - includes guidance for running the Lab Kit on your own Windows 7 or Windows 10 operating system
+
+The Web Application Compatibility Lab Kit is also available in the following languages:
+
+- Chinese (Simplified)
+- Chinese (Traditional)
+- French
+- German
+- Italian
+- Japanese
+- Korean
+- Portuguese (Brazil)
+- Russian
+- Spanish
+
+[DOWNLOAD THE LAB KIT](https://www.microsoft.com/evalcenter/evaluate-windows-10-web-application-compatibility-lab)
+
+>[!TIP]
+>Please use a broad bandwidth to download this content to enhance your downloading experience. Lab environment requires 8 GB of available memory and 100 GB of free disk space.
\ No newline at end of file
diff --git a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
index f6061375ab..6ebdd65d65 100644
--- a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
+++ b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
@@ -33,7 +33,7 @@ You can add individual sites to your compatibility list by using the Enterprise
1. In the Enterprise Mode Site List Manager (schema v.1), click **Add**.
2. Type the URL for the website that’s experiencing compatibility problems, like *<domain>.com* or *<domain>.com*/*<path>* into the **URL** box.
-Don't include the `http://` or `https://` designation. The tool automatically tries both versions during validation.
+Don't include the `https://` or `https://` designation. The tool automatically tries both versions during validation.
3. Type any comments about the website into the **Notes about URL** box.
Administrators can only see comments while they’re in this tool.
diff --git a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
index eafa1921a5..4c6531c174 100644
--- a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
+++ b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
@@ -33,7 +33,7 @@ You can add individual sites to your compatibility list by using the Enterprise
1. In the Enterprise Mode Site List Manager (schema v.2), click **Add**.
2. Type the URL for the website that’s experiencing compatibility problems, like *<domain>.com* or *<domain>.com*/*<path>* into the **URL** box.
-Don't include the `http://` or `https://` designation. The tool automatically tries both versions during validation.
+Don't include the `https://` or `https://` designation. The tool automatically tries both versions during validation.
3. Type any comments about the website into the **Notes about URL** box.
Administrators can only see comments while they’re in this tool.
diff --git a/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md b/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md
index e678fe972c..4dfb16435c 100644
--- a/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md
@@ -50,7 +50,7 @@ Employees assigned to the Requester role can create a change request. A change r
- **Business impact (optional).** An optional area where you can provide info about the business impact of this app and the change.
- - **App location (URL).** The full URL location to the app, starting with http:// or https://.
+ - **App location (URL).** The full URL location to the app, starting with https:// or https://.
- **App best viewed in.** Select the best browser experience for the app. This can be Internet Explorer 5 through Internet Explorer 11 or one of the IE7Enterprise or IE8Enterprise modes.
diff --git a/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md b/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md
index 88711fd787..52ada71083 100644
--- a/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md
@@ -28,7 +28,7 @@ If you don't want to use the Enterprise Mode Site List Manager, you also have th
The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1.
**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com.
+Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both https://contoso.com and https://contoso.com.
``` xml
@@ -135,7 +135,7 @@ This table includes the elements used by the Enterprise Mode schema.
<path exclude="true">/products</path>
</domain>
</emie>
-Where http://fabrikam.com doesn't use IE8 Enterprise Mode, but http://fabrikam.com/products does.
+Where https://fabrikam.com doesn't use IE8 Enterprise Mode, but https://fabrikam.com/products does.
Internet Explorer 11 and Microsoft Edge
@@ -167,7 +167,7 @@ This table includes the attributes used by the Enterprise Mode schema.
<path exclude="true">/products</path>
</domain>
</emie>
-Where http://fabrikam.com doesn't use IE8 Enterprise Mode, but http://fabrikam.com/products does.
+Where https://fabrikam.com doesn't use IE8 Enterprise Mode, but https://fabrikam.com/products does.
Internet Explorer 11 and Microsoft Edge
@@ -203,7 +203,7 @@ For example, say you want all of the sites in the contoso.com domain to open usi
### What not to include in your schema
We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
-- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing.
+- Don’t use protocols. For example, `https://`, `https://`, or custom protocols. They break parsing.
- Don’t use wildcards.
- Don’t use query strings, ampersands break parsing.
diff --git a/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md b/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md
index df6a01cb68..ebc229a1db 100644
--- a/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md
+++ b/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md
@@ -38,7 +38,7 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo
The following is an example of the v.2 version of the Enterprise Mode schema.
**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com.
+Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both https://contoso.com and https://contoso.com.
``` xml
@@ -198,7 +198,7 @@ The <url> attribute, as part of the <site> element in the v.2 versio
<site url="contoso.com/travel">
<open-in allow-redirect="true">IE11</open-in>
</site>
-In this example, if http://contoso.com/travel is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer.
+In this example, if https://contoso.com/travel is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer.
Internet Explorer 11 and Microsoft Edge
@@ -210,14 +210,14 @@ In this example, if http://contoso.com/travel is encountered in a redirect chain
url
Specifies the URL (and port number using standard port conventions) to which the child elements apply. The URL can be a domain, sub-domain, or any path URL.
Note
-Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both http://contoso.com and https://contoso.com.
+Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both https://contoso.com and https://contoso.com.
-In this example, going to http://contoso.com:8080 using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode.
+In this example, going to https://contoso.com:8080 using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode.
Internet Explorer 11 and Microsoft Edge
@@ -286,7 +286,7 @@ Saving your v.1 version of the file using the new Enterprise Mode Site List Mana
### What not to include in your schema
We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
-- Don’t use protocols. For example, http://, https://, or custom protocols. They break parsing.
+- Don’t use protocols. For example, https://, https://, or custom protocols. They break parsing.
- Don’t use wildcards.
- Don’t use query strings, ampersands break parsing.
diff --git a/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md b/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md
index bfb9659bd0..b67d27b563 100644
--- a/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md
+++ b/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md
@@ -111,7 +111,7 @@ The required packages are automatically downloaded and included in the solution.
1. Open a registry editor on the computer where you deployed the app, go to the `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode` key, and change the **Enable** string to:
- ``` "Enable"="http:///api/records/"
+ ``` "Enable"="https:///api/records/"
```
Where `` points to your deployment URL.
@@ -125,7 +125,7 @@ The required packages are automatically downloaded and included in the solution.
**To view the report results**
-- Go to `http:///List` to see the report results.
+- Go to `https:///List` to see the report results.
If you’re already on the webpage, you’ll need to refresh the page to see the results.
diff --git a/browsers/enterprise-mode/set-up-enterprise-mode-portal.md b/browsers/enterprise-mode/set-up-enterprise-mode-portal.md
index 0aca62e070..fe5fe752fc 100644
--- a/browsers/enterprise-mode/set-up-enterprise-mode-portal.md
+++ b/browsers/enterprise-mode/set-up-enterprise-mode-portal.md
@@ -176,7 +176,7 @@ Using the IIS Manager, you must restart both your Application Pool and your webs
After you've created your database and website, you'll need to register yourself (or another employee) as an administrator for the Enterprise Mode Site List Portal.
**To register as an administrator**
-1. Open Microsoft Edge and type your website URL into the Address bar. For example, http://emieportal:8085.
+1. Open Microsoft Edge and type your website URL into the Address bar. For example, https://emieportal:8085.
2. Click **Register now**.
@@ -184,7 +184,7 @@ After you've created your database and website, you'll need to register yourself
4. Click **Administrator** from the **Role** box, and then click **Save**.
-5. Append your website URL with `/#/EMIEAdminConsole` in the Address bar to go to your administrator console. For example, http://emieportal:8085/#/EMIEAdminConsole.
+5. Append your website URL with `/#/EMIEAdminConsole` in the Address bar to go to your administrator console. For example, https://emieportal:8085/#/EMIEAdminConsole.
A dialog box appears, prompting you for the system user name and password. The default user name is EMIEAdmin and the default password is Admin123. We strongly recommend that you change the password by using the **Change password** link as soon as you're done with your first visit.
diff --git a/browsers/enterprise-mode/turn-on-enterprise-mode-and-use-a-site-list.md b/browsers/enterprise-mode/turn-on-enterprise-mode-and-use-a-site-list.md
index e4e3d83ec8..1a704aa67e 100644
--- a/browsers/enterprise-mode/turn-on-enterprise-mode-and-use-a-site-list.md
+++ b/browsers/enterprise-mode/turn-on-enterprise-mode-and-use-a-site-list.md
@@ -33,7 +33,7 @@ All of your managed devices must have access to this location if you want them t
- **Local file:** `"SiteList"="file:///c:\\Users\\\\Documents\\testList.xml"`
> **Example:**
- >> _Web URL_ http://localhost:8080/EnterpriseMode.xml
+ >> _Web URL_ https://localhost:8080/EnterpriseMode.xml
>>
>> _Network Share_ \\NetworkShare.xml (Place this inside the group policy folder on Sysvol)
>>
diff --git a/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md b/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md
index 0f5ff8d1f9..5781fe3fc0 100644
--- a/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md
+++ b/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md
@@ -46,9 +46,9 @@ Besides turning on this feature, you also have the option to provide a URL for E
Your **Value data** location can be any of the following types:
-- **URL location (like, http://www.emieposturl.com/api/records or http://localhost:13000)**. IE sends a POST message to the URL every time a change is made to Enterprise Mode from the **Tools** menu.
**Important**
-The `http://www.emieposturl.com/api/records` example will only work if you’ve downloaded the sample discussed in the [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) topic. If you don’t have the sample, you won’t have the web API.
-- **Local network location (like, http://*emieposturl*/)**. IE sends a POST message to your specified local network location every time a change is made to Enterprise Mode from the **Tools** menu.
+- **URL location (like, https://www.emieposturl.com/api/records or https://localhost:13000)**. IE sends a POST message to the URL every time a change is made to Enterprise Mode from the **Tools** menu.
**Important**
+The `https://www.emieposturl.com/api/records` example will only work if you’ve downloaded the sample discussed in the [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) topic. If you don’t have the sample, you won’t have the web API.
+- **Local network location (like, https://*emieposturl*/)**. IE sends a POST message to your specified local network location every time a change is made to Enterprise Mode from the **Tools** menu.
- **Empty string**. If you leave the **Value data** box blank; your employees will be able to turn Enterprise Mode on and off from the **Tools** menu, but you won’t collect any logging data.
For information about how to collect the data provided when your employees turn Enterprise Mode on or off from the **Tools** menu, see [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md).
diff --git a/browsers/internet-explorer/docfx.json b/browsers/internet-explorer/docfx.json
index 34e8b2d487..0c42ef4158 100644
--- a/browsers/internet-explorer/docfx.json
+++ b/browsers/internet-explorer/docfx.json
@@ -9,7 +9,7 @@
],
"resource": [
{
- "files": ["**/images/**", "**/*.json"],
+ "files": ["**/images/**"],
"exclude": ["**/obj/**"]
}
],
@@ -34,6 +34,7 @@
"externalReference": [
],
"template": "op.html",
- "dest": "edges/internet-explorer"
+ "dest": "edges/internet-explorer",
+ "markdownEngineName": "dfm"
}
}
\ No newline at end of file
diff --git a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
index decdc115fa..2eab3c28fd 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md
@@ -33,7 +33,7 @@ You can add individual sites to your compatibility list by using the Enterprise
1. In the Enterprise Mode Site List Manager (schema v.1), click **Add**.
2. Type the URL for the website that’s experiencing compatibility problems, like *<domain>.com* or *<domain>.com*/*<path>* into the **URL** box.
-Don't include the `http://` or `https://` designation. The tool automatically tries both versions during validation.
+Don't include the `https://` or `https://` designation. The tool automatically tries both versions during validation.
3. Type any comments about the website into the **Notes about URL** box.
Administrators can only see comments while they’re in this tool.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
index bdfc8633a7..df209b5a60 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md
@@ -33,7 +33,7 @@ You can add individual sites to your compatibility list by using the Enterprise
1. In the Enterprise Mode Site List Manager (schema v.2), click **Add**.
2. Type the URL for the website that’s experiencing compatibility problems, like *<domain>.com* or *<domain>.com*/*<path>* into the **URL** box.
-Don't include the `http://` or `https://` designation. The tool automatically tries both versions during validation.
+Don't include the `https://` or `https://` designation. The tool automatically tries both versions during validation.
3. Type any comments about the website into the **Notes about URL** box.
Administrators can only see comments while they’re in this tool.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md
index a1ba907f17..9e485e54d8 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/auto-configuration-settings-for-ie11.md
@@ -52,7 +52,7 @@ After adding the `FEATURE\AUTOCONFIG\BRANDING` registry key, you can change your
- **Automatic Configuration URL (.INS file) box:** Type the location of your automatic configuration script.
- - **Automatic proxy URL (.JS, .JVS, or .PAC file) box:** Type the location of your automatic proxy script.
**Important** Internet Explorer 11 no longer supports using file server locations with your proxy configuration (.pac) files. To keep using your .pac files, you have to keep them on a web server and reference them using a URL, like `http://share/test.ins`.
+ - **Automatic proxy URL (.JS, .JVS, or .PAC file) box:** Type the location of your automatic proxy script.
**Important** Internet Explorer 11 no longer supports using file server locations with your proxy configuration (.pac) files. To keep using your .pac files, you have to keep them on a web server and reference them using a URL, like `https://share/test.ins`.
If your branding changes aren't correctly deployed after running through this process, see [Auto configuration and auto proxy problems with Internet Explorer 11](auto-configuration-and-auto-proxy-problems-with-ie11.md).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md
index 180e1100b9..8d6510713e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/auto-detect-settings-for-ie11.md
@@ -40,7 +40,7 @@ To use automatic detection, you have to set up your DHCP and DNS servers.
**No
3. In your DNS database file, create a host record named, **WPAD**. This record has the IP address of the web server storing your automatic configuration (.js, .jvs, .pac, or .ins) file.
**-OR-**
Create a canonical name (CNAME) alias record named, **WPAD**. This record has the resolved name (not the IP address) of the server storing your automatic configuration (.pac) file.
**Note** For more information about creating a **WPAD** entry, see [Creating a WPAD entry in DNS](https://go.microsoft.com/fwlink/p/?LinkId=294651).
-4. After the database file propagates to the server, the DNS name, `wpad..com` resolves to the server name that includes your automatic configuration file.
**Note** Internet Explorer 11 creates a default URL template based on the host name, **wpad**. For example, `http://wpad..com/wpad.dat`. Because of this, you need to set up a file or redirection point in your web server **WPAD** record, named **wpad.dat**. The **wpad.dat** record delivers the contents of your automatic configuration file.
+4. After the database file propagates to the server, the DNS name, `wpad..com` resolves to the server name that includes your automatic configuration file.
**Note** Internet Explorer 11 creates a default URL template based on the host name, **wpad**. For example, `https://wpad..com/wpad.dat`. Because of this, you need to set up a file or redirection point in your web server **WPAD** record, named **wpad.dat**. The **wpad.dat** record delivers the contents of your automatic configuration file.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md
index 99f85f37b8..a0e95c8fac 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md
@@ -30,7 +30,7 @@ You can use your Internet settings (.ins) files to set up your standard proxy se
- **Automatic Configuration URL (.INS file) box:** Type the location of the .ins file you want to use for automatic configuration. For more information about setting up **Automatic Configuration**, see [Auto configuration settings for Internet Explorer 11](auto-configuration-settings-for-ie11.md).
- - **Automatic proxy URL (.JS, .JVS, or .PAC file) box:** Type the location of your automatic proxy script. This script runs whenever IE11 makes a network request and can include multiple proxy servers for each protocol type.
**Important** IE11 no longer supports using file server locations with your proxy configuration (.pac) files. To keep using your .pac files, you have to keep them on a web server and reference them using a URL, like `http://share/test.ins`.
+ - **Automatic proxy URL (.JS, .JVS, or .PAC file) box:** Type the location of your automatic proxy script. This script runs whenever IE11 makes a network request and can include multiple proxy servers for each protocol type.
**Important** IE11 no longer supports using file server locations with your proxy configuration (.pac) files. To keep using your .pac files, you have to keep them on a web server and reference them using a URL, like `https://share/test.ins`.
## Locking your auto-proxy settings
You have two options to restrict your users' ability to override the automatic configuration settings, based on your environment.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md
index 5d6a571e4a..424b01e58e 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md
@@ -20,8 +20,8 @@ ms.date: 07/27/2017
Use Internet Explorer to collect data on computers running Windows Internet Explorer 8 through Internet Explorer 11 on Windows 10, Windows 8.1, or Windows 7. This inventory information helps you build a list of websites used by your company so you can make more informed decisions about your IE deployments, including figuring out which sites might be at risk or require overhauls during future upgrades.
->**Upgrade Analytics and Windows upgrades**
->You can use Upgrade Analytics to help manage your Windows 10 upgrades on devices running Windows 8.1 and Windows 7 (SP1). You can also use Upgrade Analytics to review several site discovery reports. Check out Upgrade Analytics from [here](https://technet.microsoft.com/itpro/windows/deploy/upgrade-analytics-get-started).
+>**Upgrade Readiness and Windows upgrades**
+>You can use Upgrade Readiness to help manage your Windows 10 upgrades on devices running Windows 8.1 and Windows 7 (SP1). You can also use Upgrade Readiness to review several site discovery reports. For more information, see [Manage Windows upgrades with Upgrade Readiness](https://docs.microsoft.com/en-us/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness).
## Before you begin
diff --git a/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md
index 0c04501602..145c439f02 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/create-change-request-enterprise-mode-portal.md
@@ -50,7 +50,7 @@ Employees assigned to the Requester role can create a change request. A change r
- **Business impact (optional).** An optional area where you can provide info about the business impact of this app and the change.
- - **App location (URL).** The full URL location to the app, starting with http:// or https://.
+ - **App location (URL).** The full URL location to the app, starting with https:// or https://.
- **App best viewed in.** Select the best browser experience for the app. This can be Internet Explorer 5 through Internet Explorer 11 or one of the IE7Enterprise or IE8Enterprise modes.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md b/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
index c89dd26fab..ef14f9f67f 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md
@@ -41,7 +41,7 @@ Deploying pinned websites in MDT 2013 is a 4-step process:
Pinned websites are immediately available to every user who logs on to the computer although the user must click each icon to populate its Jump List.
**Important**
-To follow the examples in this topic, you’ll need to pin the Bing (http://www.bing.com/) and MSN (http://www.msn.com/) websites to the taskbar.
+To follow the examples in this topic, you’ll need to pin the Bing (https://www.bing.com/) and MSN (https://www.msn.com/) websites to the taskbar.
### Step 1: Creating .website files
The first step is to create a .website file for each website that you want to pin to the Windows 8.1 taskbar during deployment. A .website file is like a shortcut, except it’s a plain text file that describes not only the website’s URL but also how the icon looks.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 87de33e7d8..307614576b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -28,7 +28,7 @@ If you don't want to use the Enterprise Mode Site List Manager, you also have th
The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1.
**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both http://contoso.com and https://contoso.com.
+Make sure that you don't specify a protocol when adding your URLs. Using a URL like `contoso.com` automatically applies to both https://contoso.com and https://contoso.com.
``` xml
@@ -135,7 +135,7 @@ This table includes the elements used by the Enterprise Mode schema.
<path exclude="false">/products</path>
</domain>
</emie>
-Where http://fabrikam.com doesn't use IE8 Enterprise Mode, but http://fabrikam.com/products does.
+Where https://fabrikam.com doesn't use IE8 Enterprise Mode, but https://fabrikam.com/products does.
Internet Explorer 11 and Microsoft Edge
@@ -167,7 +167,7 @@ This table includes the attributes used by the Enterprise Mode schema.
<path exclude="true">/products</path>
</domain>
</emie>
-Where http://fabrikam.com uses IE8 Enterprise Mode, but http://fabrikam.com/products does not.
+Where https://fabrikam.com uses IE8 Enterprise Mode, but https://fabrikam.com/products does not.
Internet Explorer 11 and Microsoft Edge
@@ -203,7 +203,7 @@ For example, say you want all of the sites in the contoso.com domain to open usi
### What not to include in your schema
We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
-- Don’t use protocols. For example, `http://`, `https://`, or custom protocols. They break parsing.
+- Don’t use protocols. For example, `https://`, `https://`, or custom protocols. They break parsing.
- Don’t use wildcards.
- Don’t use query strings, ampersands break parsing.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
index 354fe81545..d9689c000a 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
@@ -38,7 +38,7 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo
The following is an example of the v.2 version of the Enterprise Mode schema.
**Important**
-Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com.
+Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both https://contoso.com and https://contoso.com.
``` xml
@@ -198,7 +198,7 @@ The <url> attribute, as part of the <site> element in the v.2 versio
<site url="contoso.com/travel">
<open-in allow-redirect="true">IE11</open-in>
</site>
-In this example, if http://contoso.com/travel is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer.
+In this example, if https://contoso.com/travel is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer.
Internet Explorer 11 and Microsoft Edge
@@ -210,14 +210,14 @@ In this example, if http://contoso.com/travel is encountered in a redirect chain
url
Specifies the URL (and port number using standard port conventions) to which the child elements apply. The URL can be a domain, sub-domain, or any path URL.
Note
-Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both http://contoso.com and https://contoso.com.
+Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both https://contoso.com and https://contoso.com.
-In this example, going to http://contoso.com:8080 using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode.
+In this example, going to https://contoso.com:8080 using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode.
Internet Explorer 11 and Microsoft Edge
@@ -286,7 +286,7 @@ Saving your v.1 version of the file using the new Enterprise Mode Site List Mana
### What not to include in your schema
We recommend that you not add any of the following items to your schema because they can make your compatibility list behave in unexpected ways:
-- Don’t use protocols. For example, http://, https://, or custom protocols. They break parsing.
+- Don’t use protocols. For example, https://, https://, or custom protocols. They break parsing.
- Don’t use wildcards.
- Don’t use query strings, ampersands break parsing.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
index 7a95011950..37916eff52 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md
@@ -16,7 +16,7 @@ Windows Server Update Services (WSUS) lets you download a single copy of the Mic
**To import from Windows Update to WSUS**
-1. Open your WSUS admin site. For example, `http:///WSUSAdmin/`.
+1. Open your WSUS admin site. For example, `https:///WSUSAdmin/`.
Where `` is the name of your WSUS server.
2. Choose the top server node or the **Updates** node, and then click **Import Updates**.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md
index 5be58eea07..1dcf781581 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/intranet-problems-and-ie11.md
@@ -21,7 +21,7 @@ IE11 works differently with search, based on whether your organization is domain
- **Non-domain-joined computers.** A single word entry is treated as an intranet site. However, if the term doesn't resolve to a site, IE11 then treats the entry as a search term and opens your default search provider.
-To explicitly go to an intranet site, regardless of the environment, users can type either a trailing slash like ` contoso/` or the `http://` prefix. Either of these will cause IE11 to treat the entry as an intranet search. You can also change the default behavior so that IE11 treats your single word entry in the address bar as an intranet site, regardless of your environment.
+To explicitly go to an intranet site, regardless of the environment, users can type either a trailing slash like ` contoso/` or the `https://` prefix. Either of these will cause IE11 to treat the entry as an intranet search. You can also change the default behavior so that IE11 treats your single word entry in the address bar as an intranet site, regardless of your environment.
**To enable single-word intranet search**
@@ -29,7 +29,7 @@ To explicitly go to an intranet site, regardless of the environment, users can t
2. Click **Advanced**, check the **Go to an intranet site for a single word entry in the Address bar** box, and then click **OK**.
-If you'd like your entire organization to have single word entries default to an intranet site, you can turn on the **Go to an intranet site for a single word entry in the Address bar** Group Policy. With this policy turned on, a search for `contoso` automatically resolves to `http://contoso`.
+If you'd like your entire organization to have single word entries default to an intranet site, you can turn on the **Go to an intranet site for a single word entry in the Address bar** Group Policy. With this policy turned on, a search for `contoso` automatically resolves to `https://contoso`.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md b/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
index 66a5d8b70b..a834636814 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/out-of-date-activex-control-blocking.md
@@ -115,7 +115,7 @@ Out-of-date ActiveX control blocking is turned off in the Local Intranet Zone an
|--------|--------------|-------------|----------|
|Turn on ActiveX control logging in IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting determines whether IE saves log information for ActiveX controls.
If you enable this setting, IE logs ActiveX control information (including the source URI that loaded the control and whether it was blocked) to a local file.
If you disable or don't configure this setting, IE won't log ActiveX control information.
Note that you can turn this setting on or off regardless of the **Turn off blocking of outdated ActiveX controls for IE** or **Turn off blocking of outdated ActiveX controls for IE on specific domains** settings. |
|Remove the **Run this time** button for outdated ActiveX controls in IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management`|Internet Explorer 8 through IE11 |This setting allows you stop users from seeing the **Run this time** button and from running specific outdated ActiveX controls in IE.
If you enable this setting, users won't see the **Run this time** button on the warning message that appears when IE blocks an outdated ActiveX control.
If you disable or don't configure this setting, users will see the **Run this time** button on the warning message that appears when IE blocks an outdated ActiveX control. Clicking this button lets the user run the outdated ActiveX control once. |
-|Turn off blocking of outdated ActiveX controls for IE on specific domains |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting allows you to manage a list of domains on which IE will stop blocking outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.
If you enable this setting, you can enter a custom list of domains for which outdated ActiveX controls won't be blocked in IE. Each domain entry must be formatted like one of the following:
**"domainname.TLD".** For example, if you want to include `*.contoso.com/*`, use "contoso.com".
**"hostname".** For example, if you want to include `http://example`, use "example".
**"file:///path/filename.htm"**. For example, use `file:///C:/Users/contoso/Desktop/index.htm`.
If you disable or don't configure this setting, the list is deleted and IE continues to block specific outdated ActiveX controls on all domains in the Internet Zone. |
+|Turn off blocking of outdated ActiveX controls for IE on specific domains |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting allows you to manage a list of domains on which IE will stop blocking outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.
If you enable this setting, you can enter a custom list of domains for which outdated ActiveX controls won't be blocked in IE. Each domain entry must be formatted like one of the following:
**"domainname.TLD".** For example, if you want to include `*.contoso.com/*`, use "contoso.com".
**"hostname".** For example, if you want to include `https://example`, use "example".
**"file:///path/filename.htm"**. For example, use `file:///C:/Users/contoso/Desktop/index.htm`.
If you disable or don't configure this setting, the list is deleted and IE continues to block specific outdated ActiveX controls on all domains in the Internet Zone. |
|Turn off blocking of outdated ActiveX controls for IE |`Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management` |Internet Explorer 8 through IE11 |This setting determines whether IE blocks specific outdated ActiveX controls. Outdated ActiveX controls are never blocked in the Intranet Zone.
If you enable this setting, IE stops blocking outdated ActiveX controls.
If you disable or don't configure this setting, IE continues to block specific outdated ActiveX controls. |
|Remove the **Update** button in the out-of-date ActiveX control blocking notification for IE |This functionality is only available through the registry |Internet Explorer 8 through IE11 |This setting determines whether the out-of-date ActiveX control blocking notification shows the **Update** button. This button points users to update specific out-of-date ActiveX controls in IE. |
@@ -145,8 +145,8 @@ Here’s a detailed example and description of what’s included in the VersionA
|Source URI |File path |Product version |File version |Allowed/Blocked |Reason |EPM-compatible |
|-----------|----------|----------------|-------------|----------------|-------|---------------|
-|`http://contoso.com/test1.html` |C:\Windows\System32\Macromed\Flash\Flash.ocx |14.0.0.125 |14.0.0.125 |Allowed |Not in blocklist |EPM-compatible |
-|`http://contoso.com/test2.html` |C:\Program Files\Java\jre6\bin\jp2iexp.dll |6.0.410.2 |6.0.410.2 |Blocked |Out of date |Not EPM-compatible |
+|`https://contoso.com/test1.html` |C:\Windows\System32\Macromed\Flash\Flash.ocx |14.0.0.125 |14.0.0.125 |Allowed |Not in blocklist |EPM-compatible |
+|`https://contoso.com/test2.html` |C:\Program Files\Java\jre6\bin\jp2iexp.dll |6.0.410.2 |6.0.410.2 |Blocked |Out of date |Not EPM-compatible |
**Where:**
- **Source URI.** The URL of the page that loaded the ActiveX control.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
index 8653264774..a72a457d0a 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md
@@ -111,7 +111,7 @@ The required packages are automatically downloaded and included in the solution.
1. Open a registry editor on the computer where you deployed the app, go to the `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode` key, and change the **Enable** string to:
- ``` "Enable"="http:///api/records/"
+ ``` "Enable"="https:///api/records/"
```
Where `` points to your deployment URL.
@@ -125,7 +125,7 @@ The required packages are automatically downloaded and included in the solution.
**To view the report results**
-- Go to `http:///List` to see the report results.
+- Go to `https:///List` to see the report results.
If you’re already on the webpage, you’ll need to refresh the page to see the results.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md
index bb8a401b5c..47c4caf92b 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/set-up-enterprise-mode-portal.md
@@ -176,7 +176,7 @@ Using the IIS Manager, you must restart both your Application Pool and your webs
After you've created your database and website, you'll need to register yourself (or another employee) as an administrator for the Enterprise Mode Site List Portal.
**To register as an administrator**
-1. Open Microsoft Edge and type your website URL into the Address bar. For example, http://emieportal:8085.
+1. Open Microsoft Edge and type your website URL into the Address bar. For example, https://emieportal:8085.
2. Click **Register now**.
@@ -184,7 +184,7 @@ After you've created your database and website, you'll need to register yourself
4. Click **Administrator** from the **Role** box, and then click **Save**.
-5. Append your website URL with `/#/EMIEAdminConsole` in the Address bar to go to your administrator console. For example, http://emieportal:8085/#/EMIEAdminConsole.
+5. Append your website URL with `/#/EMIEAdminConsole` in the Address bar to go to your administrator console. For example, https://emieportal:8085/#/EMIEAdminConsole.
A dialog box appears, prompting you for the system user name and password. The default user name is EMIEAdmin and the default password is Admin123. We strongly recommend that you change the password by using the **Change password** link as soon as you're done with your first visit.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md
index ea5b7d450b..ea9a56a081 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md
@@ -46,9 +46,9 @@ Besides turning on this feature, you also have the option to provide a URL for E
Your **Value data** location can be any of the following types:
-- **URL location (like, http://www.emieposturl.com/api/records or http://localhost:13000)**. IE sends a POST message to the URL every time a change is made to Enterprise Mode from the **Tools** menu.
**Important**
-The `http://www.emieposturl.com/api/records` example will only work if you’ve downloaded the sample discussed in the [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) topic. If you don’t have the sample, you won’t have the web API.
-- **Local network location (like, http://*emieposturl*/)**. IE sends a POST message to your specified local network location every time a change is made to Enterprise Mode from the **Tools** menu.
+- **URL location (like, https://www.emieposturl.com/api/records or https://localhost:13000)**. IE sends a POST message to the URL every time a change is made to Enterprise Mode from the **Tools** menu.
**Important**
+The `https://www.emieposturl.com/api/records` example will only work if you’ve downloaded the sample discussed in the [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md) topic. If you don’t have the sample, you won’t have the web API.
+- **Local network location (like, https://*emieposturl*/)**. IE sends a POST message to your specified local network location every time a change is made to Enterprise Mode from the **Tools** menu.
- **Empty string**. If you leave the **Value data** box blank; your employees will be able to turn Enterprise Mode on and off from the **Tools** menu, but you won’t collect any logging data.
For information about how to collect the data provided when your employees turn Enterprise Mode on or off from the **Tools** menu, see [Set up Enterprise Mode logging and data collection](set-up-enterprise-mode-logging-and-data-collection.md).
diff --git a/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md
index b31c220601..440d2c7fc1 100644
--- a/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/auto-config-ieak11-wizard.md
@@ -42,7 +42,7 @@ You can use the Domain Name System (DNS) and the Dynamic Host Configuration Prot
- Type the location to your automatic proxy script file.
**Note**
- If you specify URLs for both auto-config and auto-proxy, the auto-proxy URL will be incorporated into the .ins file. The correct form for the URL is `http://share/test.ins`.
+ If you specify URLs for both auto-config and auto-proxy, the auto-proxy URL will be incorporated into the .ins file. The correct form for the URL is `https://share/test.ins`.
3. Click **Next** to go to the [Proxy Settings](proxy-settings-ieak11-wizard.md) page or **Back** to go to the [Connection Settings](connection-settings-ieak11-wizard.md) page.
diff --git a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
index 0752aaac38..b14d4aa1ce 100644
--- a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
@@ -36,9 +36,9 @@ DHCP has a higher priority than DNS for automatic configuration. If DHCP provide
- Open the [DHCP Administrative Tool](https://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](https://go.microsoft.com/fwlink/p/?LinkId=294649).
**Examples:**
- `http://www.microsoft.com/webproxy.pac`
- `http://marketing/config.ins`
- `http://123.4.567.8/account.pac`
For more detailed info about how to set up your DHCP server, see your server documentation.
**To set up automatic detection for DNS servers**
@@ -55,5 +55,5 @@ Create a canonical name (CNAME) alias record, named **WPAD**. This record lets y
2. After the database file propagates to the server, the DNS name, `wpad..com` resolves to the server name that includes your automatic configuration file.
**Note**
-IE11 creates a default URL template based on the host name,**wpad**. For example, `http://wpad..com/wpad.dat`. Because of this, you need to set up a file or redirection point in your web server **WPAD** record, named **wpad.dat**. The **wpad.dat** record delivers the contents of your automatic configuration file.
+IE11 creates a default URL template based on the host name,**wpad**. For example, `https://wpad..com/wpad.dat`. Because of this, you need to set up a file or redirection point in your web server **WPAD** record, named **wpad.dat**. The **wpad.dat** record delivers the contents of your automatic configuration file.
diff --git a/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md b/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md
index 9d4d9f6b4f..f404bf78cf 100644
--- a/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md
+++ b/browsers/internet-explorer/ie11-ieak/custombranding-ins-file-setting.md
@@ -16,5 +16,5 @@ Provide the URL to your branding cabinet (.cab) file.
|Name |Value | Description |
|-----------|--------------------------------|--------------------------------------------------------------|
-|Branding |`` |The location of your branding cabinet (.cab) file. For example, http://www.<your_server>.net/cabs/branding.cab.|
+|Branding |`` |The location of your branding cabinet (.cab) file. For example, https://www.<your_server>.net/cabs/branding.cab.|
diff --git a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
index a4bbac4b2e..fde8b84b67 100644
--- a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
+++ b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
@@ -21,7 +21,7 @@ You can customize Automatic Search so that your employees can type a single word
**To set up Automatic Search**
-1. Create a script (.asp) file that conditionally looks for search terms, and post it to an intranet server here: http://ieautosearch/response.asp?MT=%1&srch=%2.
+1. Create a script (.asp) file that conditionally looks for search terms, and post it to an intranet server here: https://ieautosearch/response.asp?MT=%1&srch=%2.
For info about the acceptable values for the *%1* and *%2* parameters, see the [Automatic Search parameters](#automatic-search-parameters). For an example of the script file, see the [Sample Automatic Search script](#sample-automatic-search-script).
**Important** If you aren’t using IIS in your company, you’ll need to remap this URL to your script file’s location.
@@ -72,18 +72,18 @@ searchOption = Request.QueryString("srch")
' about filling out an expense report
if (search = "NEW HIRE") then
-Response.Redirect("http://admin/hr/newhireforms.htm")
+Response.Redirect("https://admin/hr/newhireforms.htm")
elseif (search = "LIBRARY CATALOG") then
-Response.Redirect("http://library/catalog")
+Response.Redirect("https://library/catalog")
elseif (search = "EXPENSE REPORT") then
-Response.Redirect("http://expense")
+Response.Redirect("https://expense")
elseif (search = "LUNCH MENU") then
-Response.Redirect("http://cafe/menu/")
+Response.Redirect("https://cafe/menu/")
else
' If there is not a match, use the
' default IE autosearch server
-Response.Redirect("http://auto.search.msn.com/response.asp?MT="
+Response.Redirect("https://auto.search.msn.com/response.asp?MT="
+ search + "&srch=" + searchOption +
"&prov=&utf8")
end if
diff --git a/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md
index 60b082565b..604489d8fc 100644
--- a/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md
@@ -17,7 +17,7 @@ The **Important URLS – Home Page and Support** page of the Internet Explorer C
**To use the Important URLS – Home Page and Support page**
1. In the **Add a homepage URL** box, type the URL to the page your employees go to when they click the **Home** button, and then click **Add**.
-If you add multiple **Home** pages, each page appears on a separate tab in the browser. If you don’t add a custom **Home** page, IE uses http://www.msn.com by default. If you want to delete an existing page, click the URL and then click **Remove**.
+If you add multiple **Home** pages, each page appears on a separate tab in the browser. If you don’t add a custom **Home** page, IE uses https://www.msn.com by default. If you want to delete an existing page, click the URL and then click **Remove**.
2. Check the **Retain previous Home Page (Upgrade)** box if you have employees with previous versions of IE, who need to keep their **Home** page settings when the browser is updated.
diff --git a/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md b/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md
index 9a57aef1fa..5e04f4e473 100644
--- a/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md
+++ b/browsers/internet-explorer/ie11-ieak/proxy-auto-config-examples.md
@@ -127,7 +127,7 @@ In this example, the proxy server is selected by translating the host name into
``` javascript
function FindProxyForURL(url, host)
{
- if (dnsResolve(host) == "999.99.99.999") { // = http://secproxy
+ if (dnsResolve(host) == "999.99.99.999") { // = https://secproxy
return "PROXY secproxy:8080";
}
else {
diff --git a/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md
index c29f790845..22252bf546 100644
--- a/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md
@@ -21,7 +21,7 @@ Using a proxy server lets you limit access to the Internet. You can also use the
1. Check the **Enable proxy settings** box if you want to use proxy servers for any of your services.
2. Type the address of the proxy server you want to use for your services into the **Address of proxy** box. In most cases, a single proxy server is used for all of your services.
-Proxy locations that don’t begin with a protocol (like, http:// or ftp://) are assumed to be a CERN-type HTTP proxy. For example, the entry *proxy* is treated the same as the entry `http://proxy`.
+Proxy locations that don’t begin with a protocol (like, https:// or ftp://) are assumed to be a CERN-type HTTP proxy. For example, the entry *proxy* is treated the same as the entry `https://proxy`.
3. Type the port for each service. The default value is *80*.
@@ -30,7 +30,7 @@ Proxy locations that don’t begin with a protocol (like, http:// or ftp://) are
5. Type any services that shouldn’t use a proxy server into the **Do not use proxy server for addresses beginning with** box.
When filling out your exceptions, keep in mind:
- - Proxy bypass entries can begin with a protocol type, such as http://, https://, or ftp://. However, if a protocol type is used, the exception entry applies only to requests for that protocol.
+ - Proxy bypass entries can begin with a protocol type, such as https://, https://, or ftp://. However, if a protocol type is used, the exception entry applies only to requests for that protocol.
- Protocol values are not case sensitive and you can use a wildcard character (*) in place of zero or more characters.
diff --git a/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md
index 0e48aa99c7..3633d298c1 100644
--- a/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md
+++ b/browsers/internet-explorer/ie11-ieak/search-providers-ieak11-wizard.md
@@ -25,7 +25,7 @@ The **Search Provider** box appears.
3. In the **Display Name** box, type the text that appears in the **Search Options** menu for the search provider.
-4. In the **URL** box, type the full URL to the search provider, including the http:// prefix.
+4. In the **URL** box, type the full URL to the search provider, including the https:// prefix.
5. In the **Favicon URL** box, type the full URL to any icon to associate with your provider.
diff --git a/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md b/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md
index 2526c4f33b..8f9826a8b5 100644
--- a/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md
@@ -57,7 +57,7 @@ Internet Explorer Setup can switch servers during the installation process to ma
To address connection issues (for example, as a result of server problems) where Setup can’t locate another download site by default, we recommend you overwrite your first download server using this workaround:
``` syntax
-\ie11setup.exe /C:"ie11wzd.exe /S:""\ie11setup.exe"" /L:""http://your_Web_server/your_Web_site/ie11sites.dat"""
+\ie11setup.exe /C:"ie11wzd.exe /S:""\ie11setup.exe"" /L:""https://your_Web_server/your_Web_site/ie11sites.dat"""
```
Where `` represents the folder location where you stored IE11setup.exe.
diff --git a/browsers/internet-explorer/images/deploy1.png b/browsers/internet-explorer/images/deploy1.png
new file mode 100644
index 0000000000..1e16c46e03
Binary files /dev/null and b/browsers/internet-explorer/images/deploy1.png differ
diff --git a/browsers/internet-explorer/images/deploy2.png b/browsers/internet-explorer/images/deploy2.png
new file mode 100644
index 0000000000..44b4aad41c
Binary files /dev/null and b/browsers/internet-explorer/images/deploy2.png differ
diff --git a/browsers/internet-explorer/images/explore1.png b/browsers/internet-explorer/images/explore1.png
new file mode 100644
index 0000000000..3a956dc394
Binary files /dev/null and b/browsers/internet-explorer/images/explore1.png differ
diff --git a/browsers/internet-explorer/images/explore2.png b/browsers/internet-explorer/images/explore2.png
new file mode 100644
index 0000000000..c07bbd197b
Binary files /dev/null and b/browsers/internet-explorer/images/explore2.png differ
diff --git a/browsers/internet-explorer/images/explore3.png b/browsers/internet-explorer/images/explore3.png
new file mode 100644
index 0000000000..4ea3adee19
Binary files /dev/null and b/browsers/internet-explorer/images/explore3.png differ
diff --git a/browsers/internet-explorer/images/ie-deploy.png b/browsers/internet-explorer/images/ie-deploy.png
new file mode 100644
index 0000000000..622d9e250b
Binary files /dev/null and b/browsers/internet-explorer/images/ie-deploy.png differ
diff --git a/browsers/internet-explorer/images/ie-explore.png b/browsers/internet-explorer/images/ie-explore.png
new file mode 100644
index 0000000000..184cfdf381
Binary files /dev/null and b/browsers/internet-explorer/images/ie-explore.png differ
diff --git a/browsers/internet-explorer/images/ie-manage.png b/browsers/internet-explorer/images/ie-manage.png
new file mode 100644
index 0000000000..51c9cc4aa9
Binary files /dev/null and b/browsers/internet-explorer/images/ie-manage.png differ
diff --git a/browsers/internet-explorer/images/ie-plan.png b/browsers/internet-explorer/images/ie-plan.png
new file mode 100644
index 0000000000..9b158a815f
Binary files /dev/null and b/browsers/internet-explorer/images/ie-plan.png differ
diff --git a/browsers/internet-explorer/images/ie-support.png b/browsers/internet-explorer/images/ie-support.png
new file mode 100644
index 0000000000..4152163abc
Binary files /dev/null and b/browsers/internet-explorer/images/ie-support.png differ
diff --git a/browsers/internet-explorer/images/informed1.png b/browsers/internet-explorer/images/informed1.png
new file mode 100644
index 0000000000..a1f1f0b0fe
Binary files /dev/null and b/browsers/internet-explorer/images/informed1.png differ
diff --git a/browsers/internet-explorer/images/informed2.png b/browsers/internet-explorer/images/informed2.png
new file mode 100644
index 0000000000..544ad83db6
Binary files /dev/null and b/browsers/internet-explorer/images/informed2.png differ
diff --git a/browsers/internet-explorer/images/manage1.png b/browsers/internet-explorer/images/manage1.png
new file mode 100644
index 0000000000..df84f05983
Binary files /dev/null and b/browsers/internet-explorer/images/manage1.png differ
diff --git a/browsers/internet-explorer/images/manage2.png b/browsers/internet-explorer/images/manage2.png
new file mode 100644
index 0000000000..94d111e32c
Binary files /dev/null and b/browsers/internet-explorer/images/manage2.png differ
diff --git a/browsers/internet-explorer/images/manage3.png b/browsers/internet-explorer/images/manage3.png
new file mode 100644
index 0000000000..c0043c5a8e
Binary files /dev/null and b/browsers/internet-explorer/images/manage3.png differ
diff --git a/browsers/internet-explorer/images/manage4.png b/browsers/internet-explorer/images/manage4.png
new file mode 100644
index 0000000000..20af91d5a5
Binary files /dev/null and b/browsers/internet-explorer/images/manage4.png differ
diff --git a/browsers/internet-explorer/images/plan1.png b/browsers/internet-explorer/images/plan1.png
new file mode 100644
index 0000000000..1bf8e4264e
Binary files /dev/null and b/browsers/internet-explorer/images/plan1.png differ
diff --git a/browsers/internet-explorer/images/plan2.png b/browsers/internet-explorer/images/plan2.png
new file mode 100644
index 0000000000..95103ecc5b
Binary files /dev/null and b/browsers/internet-explorer/images/plan2.png differ
diff --git a/browsers/internet-explorer/images/support1.png b/browsers/internet-explorer/images/support1.png
new file mode 100644
index 0000000000..e771ed999a
Binary files /dev/null and b/browsers/internet-explorer/images/support1.png differ
diff --git a/browsers/internet-explorer/images/support2.png b/browsers/internet-explorer/images/support2.png
new file mode 100644
index 0000000000..9841cf1962
Binary files /dev/null and b/browsers/internet-explorer/images/support2.png differ
diff --git a/browsers/internet-explorer/images/support3.png b/browsers/internet-explorer/images/support3.png
new file mode 100644
index 0000000000..a3a0425c73
Binary files /dev/null and b/browsers/internet-explorer/images/support3.png differ
diff --git a/browsers/internet-explorer/images/twitter.png b/browsers/internet-explorer/images/twitter.png
new file mode 100644
index 0000000000..3b30a9a1cc
Binary files /dev/null and b/browsers/internet-explorer/images/twitter.png differ
diff --git a/browsers/internet-explorer/internet-explorer.yml b/browsers/internet-explorer/internet-explorer.yml
new file mode 100644
index 0000000000..c9b14b03a2
--- /dev/null
+++ b/browsers/internet-explorer/internet-explorer.yml
@@ -0,0 +1,69 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Internet Explorer 11
+metadata:
+ document_id:
+ title: Internet Explorer 11
+ description: Consistent, reliable web browsing on Windows 7, Windows 8.1, and Windows 10, with the security, performance, backward compatibility, and modern standards support that large organizations need.
+ keywords: Internet Explorer 11. IE11
+ ms.localizationpriority: medium
+ author: lizap
+ ms.author: elizapo
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Consistent, reliable web browsing on Windows 7, Windows 8.1, and Windows 10, with the security, performance, backward compatibility, and modern standards support that large organizations need.
+ "
+- title: Explore
+- items:
+ - type: markdown
+ text: "
+ Find tools, step-by-step guides, updates, and other resources to help you get started.
+
+ "
+- title: Plan
+- items:
+ - type: markdown
+ text: "
+ Find information and tips to help you assess compatibility and prioritize processes as you plan for Internet Explorer 11.
+
+ "
+- title: Deploy
+- items:
+ - type: markdown
+ text: "
+ Find the resources you need to successfully deploy Internet Explorer 11 in your organization.
+
+ "
+- title: Manage
+- items:
+ - type: markdown
+ text: "
+ Find everything you need to manage Internet Explorer 11 effectively in your organization. Get information on Group Policy, blocked out-of-date ActiveX controls, scripts, and more.
+
+ "
+- title: Support
+- items:
+ - type: markdown
+ text: "
+ Get help from product specialists and community experts, and find solutions to commonly encountered issues.
+
**Sign up for the Windows IT Pro Insider** Get the latest tools, tips, and expert guidance on deployment, management, security, and more. Learn more
**Microsoft Edge Dev blog** Keep up with the latest browser trends, security tips, and news for IT professionals. Read the blog
**Microsoft Edge Dev on Twitter** Get the latest news and updates from the Microsoft Web Platform team. Visit Twitter
+
+ "
diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md
index 5e6c740970..b314f85b52 100644
--- a/devices/hololens/TOC.md
+++ b/devices/hololens/TOC.md
@@ -1,8 +1,9 @@
# [Microsoft HoloLens](index.md)
## [What's new in Microsoft HoloLens](hololens-whats-new.md)
-## [Insider preview for Microsoft HoloLens](hololens-insider.md)
## [HoloLens in the enterprise: requirements and FAQ](hololens-requirements.md)
+## [Insider preview for Microsoft HoloLens](hololens-insider.md)
## [Set up HoloLens](hololens-setup.md)
+## [Install localized version of HoloLens](hololens-install-localized.md)
## [Unlock Windows Holographic for Business features](hololens-upgrade-enterprise.md)
## [Enroll HoloLens in MDM](hololens-enroll-mdm.md)
## [Manage updates to HoloLens](hololens-updates.md)
diff --git a/devices/hololens/change-history-hololens.md b/devices/hololens/change-history-hololens.md
index 8f2862fc81..898726aa4c 100644
--- a/devices/hololens/change-history-hololens.md
+++ b/devices/hololens/change-history-hololens.md
@@ -16,12 +16,18 @@ ms.date: 11/05/2018
This topic lists new and updated topics in the [Microsoft HoloLens documentation](index.md).
+
+
## November 2018
New or changed topic | Description
--- | ---
[How HoloLens stores data for spaces](hololens-spaces.md) | New
+## Windows 10 Holographic for Business, version 1809
+
+The topics in this library have been updated for Windows 10 Holographic for Business, version 1809.
+
## October 2018
@@ -37,7 +43,7 @@ New or changed topic | Description
New or changed topic | Description
--- | ---
-[Insider preview for Microsoft HoloLens](hololens-insider.md) | New
+Insider preview for Microsoft HoloLens | New (topic retired on release of Windows 10, version 1809)
## June 2018
diff --git a/devices/hololens/docfx.json b/devices/hololens/docfx.json
index 7a67485a17..06af992034 100644
--- a/devices/hololens/docfx.json
+++ b/devices/hololens/docfx.json
@@ -48,6 +48,7 @@
"template": [
null
],
- "dest": "devices/hololens"
+ "dest": "devices/hololens",
+ "markdownEngineName": "dfm"
}
}
diff --git a/devices/hololens/hololens-encryption.md b/devices/hololens/hololens-encryption.md
index 8210e1f2fb..8a223c0745 100644
--- a/devices/hololens/hololens-encryption.md
+++ b/devices/hololens/hololens-encryption.md
@@ -8,12 +8,12 @@ author: jdeckerms
ms.author: jdecker
ms.topic: article
ms.localizationpriority: medium
-ms.date: 12/20/2017
+ms.date: 01/26/2019
---
# Enable encryption for HoloLens
-You can enable [Bitlocker device encryption](https://docs.microsoft.com/windows/device-security/bitlocker/bitlocker-overview) to protect files and information stored on the HoloLens. Device encryption helps protect your data by encrypting it using AES-CBC 128 encryption method, which is equivalent to [EncryptionMethodByDriveType method 3](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp#encryptionmethodbydrivetype) in the BitLocker configuration service provider (CSP). Only someone with the right encryption key (such as a password) can decrypt it or perform a data recovery.
+You can enable [BitLocker device encryption](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10#bitlocker-device-encryption) to protect files and information stored on the HoloLens. Device encryption helps protect your data by encrypting it using AES-CBC 128 encryption method, which is equivalent to [EncryptionMethodByDriveType method 3](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp#encryptionmethodbydrivetype) in the BitLocker configuration service provider (CSP). Only someone with the right encryption key (such as a password) can decrypt it or perform a data recovery.
@@ -21,40 +21,21 @@ You can enable [Bitlocker device encryption](https://docs.microsoft.com/windows/
You can use your mobile device management (MDM) provider to apply a policy that requires device encryption. The policy used is the [Security/RequireDeviceEncryption setting](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-security#security-requiredeviceencryption) in the Policy CSP.
-In the following steps, Microsoft Intune is used as the example. For other MDM tools, see your MDM provider's documentation for instructions.
+[See instructions for enabling device encryption using Microsoft Intune.](https://docs.microsoft.com/intune/compliance-policy-create-windows#windows-holographic-for-business)
-1. Sign in to the [Microsoft Azure portal](https://portal.azure.com/).
+For other MDM tools, see your MDM provider's documentation for instructions. If your MDM provider requires custom URI for device encryption, use the following configuration:
-2. Use **Search** or go to **More services** to open the Intune blade.
-
-3. Go to **Device configuration > Profiles**, and select **Create profile**.
-
- 
-
-4. Enter a name of your choice, select **Windows 10 and later** for the platform, select **Custom** for the profile type, and then select **Add**.
-
- 
-
-5. In **Add Row OMA-URI Settings**, enter or select the following information:
- - **Name**: a name of your choice
- - **Description**: optional
- - **OMA-URI**: `./Vendor/MSFT/Policy/Config/Security/RequireDeviceEncryption`
- - **Data type**: integer
- - **Value**: `1`
-
- 
-
-6. Select **OK**, select **OK**, and then select **Create**. The blade for the profile opens automatically.
-
-7. Select **Assignments** to assign the profile to a group. After you configure the assignment, select **Save**.
-
-
+- **Name**: a name of your choice
+- **Description**: optional
+- **OMA-URI**: `./Vendor/MSFT/Policy/Config/Security/RequireDeviceEncryption`
+- **Data type**: integer
+- **Value**: `1`
## Enable device encryption using a provisioning package
Provisioning packages are files created by the Windows Configuration Designer tool that apply a specified configuration to a device.
-### Create a provisioning package that upgrades the Windows Holographic edition
+### Create a provisioning package that upgrades the Windows Holographic edition and enables encryption
1. [Create a provisioning package for HoloLens.](hololens-provisioning.md)
@@ -119,6 +100,6 @@ Provisioning packages are files created by the Windows Configuration Designer to
Encryption is silent on HoloLens. To verify the device encryption status:
-- On HoloLens, go to **Settings** > **System** > **About**. **Bitlocker** is **enabled** if the device is encrypted.
+- On HoloLens, go to **Settings** > **System** > **About**. **BitLocker** is **enabled** if the device is encrypted.
-
+
diff --git a/devices/hololens/hololens-insider.md b/devices/hololens/hololens-insider.md
index c11b07759d..3a90c8fe68 100644
--- a/devices/hololens/hololens-insider.md
+++ b/devices/hololens/hololens-insider.md
@@ -37,77 +37,11 @@ To opt out of Insider builds:
- On a HoloLens running a production build, go to **Settings > Update & Security > Windows Insider Program**, and select **Stop Insider builds**.
- Follow the instructions to opt out your device.
-## New features for HoloLens
-
-The latest Insider Preview (RS5) has arrived for all HoloLens customers! This latest flight is packed with improvements that have been introduced since the [last major release of HoloLens software in May 2018](https://docs.microsoft.com/windows/mixed-reality/release-notes-october-2018).
-### For everyone
-
-
-Feature | Details | Instructions
---- | --- | ---
-Stop video capture from the Start or quick actions menu | If you start video capture from the Start menu or quick actions menu, you’ll be able to stop recording from the same place. (Don’t forget, you can always do this with voice commands too.) | To start recording, select **Start > Video**. To stop recording, select **Start > Stop video**.
-Project to a Miracast-enabled device | Project your HoloLens content to a nearby Surface device or TV/Monitor if using Microsoft Display adapter | On **Start**, select **Connect**. Select the device you want to project to.
-New notifications | View and respond to notification toasts on HoloLens, just like you do on a PC. | You’ll now see notifications from apps that provide them. Gaze to respond to or dismiss them (or if you’re in an immersive experience, use the bloom gesture).
-HoloLens overlays (file picker, keyboard, dialogs, etc.) | You’ll now see overlays such as the keyboard, dialogs, file picker, etc. when using immersive apps. | When you’re using an immersive app, input text, select a file from the file picker, or interact with dialogs without leaving the app.
-Visual feedback overlay UI for volume change | When you use the volume up/down buttons on your HoloLens you’ll see a visual display of the volume level. | Adjust the device volume using the volume up/down buttons located on the right arm of the HoloLens. Use the visual display to track the volume level.
-New UI for device boot | A loading indicator was added during the boot process to provide visual feedback that the system is loading. | Reboot your device to see the new loading indicator—it’s between the "Hello" message and the Windows boot logo.
-Share UX: Nearby Sharing | Addition of the Windows Nearby Sharing experience, allowing you to share a capture with a nearby Windows device. | Capture a photo or video on HoloLens (or use the share button from an app such as Microsoft Edge). Select a nearby Windows device to share with.
-Share from Microsoft Edge | Share button is now available on Microsoft Edge windows on HoloLens. | In Microsoft Edge, select **Share**. Use the HoloLens share picker to share web content.
-
-### For developers
-
-- Support for Holographic [Camera Capture UI API](https://docs.microsoft.com/windows/uwp/audio-video-camera/capture-photos-and-video-with-cameracaptureui), which will let developers expose a way for users to seamlessly invoke camera or video capture from within their applications. For example, users can now capture and insert photo or video content directly within apps like Word.
-- Mixed Reality Capture has been improved to exclude hidden mesh from captures, which means videos captures by apps will no longer contain black corners around the content.
-
-### For commercial customers
-
-
-Feature | Details | Instructions
---- | --- | ---
-Enable post-setup provisioning | Can now apply a runtime provisioning package at any time using **Settings**. | On your PC:
1. Create a provisioning package as described at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md). 2. Connect the HoloLens device via USB to a PC. HoloLens will show up as a device in File Explorer on the PC. 3. Drag and drop the provisioning package to the Documents folder on the HoloLens.
On your HoloLens:
1. Go to **Settings > Accounts > Access work or school**. 2. In **Related Settings**, select **Add or remove a provisioning package**. 3. On the next page, select **Add a package** to launch the file picker and select your provisioning package. **Note:** if the folder is empty, make sure you select **This Device** and select **Documents**. After your package has been applied, it will show in the list of Installed packages. To view package details or to remove the package from the device, select the listed package.
-Assigned access with Azure AD groups | Flexibility to use Azure AD groups for configuration of Windows assigned access to set up single or multi-app kiosk configuration. | Prepare XML file to configure Assigned Access on PC:
1. In a text editor, open [the provided file AssignedAccessHoloLensConfiguration_AzureADGroup.xml](#xml). 2. Change the group ID to one available in your Azure AD tenant. You can find the group ID of an Azure Active Directory Group by either : - following the steps at [Azure Active Directory version 2 cmdlets for group management](https://docs.microsoft.com/azure/active-directory/active-directory-accessmanagement-groups-settings-v2-cmdlets), OR - in the Azure portal, with the steps at [Manage the settings for a group in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-groups-settings-azure-portal).
**Note:** The sample configures the following apps: Skype, Learning, Feedback Hub, Flow, Camera, and Calibration.
Create provisioning package with WCD:
1. On a PC, follow the steps at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md) to create a provisioning package. 2. Ensure that you include the license file in **Set up device**. 3. Select **Switch to advanced editor** (bottom left), and **Yes** for warning prompt. 4. Expand the runtime settings selection in the **Available customizations** panel and select **AssignedAccess > MultiAppAssignedAccessSettings**. 5. In the middle panel, you should now see the setting displayed with documentation in the panel below. Browse to the XML you modified for Assigned Access. 6. On the **Export** menu, select **Provisioning package**. **Warning:** If you encrypt the provisioning package, provisioning the HoloLens device will fail. 7. Select **Next** to specify the output location where you want the provisioning package to go once it's built. 8. Select **Next**, and then select **Build** to start building the package. 9. When the build completes, select **Finish**.
Apply the package to HoloLens:
1. Connect HoloLens via USB to a PC and start the device, but do not continue past the **Fit** page of OOBE (the first page with the blue box). HoloLens will show up as a device in File Explorer on the PC. 2. In File Explorer, drag and drop the provisioning package (.ppkg) onto the device storage. 3. Briefly press and release the **Volume Down** and **Power** buttons simultaneously again while on the fit page. 4. The device will ask you if you trust the package and would like to apply it. Confirm that you trust the package. 5. You will see whether the package was applied successfully or not. If it failed, you can fix your package and try again. If it succeeded, proceed with OOBE.
Enable assigned access on HoloLens:
1. After applying the provisioning package, during the **Account Setup** flows in OOBE, select **My work or school owns this** to set up your device with an Azure AD account. **Note:** This account must not be in the group chosen for Assigned Access. 2. Once you reach the Shell, ensure the Skype app is installed either via your MDM environment or from the Store. 3. After the Skype app is installed, sign out. 4. On the sign-in screen, select the **Other User** option and enter an Azure AD account email address that belongs to the group chosen for Assigned Access. Then enter the password to sign in. You should now see this user with only the apps configured in the Assigned Access profile.
-PIN sign-in on profile switch from sign-in screen | PIN sign-in is now available for **Other User**. | When signing in as **Other User**, the PIN option is now available under **Sign-In options**.
-Sign in with Web Cred Provider using password | You can now select the Globe sign-in option to launch web sign-in with your password. Look for additional web sign-in methods coming in the future. | From the sign-in screen, select **Sign-In options** and select the Globe option to launch web sign-in. Enter your user name if needed, then your password. **Note:** You can choose to bypass any PIN/Smartcard options when prompted during web sign-in.
-Read device hardware info through MDM so devices can be tracked by serial # | IT administrators can see and track HoloLens by device serial number in their MDM console. | Refer to your MDM documentation for feature availability, and for how to use your MDM console to view HoloLens device serial number.
-Set HoloLens device name through MDM (rename) | IT administrators can see and rename HoloLens devices in their MDM console. | Refer to your MDM documentation for feature availability, and for how to use your MDM console to view and set your HoloLens device name (rename).
-
-### For international customers
-
-
-Feature | Details | Instructions
---- | --- | ---
-Localized Chinese and Japanese builds | Use HoloLens with localized user interface for Simplified Chinese or Japanese, including localized Pinyin keyboard, dictation, and voice commands. | See below.
-
-#### Installing the Chinese or Japanese versions of the Insider builds
-
-In order to switch to the Chinese or Japanese version of HoloLens, you’ll need to download the build for the language on a PC and then install it on your HoloLens using the Windows Device Recovery Tool (WDRT).
-
->[!IMPORTANT]
->Installing the Chinese or Japanese builds of HoloLens using WDRT will delete existing data, like personal files and settings, from your HoloLens.
-
-1. On a retail HoloLens device, [opt in to Insider Preview builds](#get-insider) to prepare your device for the RS5 Preview.
-2. On your PC, download and install [the Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379).
-3. Download the package for the language you want to your PC: [Simplified Chinese](https://aka.ms/hololenspreviewdownload-ch) or [Japanese](https://aka.ms/hololenspreviewdownload-jp).
-4. When the download is finished, select **File Explorer > Downloads**. Right-click the zipped folder you just downloaded, and select **Extract all... > Extract** to unzip it.
-5. Connect your HoloLens to your PC using the micro-USB cable it came with. (Even if you've been using other cables to connect your HoloLens, this one works best.)
-6. The tool will automatically detect your HoloLens. Select the Microsoft HoloLens tile.
-7. On the next screen, select **Manual package selection** and choose the installation file contained in the folder you unzipped in step 4. (Look for a file with the extension “.ffu”.)
-8. Select **Install software** and follow the instructions to finish installing.
-9. Once the build is installed, HoloLens setup will start automatically. Put on the device and follow the setup directions.
-10. After you complete setup, go to **Settings -> Update & Security -> Windows Insider Program** and select **Get started**. Link the account you used to register as a Windows Insider. Then, select **Active development of Windows**, choose whether you’d like to receive **Fast** or **Slow** builds, and review the program terms. Select **Confirm -> Restart Now** to finish up. After your device has rebooted, go to **Settings -> Update & Security -> Check for updates** to get the latest build.
-
-
-
-
-## Note for language support
-
-- You can’t change the system language between English, Japanese, and Chinese using the Settings app. Flashing a new build is the only supported way to change the device system language.
-- While you can enter Simplified Chinese / Japanese text using the on-screen Pinyin keyboard, typing in Simplified Chinese / Japanese using a Bluetooth hardware keyboard is not supported at this time. However, on Chinese/Japanese HoloLens, you can continue to use a BT keyboard to type in English (the Shift key on a hardware keyboard toggles the keyboard to type in English).
## Note for developers
-You are welcome and encouraged to try developing your applications using this build of HoloLens. Check out the [HoloLens Developer Documentation](https://developer.microsoft.com/windows/mixed-reality/development) to get started. Those same instructions work with this latest build of HoloLens. You can use the same builds of Unity and Visual Studio that you're already using for HoloLens development.
+You are welcome and encouraged to try developing your applications using Insider builds of HoloLens. Check out the [HoloLens Developer Documentation](https://developer.microsoft.com/windows/mixed-reality/development) to get started. Those same instructions work with Insider builds of HoloLens. You can use the same builds of Unity and Visual Studio that you're already using for HoloLens development.
## Provide feedback and report issues
@@ -116,75 +50,3 @@ Please use [the Feedback Hub app](https://docs.microsoft.com/windows/mixed-reali
>[!NOTE]
>Be sure to accept the prompt that asks whether you’d like Feedback Hub to access your Documents folder (select **Yes** when prompted).
-
-## AssignedAccessHoloLensConfiguration_AzureADGroup.xml
-
-Copy this sample XML to use for the [**Assigned access with Azure AD groups** feature](#for-commercial-customers).
-
-```xml
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- ]]>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-```
-
diff --git a/devices/hololens/hololens-install-localized.md b/devices/hololens/hololens-install-localized.md
new file mode 100644
index 0000000000..e3729388c3
--- /dev/null
+++ b/devices/hololens/hololens-install-localized.md
@@ -0,0 +1,36 @@
+---
+title: Install localized versions of HoloLens (HoloLens)
+description: Learn how to install the Chinese or Japanese versions of HoloLens
+ms.prod: hololens
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: jdeckerms
+ms.author: jdecker
+ms.topic: article
+ms.localizationpriority: medium
+ms.date: 11/13/2018
+---
+
+# Install localized versions of HoloLens
+
+In order to switch to the Chinese or Japanese version of HoloLens, you’ll need to download the build for the language on a PC and then install it on your HoloLens using the Windows Device Recovery Tool (WDRT).
+
+>[!IMPORTANT]
+>Installing the Chinese or Japanese builds of HoloLens using WDRT will delete existing data, like personal files and settings, from your HoloLens.
+
+
+2. On your PC, download and install [the Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379).
+3. Download the package for the language you want to your PC: [Simplified Chinese](https://aka.ms/hololensdownload-ch) or [Japanese](https://aka.ms/hololensdownload-jp).
+4. When the download is finished, select **File Explorer > Downloads**. Right-click the zipped folder you just downloaded, and select **Extract all... > Extract** to unzip it.
+5. Connect your HoloLens to your PC using the micro-USB cable it came with. (Even if you've been using other cables to connect your HoloLens, this one works best.)
+6. The tool will automatically detect your HoloLens. Select the Microsoft HoloLens tile.
+7. On the next screen, select **Manual package selection** and choose the installation file contained in the folder you unzipped in step 4. (Look for a file with the extension “.ffu”.)
+8. Select **Install software** and follow the instructions to finish installing.
+9. Once the build is installed, HoloLens setup will start automatically. Put on the device and follow the setup directions.
+
+When you’re done with setup, go to **Settings -> Update & Security -> Windows Insider Program** and check that you’re configured to receive the latest preview builds. The Chinese/Japanese version of HoloLens will be kept up-to-date with the latest preview builds via the Windows Insider Program the same way the English version is.
+
+## Note for language support
+
+- You can’t change the system language between English, Japanese, and Chinese using the Settings app. Flashing a new build is the only supported way to change the device system language.
+- While you can enter Simplified Chinese / Japanese text using the on-screen Pinyin keyboard, typing in Simplified Chinese / Japanese using a Bluetooth hardware keyboard is not supported at this time. However, on Chinese/Japanese HoloLens, you can continue to use a BT keyboard to type in English (the ~ key on a hardware keyboard toggles the keyboard to type in English).
diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md
index 8f05c5e15c..c888927596 100644
--- a/devices/hololens/hololens-kiosk.md
+++ b/devices/hololens/hololens-kiosk.md
@@ -7,7 +7,7 @@ author: jdeckerms
ms.author: jdecker
ms.topic: article
ms.localizationpriority: medium
-ms.date: 08/14/2018
+ms.date: 11/13/2018
---
# Set up HoloLens in kiosk mode
@@ -20,7 +20,17 @@ When HoloLens is configured as a multi-app kiosk, only the allowed apps are avai
Single-app kiosk mode starts the specified app when the user signs in, and restricts the user's ability to launch new apps or change the running app. When single-app kiosk mode is enabled for HoloLens, the bloom gesture and Cortana are disabled, and placed apps aren't shown in the user's surroundings.
-The [AssignedAccess Configuration Service Provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/assignedaccess-csp) enables kiosk configuration.
+The following table lists the device capabilities in the different kiosk modes.
+
+Kiosk mode | Voice and Bloom commands | Quick actions menu | Camera and video | Miracast
+--- | --- | --- | --- | ---
+Single-app kiosk |  |  |  | 
+Multi-app kiosk |  |  with **Home** and **Volume** (default)
Photo and video buttons shown in Quick actions menu if the Camera app is enabled in the kiosk configuration.
Miracast is shown if the Camera app and device picker app are enabled in the kiosk configuration. |  if the Camera app is enabled in the kiosk configuration. |  if the Camera app and device picker app are enabled in the kiosk configuration.
+
+>[!NOTE]
+>Use the Application User Model ID (AUMID) to allow apps in your kiosk configuration. The Camera app AUMID is `HoloCamera_cw5n1h2txyewy!HoloCamera`. The device picker app AUMID is `HoloDevicesFlow_cw5n1h2txyewy!HoloDevicesFlow`.
+
+The [AssignedAccess Configuration Service Provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/assignedaccess-csp) enables kiosk configuration.
>[!WARNING]
>The assigned access feature which enables kiosk mode is intended for corporate-owned fixed-purpose devices. When the multi-app assigned access configuration is applied on the device, certain policies are enforced system-wide, and will impact other users on the device. Deleting the multi-app configuration will remove the assigned access lockdown profiles associated with the users, but it cannot revert all [the enforced policies](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps#policies-set-by-multi-app-kiosk-configuration). A factory reset is needed to clear all the policies enforced via assigned access.
diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md
index c1a90edadb..3e488d4a85 100644
--- a/devices/hololens/hololens-provisioning.md
+++ b/devices/hololens/hololens-provisioning.md
@@ -7,7 +7,7 @@ author: jdeckerms
ms.author: jdecker
ms.topic: article
ms.localizationpriority: medium
-ms.date: 04/30/2018
+ms.date: 11/13/2018
---
# Configure HoloLens using a provisioning package
@@ -49,8 +49,7 @@ Provisioning packages can include management instructions and policies, customiz
> [!TIP]
> Use the desktop wizard to create a package with the common settings, then switch to the advanced editor to add other settings, apps, policies, etc.
->
->
+
### Create the provisioning package
@@ -73,12 +72,12 @@ Use the Windows Configuration Designer tool to create a provisioning package.
-
Browse to and select the enterprise license file to upgrade the HoloLens edition.You can also toggle **Yes** or **No** to hide parts of the first experience.Select a region and timezone in which the device will be used.
-
 Toggle **On** or **Off** for wireless network connectivity. If you select **On**, enter the SSID, the network type (**Open** or **WPA2-Personal**), and (if **WPA2-Personal**) the password for the wireless network.
+
Browse to and select the enterprise license file to upgrade the HoloLens edition.You can also toggle **Yes** or **No** to hide parts of the first experience.To set up the device without the need to connect to a Wi-Fi network, toggle **Skip Wi-Fi setup** to **On**.Select a region and timezone in which the device will be used.
+
 In this section, you can enter the details of the Wi-Fi wireless network that the device should connect to automatically. To do this, select **On**, enter the SSID, the network type (**Open** or **WPA2-Personal**), and (if **WPA2-Personal**) the password for the wireless network.
 You can enroll the device in Azure Active Directory, or create a local account on the deviceBefore you use a Windows Configuration Designer wizard to configure bulk Azure AD enrollment, [set up Azure AD join in your organization](https://docs.microsoft.com/azure/active-directory/active-directory-azureadjoin-setup). The **maximum number of devices per user** setting in your Azure AD tenant determines how many times the bulk token that you get in the wizard can be used. To enroll the device in Azure AD, select that option and enter a friendly name for the bulk token you will get using the wizard. Set an expiration date for the token (maximum is 30 days from the date you get the token). Click **Get bulk token**. In the **Let's get you signed in** window, enter an account that has permissions to join a device to Azure AD, and then the password. Click **Accept** to give Windows Configuration Designer the necessary permissions. To create a local account, select that option and enter a user name and password. **Important:** (For Windows 10, version 1607 only) If you create a local account in the provisioning package, you must change the password using the **Settings** app every 42 days. If the password is not changed during that period, the account might be locked out and unable to sign in.
 To provision the device with a certificate, click **Add a certificate**. Enter a name for the certificate, and then browse to and select the certificate to be used.
-
Toggle **Yes** or **No** to enable Developer Mode on the HoloLens. [Learn more about Developer Mode.](https://docs.microsoft.com/windows/uwp/get-started/enable-your-device-for-development#developer-mode)
Do not set a password to protect your provisioning package. If the provisioning package is protected by a password, provisioning the HoloLens device will fail.
+
 Toggle **Yes** or **No** to enable Developer Mode on the HoloLens. [Learn more about Developer Mode.](https://docs.microsoft.com/windows/uwp/get-started/enable-your-device-for-development#developer-mode)
 Do not set a password to protect your provisioning package. If the provisioning package is protected by a password, provisioning the HoloLens device will fail.
After you're done, click **Create**. It only takes a few seconds. When the package is built, the location where the package is stored is displayed as a hyperlink at the bottom of the page.
@@ -137,7 +136,7 @@ After you're done, click **Create**. It only takes a few seconds. When the packa
10. When the build completes, click **Finish**.
-## Apply a provisioning package to HoloLens
+## Apply a provisioning package to HoloLens during setup
1. Connect the device via USB to a PC and start the device, but do not continue past the **Fit** page of OOBE (the first page with the blue box).
@@ -156,6 +155,23 @@ After you're done, click **Create**. It only takes a few seconds. When the packa
>[!NOTE]
>If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package.
+## Apply a provisioning package to HoloLens after setup
+
+>[!NOTE]
+>Windows 10, version 1809 only
+
+On your PC:
+1. Create a provisioning package as described at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md).
+2. Connect the HoloLens device via USB to a PC. HoloLens will show up as a device in File Explorer on the PC.
+3. Drag and drop the provisioning package to the Documents folder on the HoloLens.
+
+On your HoloLens:
+1. Go to **Settings > Accounts > Access work or school**.
+2. In **Related Settings**, select **Add or remove a provisioning package**.
+3. On the next page, select **Add a package** to launch the file picker and select your provisioning package. If the folder is empty, make sure you select **This Device** and select **Documents**.
+
+After your package has been applied, it will show in the list of **Installed packages**. To view package details or to remove the package from the device, select the listed package.
+
## What you can configure
Provisioning packages make use of configuration service providers (CSPs). If you're not familiar with CSPs, see [Introduction to configuration service providers (CSPs) for IT pros](https://technet.microsoft.com/itpro/windows/manage/how-it-pros-can-use-configuration-service-providers).
diff --git a/devices/hololens/hololens-updates.md b/devices/hololens/hololens-updates.md
index e10552862b..9ea1e9de34 100644
--- a/devices/hololens/hololens-updates.md
+++ b/devices/hololens/hololens-updates.md
@@ -14,36 +14,30 @@ ms.date: 04/30/2018
>**Looking for how to get the latest update? See [Update HoloLens](https://support.microsoft.com/help/12643/hololens-update-hololens).**
-Windows 10, version 1803, is the first feature update to Windows Holographic for Business since its release in Windows 10, version 1607. As with desktop devices, administrators can manage updates to the HoloLens operating system using [Windows Update for Business](https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb).
-
>[!NOTE]
>HoloLens devices must be [upgraded to Windows Holographic for Business](hololens-upgrade-enterprise.md) to manage updates.
+For a complete list of Update policies, see [Policies supported by Windows Holographic for Business](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#a-href-idhololenspoliciesapolicies-supported-by-windows-holographic-for-business).
-Mobile device management (MDM) providers use the [Policy Configuration Service Provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider) to enable update management.
+To configure how and when updates are applied, use the following policies:
+- [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate)
+- [Update/ScheduledInstallDay](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-scheduledinstallday)
+- [Update/ScheduledInstallTime](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-scheduledinstalltime)
-The Update policies supported for HoloLens are:
+To turn off the automatic check for updates, set the following policy to value **5** – Turn off Automatic Updates:
+- [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate)
-- [Update/AllowAutoUpdate](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowautoupdate)
-- [Update/AllowUpdateService](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowupdateservice)
-- [Update/RequireDeferUpgrade](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-requiredeferupgrade)
-- [Update/RequireUpdateApproval](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-requireupdateapproval)
-- [Update/UpdateServiceUrl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-updateserviceurl)
+In Microsoft Intune, you can use **Automatic Update Behavior** to change this policy. (See [Manage software updates in Microsoft Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure))
-
-
-Typically, devices access Windows Update directly for updates. You can use the following update policies to configure devices to get updates from Windows Server Update Service (WSUS) instead:
+For devices on Windows 10, version 1607 only: You can use the following update policies to configure devices to get updates from Windows Server Update Service (WSUS) instead of Windows Update:
- [Update/AllowUpdateService](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowupdateservice)
- [Update/RequireUpdateApproval](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-requireupdateapproval)
- [Update/UpdateServiceUrl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-updateserviceurl)
-In Microsoft Intune, use [a custom profile](https://docs.microsoft.com/intune/custom-settings-windows-holographic) to configure devices to get updates from WSUS.
-
-
-
## Related topics
-- [Manage software updates in Microsoft Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure)
\ No newline at end of file
+- [Policies supported by Windows Holographic for Business](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#a-href-idhololenspoliciesapolicies-supported-by-windows-holographic-for-business)
+- [Manage software updates in Microsoft Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure)
diff --git a/devices/hololens/hololens-whats-new.md b/devices/hololens/hololens-whats-new.md
index 75556a83db..0e17d81790 100644
--- a/devices/hololens/hololens-whats-new.md
+++ b/devices/hololens/hololens-whats-new.md
@@ -1,18 +1,60 @@
---
title: What's new in Microsoft HoloLens (HoloLens)
-description: Windows Holographic for Business gets new features in Windows 10, version 1803.
+description: Windows Holographic for Business gets new features in Windows 10, version 1809.
ms.prod: hololens
ms.sitesec: library
author: jdeckerms
ms.author: jdecker
ms.topic: article
ms.localizationpriority: medium
-ms.date: 04/30/2018
+ms.date: 11/13/2018
---
# What's new in Microsoft HoloLens
+## Windows 10, version 1809 for Microsoft HoloLens
+### For everyone
+
+Feature | Details
+--- | ---
+Quick actions menu | When you're in an app, the Bloom gesture will now open a Quick actions menu to give you quick access to commonly used system features without having to leave the app. See [Set up HoloLens in kiosk mode](hololens-kiosk.md) for information about the Quick actions menu in kiosk mode.
+Stop video capture from the Start or quick actions menu | If you start video capture from the Start menu or quick actions menu, you’ll be able to stop recording from the same place. (Don’t forget, you can always do this with voice commands too.)
+Project to a Miracast-enabled device | Project your HoloLens content to a nearby Surface device or TV/Monitor if using Microsoft Display adapter. On **Start**, select **Connect**, and then select the device you want to project to. **Note:** You can deploy HoloLens to use Miracast projection without enabling developer mode.
+New notifications | View and respond to notification toasts on HoloLens, just like you do on a PC. Gaze to respond to or dismiss them (or if you’re in an immersive experience, use the bloom gesture).
+HoloLens overlays (file picker, keyboard, dialogs, etc.) | You’ll now see overlays such as the keyboard, dialogs, file picker, etc. when using immersive apps.
+Visual feedback overlay UI for volume change | When you use the volume up/down buttons on your HoloLens you’ll see a visual display of the volume level.
+New UI for device boot | A loading indicator was added during the boot process to provide visual feedback that the system is loading. Reboot your device to see the new loading indicator—it’s between the "Hello" message and the Windows boot logo.
+Share UX: Nearby Sharing | Addition of the Windows Nearby Sharing experience, allowing you to share a capture with a nearby Windows device. When you capture a photo or video on HoloLens (or use the share button from an app such as Microsoft Edge), select a nearby Windows device to share with.
+Share from Microsoft Edge | Share button is now available on Microsoft Edge windows on HoloLens. In Microsoft Edge, select **Share**. Use the HoloLens share picker to share web content.
+
+
+
+### For administrators
+
+
+Feature | Details
+--- | ---
+[Enable post-setup provisioning](hololens-provisioning.md) | You can now apply a runtime provisioning package at any time using **Settings**.
+Assigned access with Azure AD groups | You can now use Azure AD groups for configuration of Windows assigned access to set up single or multi-app kiosk configuration.
+PIN sign-in on profile switch from sign-in screen | PIN sign-in is now available for **Other User**. | When signing in as **Other User**, the PIN option is now available under **Sign-In options**.
+Sign in with Web Credential Provider using password | You can now select the Globe sign-in option to launch web sign-in with your password. From the sign-in screen, select **Sign-In options** and select the Globe option to launch web sign-in. Enter your user name if needed, then your password. **Note:** You can choose to bypass any PIN/Smartcard options when prompted during web sign-in.
+Read device hardware info through MDM so devices can be tracked by serial # | IT administrators can see and track HoloLens by device serial number in their MDM console. Refer to your MDM documentation for feature availability and instructions.
+Set HoloLens device name through MDM (rename) | IT administrators can see and rename HoloLens devices in their MDM console. Refer to your MDM documentation for feature availability and instructions.
+
+### For international customers
+
+
+Feature | Details
+--- | ---
+Localized Chinese and Japanese builds | Use HoloLens with localized user interface for Simplified Chinese or Japanese, including localized Pinyin keyboard, dictation, and voice commands.
+Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English.
+
+[Learn how to install the Chinese and Japanese versions of HoloLens.](hololens-install-localized.md)
+
+
+
+## Windows 10, version 1803 for Microsoft HoloLens
Windows 10, version 1803, is the first feature update to Windows Holographic for Business since its release in Windows 10, version 1607. This update introduces the following changes:
@@ -49,6 +91,6 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for
## Additional resources
- [Reset or recover your HoloLens](https://developer.microsoft.com/windows/mixed-reality/reset_or_recover_your_hololens)
-- [Restart, rest, or recover HoloLens](https://support.microsoft.com/help/13452/hololens-restart-reset-or-recover-hololens)
+- [Restart, reset, or recover HoloLens](https://support.microsoft.com/help/13452/hololens-restart-reset-or-recover-hololens)
- [Manage devices running Windows Holographic with Microsoft Intune](https://docs.microsoft.com/intune/windows-holographic-for-business)
diff --git a/devices/hololens/images/account-management-details.png b/devices/hololens/images/account-management-details.png
index 4094dabd85..20816830a4 100644
Binary files a/devices/hololens/images/account-management-details.png and b/devices/hololens/images/account-management-details.png differ
diff --git a/devices/hololens/images/account-management.PNG b/devices/hololens/images/account-management.PNG
index 34165dfcd6..da53cb74b8 100644
Binary files a/devices/hololens/images/account-management.PNG and b/devices/hololens/images/account-management.PNG differ
diff --git a/devices/hololens/images/add-certificates.PNG b/devices/hololens/images/add-certificates.PNG
index 24cb605d1c..7a16dffd26 100644
Binary files a/devices/hololens/images/add-certificates.PNG and b/devices/hololens/images/add-certificates.PNG differ
diff --git a/devices/hololens/images/developer-setup-details.png b/devices/hololens/images/developer-setup-details.png
index 0a32af7ba7..d445bf5759 100644
Binary files a/devices/hololens/images/developer-setup-details.png and b/devices/hololens/images/developer-setup-details.png differ
diff --git a/devices/hololens/images/developer-setup.png b/devices/hololens/images/developer-setup.png
index 826fda5f25..a7e49873b0 100644
Binary files a/devices/hololens/images/developer-setup.png and b/devices/hololens/images/developer-setup.png differ
diff --git a/devices/hololens/images/finish.PNG b/devices/hololens/images/finish.PNG
index 7c65da1799..975caba764 100644
Binary files a/devices/hololens/images/finish.PNG and b/devices/hololens/images/finish.PNG differ
diff --git a/devices/hololens/images/set-up-device-details.PNG b/devices/hololens/images/set-up-device-details.PNG
index 85b7dd382e..7325e06e86 100644
Binary files a/devices/hololens/images/set-up-device-details.PNG and b/devices/hololens/images/set-up-device-details.PNG differ
diff --git a/devices/hololens/images/set-up-device.PNG b/devices/hololens/images/set-up-device.PNG
index 0c9eb0e3ff..577117a26a 100644
Binary files a/devices/hololens/images/set-up-device.PNG and b/devices/hololens/images/set-up-device.PNG differ
diff --git a/devices/hololens/images/set-up-network.PNG b/devices/hololens/images/set-up-network.PNG
index a0e856c103..19fd3ff7bb 100644
Binary files a/devices/hololens/images/set-up-network.PNG and b/devices/hololens/images/set-up-network.PNG differ
diff --git a/devices/hololens/index.md b/devices/hololens/index.md
index 2f5741df7e..9b7ed69845 100644
--- a/devices/hololens/index.md
+++ b/devices/hololens/index.md
@@ -22,9 +22,9 @@ ms.date: 07/27/2018
| Topic | Description |
| --- | --- |
| [What's new in Microsoft HoloLens](hololens-whats-new.md) | Discover the new features in the latest update. |
-[Insider preview for Microsoft HoloLens](hololens-insider.md) | Learn about new HoloLens features available in the latest Insider Preview build.
| [HoloLens in the enterprise: requirements](hololens-requirements.md) | Lists requirements for general use, Wi-Fi, and device management |
| [Set up HoloLens](hololens-setup.md) | How to set up HoloLens for the first time |
+[Install localized version of HoloLens](hololens-install-localized.md) | Install the Chinese or Japanese version of HoloLens
| [Unlock Windows Holographic for Business features](hololens-upgrade-enterprise.md) | How to upgrade your Development Edition HoloLens to Windows Holographic for Business |
| [Enroll HoloLens in MDM](hololens-enroll-mdm.md) | Manage multiple HoloLens devices simultaneously using solutions like Microsoft Intune |
| [Manage updates to HoloLens](hololens-updates.md) | Use mobile device management (MDM) policies to configure settings for updates. |
diff --git a/devices/surface-hub/TOC.md b/devices/surface-hub/TOC.md
index f4df822a14..d24333f170 100644
--- a/devices/surface-hub/TOC.md
+++ b/devices/surface-hub/TOC.md
@@ -32,7 +32,7 @@
#### [Wireless network management](wireless-network-management-for-surface-hub.md)
### [Install apps on your Surface Hub](install-apps-on-surface-hub.md)
### [Configure Surface Hub Start menu](surface-hub-start-menu.md)
-### [Set up and use Whiteboard to Whiteboard collaboration](whiteboard-collaboration.md)
+### [Set up and use Microsoft Whiteboard](whiteboard-collaboration.md)
### [End a Surface Hub meeting with End session](i-am-done-finishing-your-surface-hub-meeting.md)
### [Sign in to Surface Hub with Microsoft Authenticator](surface-hub-authenticator-app.md)
### [Save your BitLocker key](save-bitlocker-key-surface-hub.md)
diff --git a/devices/surface-hub/create-a-device-account-using-office-365.md b/devices/surface-hub/create-a-device-account-using-office-365.md
index 4e42bd0dad..2d52e698c0 100644
--- a/devices/surface-hub/create-a-device-account-using-office-365.md
+++ b/devices/surface-hub/create-a-device-account-using-office-365.md
@@ -75,10 +75,16 @@ From here on, you'll need to finish the account creation process using PowerShel
In order to run cmdlets used by these PowerShell scripts, the following must be installed for the admin PowerShell console:
-- [Microsoft Online Services Sign-In Assistant for IT Professionals BETA](https://go.microsoft.com/fwlink/?LinkId=718149)
+- [Microsoft Online Services Sign-In Assistant for IT Professionals RTW](https://www.microsoft.com/en-us/download/details.aspx?id=41950)
- [Windows Azure Active Directory Module for Windows PowerShell](https://www.microsoft.com/web/handlers/webpi.ashx/getinstaller/WindowsAzurePowershellGet.3f.3f.3fnew.appids)
- [Skype for Business Online, Windows PowerShell Module](https://www.microsoft.com/download/details.aspx?id=39366)
+Install the following module in Powershell
+``` syntax
+ install-module AzureAD
+ Install-module MsOnline
+```
+
### Connecting to online services
1. Run Windows PowerShell as Administrator.
@@ -184,15 +190,15 @@ Enable the device account with Skype for Business.
In order to enable Skype for Business, your environment will need to meet the following prerequisites:
-- You'll need to have Lync Online (Plan 2) or higher in your O365 plan. The plan needs to support conferencing capability.
-- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Lync Online (Plan 3).
+- You'll need to have Skype for Business Online Standalone Plan 2 or higher in your O365 plan. The plan needs to support conferencing capability.
+- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Skype for Business Online Standalone Plan 3.
- Your tenant users must have Exchange mailboxes.
-- Your Surface Hub account does require a Lync Online (Plan 2) or Lync Online (Plan 3) license, but it does not require an Exchange Online license.
+- Your Surface Hub account does require a Skype for Business Online Standalone Plan 2 or Skype for Business Online Standalone Plan 3 license, but it does not require an Exchange Online license.
1. Start by creating a remote PowerShell session from a PC.
```PowerShell
- Import-Module LyncOnlineConnector
+ Import-Module SkypeOnlineConnector
$cssess=New-CsOnlineSession -Credential $cred
Import-PSSession $cssess -AllowClobber
```
@@ -200,8 +206,7 @@ In order to enable Skype for Business, your environment will need to meet the fo
2. To enable your Surface Hub account for Skype for Business Server, run this cmdlet:
```PowerShell
- Enable-CsMeetingRoom -Identity $strEmail -RegistrarPool
- "sippoolbl20a04.infra.lync.com" -SipAddressType EmailAddress
+ Enable-CsMeetingRoom -Identity $strEmail -RegistrarPool "sippoolbl20a04.infra.lync.com" -SipAddressType EmailAddress
```
If you aren't sure what value to use for the `RegistrarPool` parameter in your environment, you can get the value from an existing Skype for Business user using this cmdlet:
@@ -343,31 +348,34 @@ Enable the device account with Skype for Business.
In order to enable Skype for Business, your environment will need to meet the following prerequisites:
-- You'll need to have Lync Online (Plan 2) or higher in your O365 plan. The plan needs to support conferencing capability.
-- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Lync Online (Plan 3).
+- You'll need to have Skype for Business Online Standalone Plan 2 or higher in your O365 plan. The plan needs to support conferencing capability.
+- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Skype for Business Online Standalone Plan 3.
- Your tenant users must have Exchange mailboxes.
-- Your Surface Hub account does require a Lync Online (Plan 2) or Lync Online (Plan 3) license, but it does not require an Exchange Online license.
+- Your Surface Hub account does require a Skype for Business Online Standalone Plan 2 or Skype for Business Online Standalone Plan 3 license, but it does not require an Exchange Online license.
1. Start by creating a remote PowerShell session from a PC.
```PowerShell
- Import-Module LyncOnlineConnector
+ Import-Module SkypeOnlineConnector
$cssess=New-CsOnlineSession -Credential $cred
Import-PSSession $cssess -AllowClobber
```
-2. To enable your Surface Hub account for Skype for Business Server, run this cmdlet:
+2. Retrieve your Surface Hub account Registrar Pool
- ```PowerShell
- Enable-CsMeetingRoom -Identity $strEmail -RegistrarPool
- "sippoolbl20a04.infra.lync.com" -SipAddressType EmailAddress
- ```
-
- If you aren't sure what value to use for the `RegistrarPool` parameter in your environment, you can get the value from an existing Skype for Business user using this cmdlet:
+If you aren't sure what value to use for the `RegistrarPool` parameter in your environment, you can get the value from an existing Skype for Business user using this cmdlet:
```PowerShell
Get-CsOnlineUser -Identity ‘alice@contoso.microsoft.com’| fl *registrarpool*
```
+
+3. To enable your Surface Hub account for Skype for Business Server, run this cmdlet:
+
+ ```PowerShell
+ Enable-CsMeetingRoom -Identity $strEmail -RegistrarPool "sippoolbl20a04.infra.lync.com" -SipAddressType EmailAddress
+ ```
+
+
diff --git a/devices/surface-hub/docfx.json b/devices/surface-hub/docfx.json
index dc151c3165..88d3dc2f7e 100644
--- a/devices/surface-hub/docfx.json
+++ b/devices/surface-hub/docfx.json
@@ -9,7 +9,7 @@
],
"resource": [
{
- "files": ["**/images/**", "**/*.json"],
+ "files": ["**/images/**"],
"exclude": ["**/obj/**"]
}
],
@@ -36,6 +36,7 @@
"externalReference": [
],
"template": "op.html",
- "dest": "devices/surface-hub"
+ "dest": "devices/surface-hub",
+ "markdownEngineName": "dfm"
}
}
\ No newline at end of file
diff --git a/devices/surface-hub/first-run-program-surface-hub.md b/devices/surface-hub/first-run-program-surface-hub.md
index 2574c2cbf6..346d0c8d8a 100644
--- a/devices/surface-hub/first-run-program-surface-hub.md
+++ b/devices/surface-hub/first-run-program-surface-hub.md
@@ -335,9 +335,11 @@ This is what happens when you choose an option.
- **Use Microsoft Azure Active Directory**
- Clicking this option allows you to join the device to Azure AD. Once you click **Next**, the device will restart to apply some settings, and then you’ll be taken to the [Use Microsoft Azure Active Directory](#use-microsoft-azure) page and asked to enter credentials that can allow you to join Azure AD. After joining, admins from the joined organization will be able to use the Settings app. The specific people that will be allowed depends on your Azure AD subscription and how you’ve configured the settings for your Azure AD organization.
+ Clicking this option allows you to join the device to Azure AD. Once you click **Next**, the device will restart to apply some settings, and then you’ll be taken to the [Use Microsoft Azure Active Directory](#use-microsoft-azure) page and asked to enter credentials that can allow you to join Azure AD. Members of the Azure Global Admins security group from the joined organization will be able to use the Settings app. The specific people that will be allowed depends on your Azure AD subscription and how you’ve configured the settings for your Azure AD organization.
>[!IMPORTANT]
+ >Administrators added to the Azure Global Admins group after you join the device to Azure AD will be unable to use the Settings app.
+ >
>If you join Surface Hub to Azure AD during first-run setup, single sign-on (SSO) for Office apps will not work properly. Users will have to sign in to each Office app individually.
- **Use Active Directory Domain Services**
@@ -396,7 +398,7 @@ Once the device has been domain joined, you must specify a security group from t
The following input is required:
- **Domain:** This is the fully qualified domain name (FQDN) of the domain that you want to join. A security group from this domain can be used to manage the device.
-- **User name:** The user name of an account that has sufficient permission to join the specified domain. This account must be a computer object.
+- **User name:** The user name of an account that has sufficient permission to join the specified domain.
- **Password:** The password for the account.
After the credentials are verified, you will be asked to type a security group name. This input is required.
diff --git a/devices/surface-hub/images/deploy1.png b/devices/surface-hub/images/deploy1.png
new file mode 100644
index 0000000000..1c5c119303
Binary files /dev/null and b/devices/surface-hub/images/deploy1.png differ
diff --git a/devices/surface-hub/images/deploy2.png b/devices/surface-hub/images/deploy2.png
new file mode 100644
index 0000000000..2b035e979f
Binary files /dev/null and b/devices/surface-hub/images/deploy2.png differ
diff --git a/devices/surface-hub/images/deploy3.png b/devices/surface-hub/images/deploy3.png
new file mode 100644
index 0000000000..56621a24dc
Binary files /dev/null and b/devices/surface-hub/images/deploy3.png differ
diff --git a/devices/surface-hub/images/getstarted.png b/devices/surface-hub/images/getstarted.png
new file mode 100644
index 0000000000..e5b85dd8ae
Binary files /dev/null and b/devices/surface-hub/images/getstarted.png differ
diff --git a/devices/surface-hub/images/manage1.png b/devices/surface-hub/images/manage1.png
new file mode 100644
index 0000000000..4caf53b809
Binary files /dev/null and b/devices/surface-hub/images/manage1.png differ
diff --git a/devices/surface-hub/images/manage2.png b/devices/surface-hub/images/manage2.png
new file mode 100644
index 0000000000..cb232cffa6
Binary files /dev/null and b/devices/surface-hub/images/manage2.png differ
diff --git a/devices/surface-hub/images/manage3.png b/devices/surface-hub/images/manage3.png
new file mode 100644
index 0000000000..9da88b808e
Binary files /dev/null and b/devices/surface-hub/images/manage3.png differ
diff --git a/devices/surface-hub/images/manage4.png b/devices/surface-hub/images/manage4.png
new file mode 100644
index 0000000000..5c9553718e
Binary files /dev/null and b/devices/surface-hub/images/manage4.png differ
diff --git a/devices/surface-hub/images/plan1.png b/devices/surface-hub/images/plan1.png
new file mode 100644
index 0000000000..891e1e43a6
Binary files /dev/null and b/devices/surface-hub/images/plan1.png differ
diff --git a/devices/surface-hub/images/plan2.png b/devices/surface-hub/images/plan2.png
new file mode 100644
index 0000000000..3ad1f2b9fc
Binary files /dev/null and b/devices/surface-hub/images/plan2.png differ
diff --git a/devices/surface-hub/images/plan3.png b/devices/surface-hub/images/plan3.png
new file mode 100644
index 0000000000..1891d1d2b5
Binary files /dev/null and b/devices/surface-hub/images/plan3.png differ
diff --git a/devices/surface-hub/images/surfaceblog.png b/devices/surface-hub/images/surfaceblog.png
new file mode 100644
index 0000000000..ae996a918c
Binary files /dev/null and b/devices/surface-hub/images/surfaceblog.png differ
diff --git a/devices/surface-hub/images/surfacemechanics.png b/devices/surface-hub/images/surfacemechanics.png
new file mode 100644
index 0000000000..ad674466fa
Binary files /dev/null and b/devices/surface-hub/images/surfacemechanics.png differ
diff --git a/devices/surface-hub/images/twitter.png b/devices/surface-hub/images/twitter.png
new file mode 100644
index 0000000000..25143adcf6
Binary files /dev/null and b/devices/surface-hub/images/twitter.png differ
diff --git a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
index 0771aab258..65c471f4a1 100644
--- a/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
+++ b/devices/surface-hub/manage-settings-with-mdm-for-surface-hub.md
@@ -132,7 +132,7 @@ The following tables include info on Windows 10 settings that have been validate
| Setting | Details | CSP reference | Supported with Intune? | Supported with Configuration Manager? | Supported with SyncML\*? |
| --- | --- | --- |---- | --- | --- |
| Defender policies | Use to configure various Defender settings, including a scheduled scan time. | Defender/*``* See [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) | Yes [Use a custom policy.](#example-intune) | Yes. [Use a custom setting.](#example-sccm) | Yes |
-| Defender status | Use to initiate a Defender scan, force a signature update, query any threats detected. | [Defender CSP](https://msdn.microsoft.com/library/windows/hardware/mt187856.aspx) | No. | No. | Yes |
+| Defender status | Use to initiate a Defender scan, force a Security intelligence update, query any threats detected. | [Defender CSP](https://msdn.microsoft.com/library/windows/hardware/mt187856.aspx) | No. | No. | Yes |
\*Settings supported with SyncML can also be configured in a Windows Configuration Designer provisioning package.
#### Remote reboot
diff --git a/devices/surface-hub/manage-surface-hub.md b/devices/surface-hub/manage-surface-hub.md
index 9518232b8b..da29b06c9d 100644
--- a/devices/surface-hub/manage-surface-hub.md
+++ b/devices/surface-hub/manage-surface-hub.md
@@ -32,7 +32,7 @@ Learn about managing and updating Surface Hub.
| [Manage Surface Hub settings](manage-surface-hub-settings.md) |Topics related to managing Surface Hub settings: accessibility, device account, device reset, fully qualified domain name, Windows Update settings, and wireless network |
| [Install apps on your Surface Hub]( https://technet.microsoft.com/itpro/surface-hub/install-apps-on-surface-hub) | Admins can install apps can from either the Microsoft Store or the Microsoft Store for Business.|
[Configure Surface Hub Start menu](surface-hub-start-menu.md) | Use MDM to customize the Start menu for Surface Hub.
-| [Set up and use Whiteboard to Whiteboard collaboration](whiteboard-collaboration.md) | Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board. |
+| [Set up and use Microsoft Whiteboard](whiteboard-collaboration.md) | Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board. |
| [End a meeting with End session](https://technet.microsoft.com/itpro/surface-hub/i-am-done-finishing-your-surface-hub-meeting) | At the end of a meeting, users can tap **End session** to clean up any sensitive data and prepare the device for the next meeting.|
| [Sign in to Surface Hub with Microsoft Authenticator](surface-hub-authenticator-app.md) | You can sign in to a Surface Hub without a password using the Microsoft Authenticator app, available on Android and iOS. |
| [Save your BitLocker key](https://technet.microsoft.com/itpro/surface-hub/save-bitlocker-key-surface-hub) | Every Surface Hub is automatically set up with BitLocker drive encryption software. Microsoft strongly recommends that you make sure you back up your BitLocker recovery keys.|
diff --git a/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md b/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md
index babce30d59..cae7e9639e 100644
--- a/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md
+++ b/devices/surface-hub/on-premises-deployment-surface-hub-multi-forest.md
@@ -80,7 +80,7 @@ If you have a multi-forest on-premises deployment with Microsoft Exchange 2013 o
6. You now need to change the room mailbox to a linked mailbox:
```PowerShell
- $cred=Get-Credential AuthForest\LinkedRoomTest1
+ $cred=Get-Credential AuthForest\ADAdmin
Set-mailbox -Alias LinkedRoomTest1 -LinkedMasterAccount AuthForest\LinkedRoomTest1 -LinkedDomainController AuthForest-4939.AuthForest.extest.contoso.com -Name LinkedRoomTest1 -LinkedCredential $cred -Identity LinkedRoomTest1
```
diff --git a/devices/surface-hub/prepare-your-environment-for-surface-hub.md b/devices/surface-hub/prepare-your-environment-for-surface-hub.md
index b9239014a4..6f1deba6b9 100644
--- a/devices/surface-hub/prepare-your-environment-for-surface-hub.md
+++ b/devices/surface-hub/prepare-your-environment-for-surface-hub.md
@@ -25,7 +25,7 @@ Review these dependencies to make sure Surface Hub features will work in your IT
|-------------|------------------|
| Active Directory or Azure Active Directory (Azure AD) |
The Surface Hub's uses an Active Directory or Azure AD account (called a **device account**) to access Exchange and Skype for Business services. The Surface Hub must be able to connect to your Active Directory domain controller or to your Azure AD tenant in order to validate the device account’s credentials, as well as to access information like the device account’s display name, alias, Exchange server, and Session Initiation Protocol (SIP) address.
You can also domain join or Azure AD join your Surface Hub to allow a group of authorized users to configure settings on the Surface Hub. |
| Exchange (Exchange 2013 or later, or Exchange Online) and Exchange ActiveSync |
Exchange is used for enabling mail and calendar features, and also lets people who use the device send meeting requests to the Surface Hub, enabling one-touch meeting join.
ActiveSync is used to sync the device account’s calendar and mail to the Surface Hub. If the device cannot use ActiveSync, it will not show meetings on the welcome screen, and joining meetings and emailing whiteboards will not be enabled. |
-| Skype for Business (Lync Server 2013 or later, or Skype for Business Online) | Skype for Business is used for various conferencing features, like video calls, instant messaging, and screen sharing.If screen sharing on a Surface Hub fails and the error message **An error occurred during the screen presentation** is displayed, see [Video Based Screen Sharing not working on Surface Hub](https://support.microsoft.com/help/3179272/video-based-screen-sharing-not-working-on-surface-hub) for help. |
+| Skype for Business (Lync Server 2013 or later, or Skype for Business Online) | Skype for Business is used for various conferencing features, like video calls, instant messaging, and screen sharing.|
| Mobile device management (MDM) solution (Microsoft Intune, System Center Configuration Manager, or supported third-party MDM provider) | If you want to apply settings and install apps remotely, and to multiple devices at a time, you must set up a MDM solution and enroll the device to that solution. See [Manage settings with an MDM provider](manage-settings-with-mdm-for-surface-hub.md) for details. |
| Microsoft Operations Managmement Suite (OMS) | OMS is used to monitor the health of Surface Hub devices. See [Monitor your Surface Hub](monitor-surface-hub.md) for details. |
| Network and Internet access | In order to function properly, the Surface Hub should have access to a wired or wireless network. Overall, a wired connection is preferred. 802.1X Authentication is supported for both wired and wireless connections.**802.1X authentication:** In Windows 10, version 1703, 802.1X authentication for wired and wireless connections is enabled by default in Surface Hub. If your organization doesn't use 802.1X authentication, there is no configuration required and Surface Hub will continue to function as normal. If you use 802.1X authentication, you must ensure that the authentication certification is installed on Surface Hub. You can deliver the certificate to Surface Hub using the [ClientCertificateInstall CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/clientcertificateinstall-csp) in MDM, or you can [create a provisioning package](provisioning-packages-for-surface-hub.md) and install it during first run or through the Settings app. After the certificate is applied to Surface Hub, 802.1X authentication will start working automatically.**Note:** For more information on enabling 802.1X wired authentication on Surface Hub, see [Enable 802.1x wired authentication](enable-8021x-wired-authentication.md).**Dynamic IP:** The Surface Hub cannot be configured to use a static IP. It must use DHCP to assign an IP address.**Proxy servers:** If your topology requires a connection to a proxy server to reach Internet services, then you can configure it during first run, or in Settings. Proxy credentials are stored across Surface Hub sessions and only need to be set once. |
@@ -37,8 +37,8 @@ Additionally, note that Surface Hub requires the following open ports:
If you are using Surface Hub with Skype for Business, you will need to open additional ports. Please follow the guidance below:
- If you use Skype for Business Online, see [Office 365 IP URLs and IP address ranges](https://support.office.com/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US).
-- If you use Skype for Business Server, see [Skype for Business Server: Ports and protocols for internal servers](https://technet.microsoft.com/library/gg398833.aspx).
-- If you use a hybrid of Skype for Business Online and Skype for Business Server, you need to open all documented ports from [Office 365 IP URLs and IP address ranges](https://support.office.com/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US) and [Skype for Business Server: Ports and protocols for internal servers](https://technet.microsoft.com/library/gg398833.aspx).
+- If you use Skype for Business Server, see [Skype for Business Server: Ports and protocols for internal servers](https://docs.microsoft.com/SkypeForBusiness/plan-your-deployment/network-requirements/ports-and-protocols).
+- If you use a hybrid of Skype for Business Online and Skype for Business Server, you need to open all documented ports from [Office 365 IP URLs and IP address ranges](https://support.office.com/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US) and [Skype for Business Server: Ports and protocols for internal servers](https://docs.microsoft.com/SkypeForBusiness/plan-your-deployment/network-requirements/ports-and-protocols?toc=/SkypeForBusiness/toc.json&bc=/SkypeForBusiness/breadcrumb/toc.json).
Microsoft collects diagnostic data to help improve your Surface Hub experience. Add these sites to your allow list:
- Diagnostic data client endpoint: `https://vortex.data.microsoft.com/`
diff --git a/devices/surface-hub/provisioning-packages-for-surface-hub.md b/devices/surface-hub/provisioning-packages-for-surface-hub.md
index ad3c3d7d7e..5698f985b0 100644
--- a/devices/surface-hub/provisioning-packages-for-surface-hub.md
+++ b/devices/surface-hub/provisioning-packages-for-surface-hub.md
@@ -8,7 +8,7 @@ ms.sitesec: library
author: jdeckerms
ms.author: jdecker
ms.topic: article
-ms.date: 07/27/2017
+ms.date: 03/16/2019
ms.localizationpriority: medium
---
@@ -267,13 +267,13 @@ If your build is successful, the name of the provisioning package, output direct
## Apply a provisioning package to Surface Hub
-There are two options for deploying provisioning packages to a Surface Hub. You can apply a provisioning packing [during the first run wizard](#apply-a-provisioning-package-during-first-run), or using [Settings](#apply-a-package-using-settings).
+There are two options for deploying provisioning packages to a Surface Hub. [During the first run wizard](#apply-a-provisioning-package-during-first-run), you can apply a provisioning package that installs certificates, or after the first-run program is complete, you can apply a provisioning package that configures settings, apps, and certificates by using [Settings](#apply-a-package-using-settings).
### Apply a provisioning package during first run
> [!IMPORTANT]
-> Only use provisioning packages to install certificates during first run. Use the **Settings** app to install apps and apply other settings.
+> During the first-run program, you can only use provisioning packages to install certificates. Use the **Settings** app to install apps and apply other settings.
1. When you turn on the Surface Hub for the first time, the first-run program will display the [**Hi there page**](first-run-program-surface-hub.md#first-page). Make sure that the settings are properly configured before proceeding.
diff --git a/devices/surface-hub/surface-hub-recovery-tool.md b/devices/surface-hub/surface-hub-recovery-tool.md
index 262bcc5d2a..e6e0eeb5c1 100644
--- a/devices/surface-hub/surface-hub-recovery-tool.md
+++ b/devices/surface-hub/surface-hub-recovery-tool.md
@@ -46,9 +46,9 @@ If the tool is unsuccessful in reimaging your drive, please contact [Surface Hub
## Download Surface Hub Recovery Tool
-Surface Hub Recovery Tool is available for download from [Surface Hub Tools for IT](https://www.microsoft.com/download/details.aspx?id=52210) under the file name **SurfaceHub_Recovery_v1.4.137.0.msi**.
+Surface Hub Recovery Tool is available for download from [Surface Hub Tools for IT](https://www.microsoft.com/download/details.aspx?id=52210) under the file name **SurfaceHub_Recovery_v1.14.137.0.msi**.
-To start the download, click **Download**, choose **SurfaceHub_Recovery_v1.4.137.0.msi** from the list, and click **Next**. From the pop-up, choose one of the following:
+To start the download, click **Download**, choose **SurfaceHub_Recovery_v1.14.137.0.msi** from the list, and click **Next**. From the pop-up, choose one of the following:
- Click **Run** to start the installation immediately.
- Click **Save** to copy the download to your computer for later installation.
@@ -96,4 +96,4 @@ The reimaging process appears halted/frozen | It is safe to close and restart th
The drive isn’t recognized by the tool | Verify that the Surface Hub SSD is enumerated as a Lite-On drive, "LITEON L CH-128V2S USB Device". If the drive is recognized as another named device, your current cable isn’t compatible. Try another cable or one of the tested cable listed above.
Error: -2147024809 | Open Disk Manager and remove the partitions on the Surface Hub drive. Disconnect and reconnect the drive to the host machine. Restart the imaging tool again.
-If the tool is unsuccessful in reimaging your drive, please contact [Surface Hub Support](https://support.microsoft.com/help/4037644/surface-contact-surface-warranty-and-software-support).
\ No newline at end of file
+If the tool is unsuccessful in reimaging your drive, please contact [Surface Hub Support](https://support.microsoft.com/help/4037644/surface-contact-surface-warranty-and-software-support).
diff --git a/devices/surface-hub/surface-hub.yml b/devices/surface-hub/surface-hub.yml
new file mode 100644
index 0000000000..0a9e948ca5
--- /dev/null
+++ b/devices/surface-hub/surface-hub.yml
@@ -0,0 +1,62 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Surface Hub
+metadata:
+ document_id:
+ title: Surface Hub
+ description: Find tools and resources to help you install, set up, and manage a Surface Hub in your organization.
+ keywords: Surface Hub, Windows 10
+ ms.localizationpriority: medium
+ author: lizap
+ ms.author: elizapo
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find tools and resources to help you install, set up, and manage a Surface Hub in your organization.
+ "
+- title: Explore
+- items:
+ - type: markdown
+ text: "
+ Discover how this all-in-one productivity device enables teams to better brainstorm, collaborate, and share ideas.
+
+
+ "
+- title: Plan
+- items:
+ - type: markdown
+ text: "
+ Prepare to deploy Surface Hub in your organization. Explore site readiness, assembly, configuration, and Exchange and ActiveSync policies.
+
+ "
+- title: Deploy
+- items:
+ - type: markdown
+ text: "
+ Get information for setup, app management and installation, and network management of your Surface Hub.
+
**Surface IT Pro Blog** Get insight into new Surface products plus tips and tricks for IT professionals. Learn more
**Surface on Microsoft Mechanics** View technical demos and walkthroughs of Surface devices, features, and functionality. Get started
**Follow us on Twitter** Keep up with the latest news and see the latest product demonstrations. Visit Twitter
+
+ "
diff --git a/devices/surface-hub/whiteboard-collaboration.md b/devices/surface-hub/whiteboard-collaboration.md
index 10f086f358..9a68506147 100644
--- a/devices/surface-hub/whiteboard-collaboration.md
+++ b/devices/surface-hub/whiteboard-collaboration.md
@@ -1,27 +1,29 @@
---
-title: Set up and use Whiteboard to Whiteboard collaboration
+title: Set up and use Microsoft Whiteboard
description: Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board.
ms.prod: surface-hub
ms.sitesec: library
author: jdeckerms
ms.author: jdecker
ms.topic: article
-ms.date: 07/12/2018
+ms.date: 03/18/2019
ms.localizationpriority: medium
---
-# Set up and use Whiteboard to Whiteboard collaboration (Surface Hub)
+# Set up and use Microsoft Whiteboard
+
-The Microsoft Whiteboard app includes the capability for two Surface Hubs to collaborate in real time on the same board.
>[!IMPORTANT]
->A new Microsoft Whiteboard app was released on July 12, 2018. The existing Whiteboard app that comes installed on Surface Hub and is pinned to the Welcome screen cannot collaborate with the new version that can be installed on the PC. If people in your organization install the new Whiteboard on their PCs, you must install the new Whiteboard on Surface Hub to enable collaboration. To learn more about installing the new Whiteboard on your Surface Hub, see [Whiteboard on Surface Hub opt-in](https://go.microsoft.com/fwlink/p/?LinkId=2004277).
+>A new Microsoft Whiteboard app was released on July 12, 2018. The existing Whiteboard app that comes installed on Surface Hub and is pinned to the Welcome screen has been renamed **Microsoft Whiteboard 2016**. Microsoft Whiteboard 2016 will be automatically upgraded by May 21, 2019, and the collaboration service for the legacy app will stop functioning after June 7, 2019. For more details, see [Enable Microsoft Whiteboard on Surface Hub](https://support.office.com/article/enable-microsoft-whiteboard-on-surface-hub-b5df4539-f735-42ff-b22a-0f5e21be7627?ui=en-US&rs=en-US&ad=US).
+
+The Microsoft Whiteboard app includes the capability for two Surface Hubs to collaborate in real time on the same board.
By ensuring that your organization meets the prerequisites, users can then ink, collaborate, and ideate together.
-## Prerequisites for Whiteboard to Whiteboard collaboration
+## Prerequisites for Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016)
To get Whiteboard to Whiteboard collaboration up and running, you’ll need to make sure your organization meets the following requirements:
@@ -36,7 +38,7 @@ To get Whiteboard to Whiteboard collaboration up and running, you’ll need to m
>[!NOTE]
>Collaborative sessions can only take place between users within the same tenant, so users outside of your organization won’t be able to join even if they have a Surface Hub.
-## Using Whiteboard to Whiteboard collaboration
+## Using Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016)
To start a collaboration session:
diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md
index e68eb9a565..c83a77a2bd 100644
--- a/devices/surface/TOC.md
+++ b/devices/surface/TOC.md
@@ -10,11 +10,13 @@
### [Surface Deployment Accelerator](microsoft-surface-deployment-accelerator.md)
#### [Step by step: Surface Deployment Accelerator](step-by-step-surface-deployment-accelerator.md)
#### [Using the Surface Deployment Accelerator deployment share](using-the-sda-deployment-share.md)
+### [Maintain optimal power settings on Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)
### [Battery Limit setting](battery-limit.md)
+### [Surface Brightness Control](microsoft-surface-brightness-control.md)
+### [Surface Asset Tag](assettag.md)
## [Surface firmware and driver updates](update.md)
### [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)
### [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)
-### [Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)
### [Surface Dock Updater](surface-dock-updater.md)
### [Wake On LAN for Surface devices](wake-on-lan-for-surface-devices.md)
## [Considerations for Surface and System Center Configuration Manager](considerations-for-surface-and-system-center-configuration-manager.md)
@@ -22,10 +24,14 @@
## [Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices](enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md)
## [Manage Surface UEFI settings](manage-surface-uefi-settings.md)
### [Advanced UEFI security features for Surface Pro 3](advanced-uefi-security-features-for-surface-pro-3.md)
+### [Surface System SKU reference](surface-system-sku-reference.md)
## [Surface Enterprise Management Mode](surface-enterprise-management-mode.md)
### [Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md)
### [Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md)
### [Use System Center Configuration Manager to manage devices with SEMM](use-system-center-configuration-manager-to-manage-devices-with-semm.md)
+## [Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md)
+### [Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md)
+### [Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md)
## [Surface Data Eraser](microsoft-surface-data-eraser.md)
## [Top support solutions for Surface devices](support-solutions-surface.md)
## [Change history for Surface documentation](change-history-for-surface.md)
diff --git a/devices/surface/assettag.md b/devices/surface/assettag.md
new file mode 100644
index 0000000000..9771aacb0d
--- /dev/null
+++ b/devices/surface/assettag.md
@@ -0,0 +1,112 @@
+---
+title: Surface Asset Tag Tool
+description: This topic explains how to use the Surface Asset Tag Tool.
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: coveminer
+ms.author: v-jokai
+ms.topic: article
+ms.date: 02/01/2019
+---
+
+# Surface Asset Tag Tool
+
+Surface Asset Tag is a command line interface (CLI) utility
+that allows you to view, assign, and modify an assigned asset tag value
+for Surface devices. It works on Surface Pro 3 and all newer Surface devices.
+
+## System requirements
+
+ - Surface Pro 3 or later
+
+ - UEFI firmware version 3.9.150.0 or later
+
+## Using Surface Asset Tag
+
+To run Surface Asset Tag:
+
+1. On the Surface device, download **Surface Pro 3 AssetTag.zip** from the [Microsoft Download
+ Center](http://www.microsoft.com/download/details.aspx?id=44076),
+ extract the zip file, and save AssetTag.exe in desired folder (in
+ this example, C:\\assets).
+
+2. Open a command console as an Administrator and run AssetTag.exe,
+ entering the full path to the tool.
+
+3. Restart Surface.
+
+### Asset Tag tool commands
+In the following examples, AssetTag.exe is saved in a directory on a local machine (C:\assets).
+
+To get the proposed asset tag, run AssetTag -g.
+
+**Example**
+
+ ```
+ C:\assets\AssetTag.exe -g
+ ```
+
+ To clear the proposed asset tag, run AssetTag -s.
+
+ **Example**
+
+ ```
+C:\assets\AssetTag.exe -s
+ ```
+To set the proposed asset tag, run AssetTag -s testassettag12.
+
+**Example**
+
+```
+C:\assets\AssetTag.exe -s testassettag12
+```
+
+>[!NOTE]
+>The asset tag value must contain between 1 and 36 characters. Valid characters include A-Z, a-z, 0-9, period (.) and hyphen (-).
+
+
+## Managing asset tags
+
+You can view the existing asset tag in the UEFI settings under Device
+Information (**Control Panel > Recovery > Advanced Startup > Restart
+now**.)
+
+The figure below shows the results of running the Asset Tag Tool on
+Surface Go.
+
+
+
+> **Figure 1.** Results of running Surface Asset Tag tool on Surface Go
+
+Alternately, you can use WMI to query the existing asset tag on a device:
+
+(Get-WmiObject -query “Select * from Win32_SystemEnclosure”)
+
+**Example**
+
+ ```
+C:\Windows\System32> (Get-WmiObject -query “Select * from Win32_SystemEnclosure”)
+ ```
+
+### Using PowerShell
+
+You can use the script below as a way of getting the proposed value and
+interpreting any errors.
+
+ ```
+AssetTag -g \> $asset\_tag 2\> $error\_message
+$asset\_tag\_return\_code = $LASTEXITCODE
+$asset\_tag = $asset\_tag.Trim(“\`r\`n”)
+
+if ($asset\_tag\_return\_code -eq 0) {
+Write-Output (“Good Tag = ” + $asset\_tag)
+} else {
+Write-Output (
+“Failure: Code = ” + $asset\_tag\_return\_code +
+“Tag = ” + $asset\_tag +
+“Message = ” + $error\_message)
+
+}
+ ```
diff --git a/devices/surface/battery-limit.md b/devices/surface/battery-limit.md
index 1e86776942..b1a34e4f19 100644
--- a/devices/surface/battery-limit.md
+++ b/devices/surface/battery-limit.md
@@ -11,7 +11,7 @@ ms.author: jdecker
ms.topic: article
---
-# Battery Limit settings
+# Battery Limit setting
Battery Limit option is a UEFI setting that changes how the Surface device battery is charged and may prolong its longevity. This setting is recommended in cases in which the device is continuously connected to power, for example when devices are integrated into kiosk solutions.
@@ -19,7 +19,7 @@ Battery Limit option is a UEFI setting that changes how the Surface device batte
Setting the device on Battery Limit changes the protocol for charging the device battery. When Battery Limit is enabled, the battery charge will be limited to 50% of its maximum capacity. The charge level reported in Windows will reflect this limit. Therefore, it will show that the battery is charged up to 50% and will not charge beyond this limit. If you enable Battery Limit while the device is above 50% charge, the Battery icon will show that the device is plugged in but discharging until the device reaches 50% of its maximum charge capacity.
-Adding the Battery Limit option to Surface UEFI will require a [Surface UEFI firmware update](update.md), which will be made available through Windows Update or via the MSI driver and firmware packages on the Microsoft Download Center. Check [Enable "Battery Limit" for Surface devices that have to be plugged in for extended periods of time](https://support.microsoft.com/help/4464941) for the specific Surface UEFI version required for each device and supported devices. Currently, Battery Limit is only supported on Surface Pro 4 and Surface Pro 3. However, the setting will be available in the future on other Surface device models.
+Adding the Battery Limit option to Surface UEFI requires a [Surface UEFI firmware update](update.md), available through Windows Update or via the MSI driver and firmware packages on the Microsoft Download Center. Check [Enable "Battery Limit" for Surface devices that have to be plugged in for extended periods of time](https://support.microsoft.com/help/4464941) for the specific Surface UEFI version required for each supported device. Currently, Battery Limit is supported on a subset of Surface devices and will be available in the future on other Surface device models.
## Enabling Battery Limit in Surface UEFI (Surface Pro 4 and later)
diff --git a/devices/surface/change-history-for-surface.md b/devices/surface/change-history-for-surface.md
index 0e0ff5dcc7..271b1cc5e2 100644
--- a/devices/surface/change-history-for-surface.md
+++ b/devices/surface/change-history-for-surface.md
@@ -7,13 +7,44 @@ ms.sitesec: library
author: jdeckerms
ms.author: jdecker
ms.topic: article
-ms.date: 10/15/2018
---
# Change history for Surface documentation
This topic lists new and updated topics in the Surface documentation library.
+## March 2019
+
+New or changed topic | Description
+--- | ---
+[Surface System SKU reference](surface-system-sku-reference.md) | New
+
+
+## February 2019
+
+New or changed topic | Description
+--- | ---
+[Surface Asset Tag](assettag.md) | New
+
+
+## January 2019
+
+New or changed topic | Description
+--- | ---
+[Surface Brightness Control](microsoft-surface-brightness-control.md) | New
+[Maintain optimal power settings on Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) | New
+|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Studio 2 |
+
+
+## November 2018
+
+New or changed topic | Description
+--- | ---
+|[Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md) | Added Surface Pro 6 |
+[Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) | New
+[Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md) | New
+[Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md) | New
+
## October 2018
New or changed topic | Description
@@ -115,4 +146,4 @@ New or changed topic | Description
-
\ No newline at end of file
+
diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
index 116df9446d..6a7e4495eb 100644
--- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
+++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
@@ -9,218 +9,74 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: brecords
-ms.date: 10/15/2018
+ms.date: 11/15/2018
ms.author: jdecker
ms.topic: article
---
-# Download the latest firmware and drivers for Surface devices
-
-
-This article provides a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.
-
-As easy as it is to keep Surface device drivers and firmware up to date automatically with Windows Update, it is sometimes necessary to download and install updates manually, such as during a Windows deployment. For any situation where you need to install drivers and firmware separately from Windows Update, you can find the files available for download at the Microsoft Download Center.
-
-On the Microsoft Download Center page for your device, you will find several files available. These files allow you to deploy drivers and firmware in various ways. You can read more about the different deployment methods for Surface drivers and firmware in [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md).
-
-Driver and firmware updates for Surface devices are **cumulative updates** which provide comprehensive roundups of all of the latest files for the Surface device running that version of Windows.
-
-Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices and are detailed here in this article.
-
->[!NOTE]
->To simplify the process of locating drivers for your device, downloads for Surface devices have been reorganized to separate pages for each model. Bookmark the Microsoft Download Center page for your device from the links provided on this page. Many of the filenames contain a placeholder denoted with *xxxxxx*, which identifies the current version number or date of the file.
-
-
-Recent additions to the downloads for Surface devices provide you with options to install Windows 10 on your Surface devices and update LTE devices with the latest Windows 10 drivers and firmware.
-
-
-
->[!NOTE]
->A battery charge of 40% or greater is required before you install firmware to a Surface device. See [Microsoft Support article KB2909710](https://go.microsoft.com/fwlink/p/?LinkId=618106) for more information.
-
-
-## Surface GO
-
-Download the following updates for [Surface GO from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57439).
-* SurfaceGO_Win10_17134_1802010_6.msi - Cumulative firmware and driver update package for Windows 10
-
-## Surface Book 2
-
-
-Download the following updates for [Surface Book 2 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=56261).
-* SurfaceBook2_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-## Surface Laptop
-
-
-Download the following updates for [Surface Laptop from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55489).
-* SurfaceLaptop_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-## Surface Pro
-
-
-Download the following updates for [Surface Pro (Model 1796) from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55484).
-
-* SurfacePro_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-## Surface Pro with LTE Advanced
-
-
-Download the following updates for [Surface Pro with LTE Advanced from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=56278).
-* SurfacePro_LTE_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-## Surface Studio
-
-
-Download the following updates for [Surface Studio from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=54311).
-
-* SurfaceStudio_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-## Surface Book
-
-
-Download the following updates [for Surface Book from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49497).
-
-- SurfaceBook_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-- SurfaceBook_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
-
-- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-
-## Surface Pro 4
-
-
-Download the following updates for [Surface Pro 4 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49498).
-
-- SurfacePro4_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-- SurfacePro4_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
-
-- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-
-## Surface Pro 3
-
-
-Download the following updates [for Surface Pro 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=38826).
-
-- SurfacePro3_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-- SurfacePro3_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
-
-- SurfacePro3_Win8x_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 8.1 Pro
-
-- SurfacePro3_Win8x_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro
-
-- Surface Firmware Tool.msi – Firmware tools for UEFI management
-
-- Surface Pro 3 AssetTag.zip – UEFI Asset Tag management tool
-
-- Surface Pro 3 KB2978002.zip – Update for Quick Note-Taking Experience feature in Windows 8.1
-
-- Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1
-
-- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-
-## Surface 3
-
-
-Download the following updates [for Surface 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49040).
-
-- Surface3_WiFi_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10
-
-- Surface3_WiFi_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
-
-- Surface3_WiFi_Win8x_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 8.1 Pro
-
-- Surface3_WiFi_Win8x_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro
-
-- Surface 3 AssetTag.zip – UEFI Asset Tag management tool
-
-- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-
-## Surface 3 LTE
-
-
-Download the following updates [for AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49039).
-
-- Surface3_4GLTE-ATT_Win10_xxxxx_xxxxxx.msi – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 10
-
-- Surface3_4GLTE-ATT_Win10_xxxxx_xxxxxx.zip – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 10
-
-- Surface3_4GLTE-ATT_Win8x_xxxxx_xxxxxx.msi – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 8.1 Pro
-
-- Surface3_4GLTE-ATT_Win8x_xxxxx_xxxxxx.zip – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 8.1 Pro
-
-- Surface 3 AssetTag.zip – UEFI Asset Tag management tool
-
-- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-
-Download the following updates [for non-AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49037).
-
-- Surface3_4GLTE-NorthAmericaUnlocked_Win10_xxxxx_xxxxxx.msi – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 10
-
-- Surface3_4GLTE-NorthAmericaUnlocked_Win10_xxxxx_xxxxxx.zip – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 10
-
-- Surface3_4GLTE-NorthAmericaUnlocked_Win8x_xxxxx_xxxxxx.msi – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 8.1 Pro
-
-- Surface3_4GLTE-NorthAmericaUnlocked_Win8x_xxxxx_xxxxxx.zip – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 8.1 Pro
-
-- Surface 3 AssetTag.zip – UEFI Asset Tag management tool
-
-- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-
-Download the following updates [for 4G LTE Surface 3 versions for regions outside North America from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49041).
-
-- Surface3_4GLTE-RestOfTheWorld_Win10_xxxxx_xxxxxx.msi – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 10
-
-- Surface3_4GLTE-RestOfTheWorld_Win10_xxxxx_xxxxxx.zip – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 10
-
-- Surface3_4GLTE-RestOfTheWorld_Win8x_xxxxx_xxxxxx.msi – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 8.1 Pro
-
-- Surface3_4GLTE-RestOfTheWorld_Win8x_xxxxx_xxxxxx.zip – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 8.1 Pro
-
-- Surface 3 AssetTag.zip – UEFI Asset Tag management tool
-
-- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1
-
-## Surface Pro 2
-
-
-Download the following updates [for Surface Pro 2 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49042).
-
-- SurfacePro2\_Win10\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
-
-- SurfacePro2\_Win8x\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro
-
-- Surface Ethernet Adapter.zip – x64 Ethernet adapter drivers
-
-- Surface Gigabit Ethernet Adapter.zip – x64 Ethernet adapter drivers
-
-- Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1
-
-## Surface Pro
-
-
-Download the following updates [for Surface Pro (Model 1514) from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49038).
-
-- SurfacePro\_Win10\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10
-
-- Surface Pro 1 - xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro
-
-- Surface Ethernet Adapter.zip – x64 Ethernet adapter drivers
-
-- Surface Gigabit Ethernet Adapter.zip – x64 Ethernet adapter drivers
-
-- Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1
-
-## Surface devices with Windows RT
-
-
+# Deploying the latest firmware and drivers for Surface devices
+Although Surface devices are typically automatically updated with the latest device drivers and firmware via Windows Update, sometimes it's necessary to download and install updates manually, such as during a Windows deployment. If you need to install drivers and firmware separately from Windows Update, you can find the requisite files on the Microsoft Download Center. Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices.
+
+## Deploying MSI files
+Driver and firmware updates for Surface devices containing all required cumulative updates are available as separate MSI files packaged for specific versions of Windows 10. For example, for Surface Pro 6, there are separate MSI files for Windows 10 versions 16299, 17134, and 17763.
+When deploying updates to Surface devices in your organization, you need to first determine the appropriate .MSI file for the Windows version running on your target devices.
+
+### Naming convention for Surface MSI files
+Each .MSI file is named in accordance with a formula that begins with the product and Windows release information, followed by the Windows OS floor number and version number, and ending with the revision of version number:
+
+**Example:**
+SurfacePro6_Win10_16299_1900307_0.msi :
+
+| Product | Windows release | OS floor | Version | Revision of version |
+| --- | --- | --- | --- | --- |
+| SurfacePro6 | Win10 | 16299 | 1900307 | 0 |
+| | | | Indicates key date and sequence information | Indicates release history of the MSI file |
+| | | | **19:** Signifies the year (2019) **003**: Signifies that it’s the third release of 2019 **07**: Signifies the product version number. (Surface Pro 6 is officially the seventh version of Surface Pro.) | **0:** Signifies it's the first release of version 1900307 and has not been re-released for any reason. |
+
+Look to the **version** number to determine the latest files that contain the most recent security updates. For example, you might need to install the newest file from the following list:
+
+
+- SurfacePro6_Win10_16299_1900307_0.msi
+- SurfacePro6_Win10_17134_1808507_3.msi
+- SurfacePro6_Win10_17763_1808707_3.msi
+
+The first file — SurfacePro6_Win10_16299_1900307_0.msi — is the newest because its VERSION field has the newest build in 2019; the other files are from 2018.
+
+### Downloading MSI files
+To download MSI files, refer to the following Microsoft Support page:
+
+- [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface)
+
+
+The following MSI files are available:
+
+- Surface Laptop 2
+- Surface Pro 6
+- Surface Go
+- Surface Go with LTE Advanced
+- Surface Book 2
+- Surface Laptop
+- Surface Pro
+- Surface Pro with LTE Advanced
+- Surface Pro 6
+- Surface Studio
+- Surface Studio 2
+- Surface Book
+- Surface Pro 4
+- Surface Pro 3
+- Surface 3
+- Surface 3 LTE
+- Surface Pro 2
+
+[!NOTE]
There are no downloadable firmware or driver updates available for Surface devices with Windows RT, including Surface RT and Surface 2. Updates can only be applied using Windows Update.
-If you have additional questions on the driver pack and updates, please contact [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business).
+For more information about deploying Surface drivers and firmware, refer to:
+
+- [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates).
+
+- [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business).
-
diff --git a/devices/surface/docfx.json b/devices/surface/docfx.json
index 86d594455f..9bae9c245d 100644
--- a/devices/surface/docfx.json
+++ b/devices/surface/docfx.json
@@ -9,7 +9,7 @@
],
"resource": [
{
- "files": ["**/images/**", "**/*.json"],
+ "files": ["**/images/**"],
"exclude": ["**/obj/**"]
}
],
@@ -33,6 +33,7 @@
"externalReference": [
],
"template": "op.html",
- "dest": "devices/surface"
+ "dest": "devices/surface",
+ "markdownEngineName": "dfm"
}
}
\ No newline at end of file
diff --git a/devices/surface/enroll-and-configure-surface-devices-with-semm.md b/devices/surface/enroll-and-configure-surface-devices-with-semm.md
index 086d18eead..0c64b39169 100644
--- a/devices/surface/enroll-and-configure-surface-devices-with-semm.md
+++ b/devices/surface/enroll-and-configure-surface-devices-with-semm.md
@@ -35,13 +35,13 @@ To create a Surface UEFI configuration package, follow these steps:
2. Click **Start**.
3. Click **Configuration Package**, as shown in Figure 1.
- 
+ 
*Figure 1. Select Configuration Package to create a package for SEMM enrollment and configuration*
4. Click **Certificate Protection** to add your exported certificate file with private key (.pfx), as shown in Figure 2. Browse to the location of your certificate file, select the file, and then click **OK**.
- 
+ 
*Figure 2. Add the SEMM certificate and Surface UEFI password to a Surface UEFI configuration package*
@@ -57,14 +57,14 @@ To create a Surface UEFI configuration package, follow these steps:
9. Click **Next**.
10. If you want to deactivate a component on managed Surface devices, on the **Choose which components you want to activate or deactivate** page, click the slider next to any device or group of devices you want to deactivate so that the slider is in the **Off** position. (Shown in Figure 4.) The default configuration for each device is **On**. Click the **Reset** button if you want to return all sliders to the default position.
- 
+ 
*Figure 4. Disable or enable individual Surface components*
11. Click **Next**.
12. To enable or disable advanced options in Surface UEFI or the display of Surface UEFI pages, on the **Choose the advanced settings for your devices** page, click the slider beside the desired setting to configure that option to **On** or **Off** (shown in Figure 5). In the **UEFI Front Page** section, you can use the sliders for **Security**, **Devices**, and **Boot** to control what pages are available to users who boot into Surface UEFI. (For more information about Surface UEFI settings, see [Manage Surface UEFI settings](https://technet.microsoft.com/itpro/surface/manage-surface-uefi-settings).) Click **Build** when you have finished selecting options to generate and save the package.
- 
+ 
*Figure 5. Control advanced Surface UEFI settings and Surface UEFI pages with SEMM*
@@ -74,7 +74,7 @@ To create a Surface UEFI configuration package, follow these steps:
>[!NOTE]
>Record the certificate thumbprint characters that are displayed on this page, as shown in Figure 6. You will need these characters to confirm enrollment of new Surface devices in SEMM. Click **End** to complete package creation and close Microsoft Surface UEFI Configurator.
-
+
*Figure 6. The last two characters of the certificate thumbprint are displayed on the Successful page*
@@ -138,4 +138,4 @@ If you have not secured Surface UEFI with a password or a user enters the passwo
-*Figure 12. Settings managed by SEMM will be disabled in Surface UEFI*
\ No newline at end of file
+*Figure 12. Settings managed by SEMM will be disabled in Surface UEFI*
diff --git a/devices/surface/ethernet-adapters-and-surface-device-deployment.md b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
index 2e6455f840..46c4dda2d0 100644
--- a/devices/surface/ethernet-adapters-and-surface-device-deployment.md
+++ b/devices/surface/ethernet-adapters-and-surface-device-deployment.md
@@ -32,9 +32,9 @@ Booting from the network (PXE boot) is only supported when you use an Ethernet a
The following Ethernet devices are supported for network boot with Surface devices:
-- Surface USB to Ethernet adapter
+- Surface USB-C to Ethernet and USB 3.0 Adapter
-- Surface USB 3.0 Ethernet adapter
+- Surface USB 3.0 to Gigabit Ethernet Adapter
- Surface Dock
diff --git a/devices/surface/images/assettag-fig1.png b/devices/surface/images/assettag-fig1.png
new file mode 100644
index 0000000000..5ccb36c85f
Binary files /dev/null and b/devices/surface/images/assettag-fig1.png differ
diff --git a/devices/surface/images/discovertools.png b/devices/surface/images/discovertools.png
new file mode 100644
index 0000000000..2568398824
Binary files /dev/null and b/devices/surface/images/discovertools.png differ
diff --git a/devices/surface/images/managefirmware.png b/devices/surface/images/managefirmware.png
new file mode 100644
index 0000000000..392bcc601c
Binary files /dev/null and b/devices/surface/images/managefirmware.png differ
diff --git a/devices/surface/images/managesettings.png b/devices/surface/images/managesettings.png
new file mode 100644
index 0000000000..0f0567f97c
Binary files /dev/null and b/devices/surface/images/managesettings.png differ
diff --git a/devices/surface/images/mdt.png b/devices/surface/images/mdt.png
new file mode 100644
index 0000000000..e185c8c501
Binary files /dev/null and b/devices/surface/images/mdt.png differ
diff --git a/devices/surface/images/powerintrofig1.png b/devices/surface/images/powerintrofig1.png
new file mode 100644
index 0000000000..d33b9922fd
Binary files /dev/null and b/devices/surface/images/powerintrofig1.png differ
diff --git a/devices/surface/images/powerintrofig1a.png b/devices/surface/images/powerintrofig1a.png
new file mode 100644
index 0000000000..e704b940c9
Binary files /dev/null and b/devices/surface/images/powerintrofig1a.png differ
diff --git a/devices/surface/images/powerintrofig2.png b/devices/surface/images/powerintrofig2.png
new file mode 100644
index 0000000000..eea52a8f3d
Binary files /dev/null and b/devices/surface/images/powerintrofig2.png differ
diff --git a/devices/surface/images/powerintrofig2a.png b/devices/surface/images/powerintrofig2a.png
new file mode 100644
index 0000000000..e00fe81105
Binary files /dev/null and b/devices/surface/images/powerintrofig2a.png differ
diff --git a/devices/surface/images/powerintrofig3.png b/devices/surface/images/powerintrofig3.png
new file mode 100644
index 0000000000..08e9cd36a3
Binary files /dev/null and b/devices/surface/images/powerintrofig3.png differ
diff --git a/devices/surface/images/powerintrofig4.png b/devices/surface/images/powerintrofig4.png
new file mode 100644
index 0000000000..f983673f35
Binary files /dev/null and b/devices/surface/images/powerintrofig4.png differ
diff --git a/devices/surface/images/preparewindowsdeployment.png b/devices/surface/images/preparewindowsdeployment.png
new file mode 100644
index 0000000000..d7c04abc9e
Binary files /dev/null and b/devices/surface/images/preparewindowsdeployment.png differ
diff --git a/devices/surface/images/sccm.png b/devices/surface/images/sccm.png
new file mode 100644
index 0000000000..754f2ef89f
Binary files /dev/null and b/devices/surface/images/sccm.png differ
diff --git a/devices/surface/images/sda.png b/devices/surface/images/sda.png
new file mode 100644
index 0000000000..b9433dcd4a
Binary files /dev/null and b/devices/surface/images/sda.png differ
diff --git a/devices/surface/images/sdt-1.png b/devices/surface/images/sdt-1.png
new file mode 100644
index 0000000000..fb10753608
Binary files /dev/null and b/devices/surface/images/sdt-1.png differ
diff --git a/devices/surface/images/sdt-2.png b/devices/surface/images/sdt-2.png
new file mode 100644
index 0000000000..be951967f0
Binary files /dev/null and b/devices/surface/images/sdt-2.png differ
diff --git a/devices/surface/images/sdt-3.png b/devices/surface/images/sdt-3.png
new file mode 100644
index 0000000000..0d3077cc1b
Binary files /dev/null and b/devices/surface/images/sdt-3.png differ
diff --git a/devices/surface/images/sdt-4.png b/devices/surface/images/sdt-4.png
new file mode 100644
index 0000000000..babddbb240
Binary files /dev/null and b/devices/surface/images/sdt-4.png differ
diff --git a/devices/surface/images/sdt-5.png b/devices/surface/images/sdt-5.png
new file mode 100644
index 0000000000..5c5346d93a
Binary files /dev/null and b/devices/surface/images/sdt-5.png differ
diff --git a/devices/surface/images/sdt-6.png b/devices/surface/images/sdt-6.png
new file mode 100644
index 0000000000..acf8e684b3
Binary files /dev/null and b/devices/surface/images/sdt-6.png differ
diff --git a/devices/surface/images/sdt-7.png b/devices/surface/images/sdt-7.png
new file mode 100644
index 0000000000..5e16961c6b
Binary files /dev/null and b/devices/surface/images/sdt-7.png differ
diff --git a/devices/surface/images/sdt-desk-1.png b/devices/surface/images/sdt-desk-1.png
new file mode 100644
index 0000000000..f1ecc03b30
Binary files /dev/null and b/devices/surface/images/sdt-desk-1.png differ
diff --git a/devices/surface/images/sdt-desk-2.png b/devices/surface/images/sdt-desk-2.png
new file mode 100644
index 0000000000..3d066cb3e5
Binary files /dev/null and b/devices/surface/images/sdt-desk-2.png differ
diff --git a/devices/surface/images/sdt-desk-3.png b/devices/surface/images/sdt-desk-3.png
new file mode 100644
index 0000000000..bbd9709300
Binary files /dev/null and b/devices/surface/images/sdt-desk-3.png differ
diff --git a/devices/surface/images/sdt-desk-4.png b/devices/surface/images/sdt-desk-4.png
new file mode 100644
index 0000000000..f533646605
Binary files /dev/null and b/devices/surface/images/sdt-desk-4.png differ
diff --git a/devices/surface/images/sdt-desk-5.png b/devices/surface/images/sdt-desk-5.png
new file mode 100644
index 0000000000..664828762e
Binary files /dev/null and b/devices/surface/images/sdt-desk-5.png differ
diff --git a/devices/surface/images/sdt-desk-6.png b/devices/surface/images/sdt-desk-6.png
new file mode 100644
index 0000000000..1b9ce9f7e2
Binary files /dev/null and b/devices/surface/images/sdt-desk-6.png differ
diff --git a/devices/surface/images/surface-ent-mgmt-fig1-uefi-configurator.png b/devices/surface/images/surface-ent-mgmt-fig1-uefi-configurator.png
index 7ed392d31d..e8fb93a1a7 100644
Binary files a/devices/surface/images/surface-ent-mgmt-fig1-uefi-configurator.png and b/devices/surface/images/surface-ent-mgmt-fig1-uefi-configurator.png differ
diff --git a/devices/surface/images/surface-ent-mgmt-fig2-securepackage.png b/devices/surface/images/surface-ent-mgmt-fig2-securepackage.png
index a1316359d3..fa47419ca0 100644
Binary files a/devices/surface/images/surface-ent-mgmt-fig2-securepackage.png and b/devices/surface/images/surface-ent-mgmt-fig2-securepackage.png differ
diff --git a/devices/surface/images/surface-ent-mgmt-fig3-enabledisable.png b/devices/surface/images/surface-ent-mgmt-fig3-enabledisable.png
index 39b0c797e7..0a34907def 100644
Binary files a/devices/surface/images/surface-ent-mgmt-fig3-enabledisable.png and b/devices/surface/images/surface-ent-mgmt-fig3-enabledisable.png differ
diff --git a/devices/surface/images/surface-ent-mgmt-fig4-advancedsettings.png b/devices/surface/images/surface-ent-mgmt-fig4-advancedsettings.png
index 405e8c4d7e..f425466056 100644
Binary files a/devices/surface/images/surface-ent-mgmt-fig4-advancedsettings.png and b/devices/surface/images/surface-ent-mgmt-fig4-advancedsettings.png differ
diff --git a/devices/surface/images/surface-ent-mgmt-fig5-success.png b/devices/surface/images/surface-ent-mgmt-fig5-success.png
index 508f76533c..e671570fee 100644
Binary files a/devices/surface/images/surface-ent-mgmt-fig5-success.png and b/devices/surface/images/surface-ent-mgmt-fig5-success.png differ
diff --git a/devices/surface/images/surfaceblog.png b/devices/surface/images/surfaceblog.png
new file mode 100644
index 0000000000..d5bef3dc3d
Binary files /dev/null and b/devices/surface/images/surfaceblog.png differ
diff --git a/devices/surface/images/surfacebook.png b/devices/surface/images/surfacebook.png
new file mode 100644
index 0000000000..d27cf05820
Binary files /dev/null and b/devices/surface/images/surfacebook.png differ
diff --git a/devices/surface/images/surfacemechanics.png b/devices/surface/images/surfacemechanics.png
new file mode 100644
index 0000000000..3d42daaed2
Binary files /dev/null and b/devices/surface/images/surfacemechanics.png differ
diff --git a/devices/surface/images/surfacepro.png b/devices/surface/images/surfacepro.png
new file mode 100644
index 0000000000..c036b2ad3a
Binary files /dev/null and b/devices/surface/images/surfacepro.png differ
diff --git a/devices/surface/images/surfacestudio.png b/devices/surface/images/surfacestudio.png
new file mode 100644
index 0000000000..c41bbbf0f7
Binary files /dev/null and b/devices/surface/images/surfacestudio.png differ
diff --git a/devices/surface/images/twitter.png b/devices/surface/images/twitter.png
new file mode 100644
index 0000000000..c61827284e
Binary files /dev/null and b/devices/surface/images/twitter.png differ
diff --git a/devices/surface/images/windows10.png b/devices/surface/images/windows10.png
new file mode 100644
index 0000000000..e48690853c
Binary files /dev/null and b/devices/surface/images/windows10.png differ
diff --git a/devices/surface/images/windows10upgradepath.png b/devices/surface/images/windows10upgradepath.png
new file mode 100644
index 0000000000..c008e446ea
Binary files /dev/null and b/devices/surface/images/windows10upgradepath.png differ
diff --git a/devices/surface/index.md b/devices/surface/index.md
index 20d2c00e79..e559820d25 100644
--- a/devices/surface/index.md
+++ b/devices/surface/index.md
@@ -31,6 +31,7 @@ For more information on planning for, deploying, and managing Surface devices in
| [Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices](enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md) | Find out how to enable support for PEAP, EAP-FAST, or Cisco LEAP protocols on your Surface device. |
| [Manage Surface UEFI settings](manage-surface-uefi-settings.md) | Use Surface UEFI settings to enable or disable devices, configure security settings, and adjust Surface device boot settings. |
| [Surface Enterprise Management Mode](surface-enterprise-management-mode.md) | See how this feature of Surface devices with Surface UEFI allows you to secure and manage firmware settings within your organization. |
+| [Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md) | Learn how to investigate, troubleshoot, and resolve hardware, software, and firmware issues with Surface devices. |
| [Surface Data Eraser](microsoft-surface-data-eraser.md) | Find out how the Microsoft Surface Data Eraser tool can help you securely wipe data from your Surface devices. |
| [Top support solutions for Surface devices](support-solutions-surface.md) | These are the top Microsoft Support solutions for common issues experienced using Surface devices in an enterprise. |
| [Change history for Surface documentation](change-history-for-surface.md) | This topic lists new and updated topics in the Surface documentation library. |
diff --git a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
new file mode 100644
index 0000000000..ce172d5600
--- /dev/null
+++ b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
@@ -0,0 +1,155 @@
+---
+title: Maintain optimal power settings
+description: This topic provides best practice recommendations for maintaining optimal power settings and explains how Surface streamlines the power management experience.
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: coveminer
+ms.author: v-jokai
+ms.topic: article
+ms.date: 01/17/2019
+---
+
+# Maintain optimal power settings on Surface devices
+
+Surface devices are designed to take advantage of the latest advances in
+mobile device energy consumption to deliver a streamlined experience
+optimized across workloads. Depending on what you’re doing, Surface
+dynamically fine tunes how power flows to individual hardware
+components, momentarily waking up system components to handle background
+tasks -- such as an incoming email or network traffic -- before returning to a
+low power idle state (S0ix).
+
+The way Surface implements power management differs significantly from
+the earlier OS standard that gradually reduces and turns off power via a
+series of sleep states (S1, S2, S3).
+
+Instead, Surface is imaged with a custom power profile that replaces
+legacy sleep and energy consumption functionality with modern standby
+features and dynamic fine tuning. This custom power profile is
+implemented via the Surface Serial Hub Driver and the system aggregator
+module (SAM). The SAM chip functions as the Surface device power-policy
+owner, using algorithms to calculate optimal power requirements. It
+works in conjunction with Windows power manager to allocate or throttle
+only the exact amount of power required for hardware components to
+function.
+
+## Modern Standby
+
+The algorithmically embedded custom power profile enables modern standby
+connectivity for Surface by maintaining a low power state for
+instant on/instant off functionality typical of smartphones. S0ix, also
+known as Deepest Runtime Idle Platform State (DRIPS), is the default
+power mode for Surface devices. Modern standby has two modes:
+
+ - **Connected standby.** The default mode for up-to-the minute
+ delivery of emails, messaging, and cloud-synced data, connected
+ standby keeps Wi-Fi on and maintains network connectivity.
+
+ - **Disconnected standby.** An optional mode for extended battery
+ life, disconnected standby delivers the same instant-on experience
+ and saves power by turning off Wi-Fi, Bluetooth, and related network
+ connectivity.
+
+To learn more about modern standby, refer to the [Microsoft Hardware Dev
+Center](https://docs.microsoft.com/windows-hardware/design/device-experiences/modern-standby-wake-sources).
+
+## How Surface streamlines the power management experience
+
+Surface integrates the following features designed to help users
+optimize the power management experience:
+
+ - [Singular power plan](#singular-power-plan)
+
+ - [Simplified power settings user
+ interface](#simplified-power-settings-user-interface)
+
+ - [Windows performance power
+ slider](#windows-performance-power-slider)
+
+### Singular power plan
+
+Surface is designed for a streamlined power management experience that
+eliminates the need to create custom power plans or manually configure
+power settings. Microsoft streamlines the user
+experience by delivering a single power plan (balanced) that replaces
+the multiple power plans from standard Windows builds.
+
+### Simplified power settings user interface
+Surface provides a simplified UI in accord with best practice power
+setting recommendations. In general, it's recommended to only adjust settings visible in the default user interface and avoid configuring advanced power settings or Group Policy settings. Using the default screen and sleep timeouts while avoiding maximum
+brightness levels are the most effective ways for users to maintain
+extended battery life.
+
+
+
+Figure 1. Simplified power and sleep settings
+
+### Windows performance power slider
+
+Surface devices running Windows 10 build 1709 and later include a power
+slider allowing you to prioritize battery life when needed or favor performance if desired. You
+can access the power slider from the taskbar by clicking on the battery
+icon. Slide left for longer battery life (battery saver mode) or slide
+right for faster performance.
+
+
+
+Figure 2. Power slider
+
+Power slider enables four states as described in the following table:
+
+| Slider mode| Description |
+|---|---|
+| Battery saver| Helps conserve power and prolong battery life when the system is disconnected from a power source. When battery saver is on, some Windows features are disabled, throttled, or behave differently. Screen brightness is also reduced. Battery saver is only available when using battery power (DC). To learn more, see [Battery Saver](https://docs.microsoft.com/en-us/windows-hardware/design/component-guidelines/battery-saver).|
+| Recommended | Delivers longer battery life than the default settings in earlier versions of Windows. |
+| Better Performance | Slightly favors performance over battery life, functioning as the default slider mode. |
+| Best Performance | Favors performance over power for workloads requiring maximum performance and responsiveness, regardless of battery power consumption.|
+
+Power slider modes directly control specific hardware components shown
+in the following table.
+
+| Component | Slider functionality |
+|---|---|
+| Intel Speed Shift (CPU energy registers) and Energy Performance Preference hint. | Selects the best operating frequency and voltage for optimal performance and power. The Energy Performance Preference (PERFEPP) is a global power efficiency hint to the CPU. |
+| Fan speed (RPM)| Where applicable, adjusts for changing conditions such as keeping fan silent in battery saver slider mode.|
+| Processor package power limits (PL1/PL2).| Requires the CPU to manage its frequency choices to accommodate a running average power limit for both steady state (PL1) and turbo (PL2) workloads.|
+| Processor turbo frequency limits (IA turbo limitations). | Adjusts processor and graphics performance allowing processor cores to run faster or slower than the rated operating frequency. |
+
+>[!NOTE]
+>The power slider is entirely independent of operating system power settings whether configured from Control Panel/ Power Options, Group Policy, or related methods.
+
+To learn more, see:
+
+- [Customize the Windows performance power
+ slider](https://docs.microsoft.com/windows-hardware/customize/desktop/customize-power-slider)
+
+- [Battery
+ saver.](https://docs.microsoft.com/windows-hardware/design/component-guidelines/battery-saver)
+
+## Best practices for extended battery life
+
+
+| Best practice | Go to | Next steps |
+|---|---|---|
+| Ensure your Surface device is up to date| Windows Update | In the taskbar search box, type **Windows Update** and select **Check for updates**. |
+| Choose the best power setting for what you’re doing | Power slider | In the taskbar, select the battery icon, then choose **Best performance**, **Best battery life**, or somewhere in between.|
+| Conserve battery when it’s low | Battery saver | In the taskbar, select the battery icon and click **Battery settings**. Select **Turn battery saver on automatically if my battery falls below** and then move the slider further to the right for longer battery life. |
+| Configure optimal screen brightness | Battery saver | In the taskbar, select the battery icon and click **Battery settings**, select **Lower screen brightness while in battery saver**. |
+| Conserve power whenever you’re not plugged in | Battery saver| Select **Turn on battery saver status until next charge**.|
+| Investigate problems with your power settings. | Power troubleshooter | In the Taskbar search for troubleshoot, select **Troubleshoot**, and then select **Power** and follow the instructions.|
+| Check app usage | Your apps | Close apps.|
+| Check your power cord for any damage.| Your power cord | Replace power cord if worn or damaged.|
+
+# Learn more
+
+- [Modern
+ standby](https://docs.microsoft.com/windows-hardware/design/device-experiences/modern-standby-wake-sources)
+
+
+
+- [Customize the Windows performance power
+ slider](https://docs.microsoft.com/windows-hardware/customize/desktop/customize-power-slider)
+
+- [Battery
+ saver](https://docs.microsoft.com/windows-hardware/design/component-guidelines/battery-saver)
diff --git a/devices/surface/manage-surface-dock-firmware-updates.md b/devices/surface/manage-surface-dock-firmware-updates.md
deleted file mode 100644
index 45bf61629f..0000000000
--- a/devices/surface/manage-surface-dock-firmware-updates.md
+++ /dev/null
@@ -1,124 +0,0 @@
----
-title: Manage Surface Dock firmware updates (Surface)
-description: Read about the different methods you can use to manage the process of Surface Dock firmware updates.
-ms.assetid: 86DFC0C0-C842-4CD1-A2D7-4425471FFE3F
-ms.localizationpriority: medium
-keywords: firmware, update, install, drivers
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.pagetype: surface, devices
-ms.sitesec: library
-author: jobotto
-ms.author: jdecker
-ms.topic: article
-ms.date: 07/27/2017
----
-
-# Manage Surface Dock firmware updates
-
-
-Read about the different methods you can use to manage the process of Surface Dock firmware updates.
-
-The Surface Dock provides external connectivity to Surface devices through a single cable connection that includes Power, Ethernet, Audio, USB 3.0, and DisplayPort. The numerous connections provided by the Surface Dock are enabled by a smart chipset within the Surface Dock device. Like a Surface device’s chipset, the chipset that is built into the Surface Dock is controlled by firmware. For more information about the Surface Dock, see the [Surface Dock demonstration](https://technet.microsoft.com/mt697552) video.
-
-Like the firmware for Surface devices, firmware for Surface Dock is also contained within a downloaded driver that is visible in Device Manager. This driver stages the firmware update files on the Surface device. When a Surface Dock is connected and the driver is loaded, the newer version of the firmware staged by the driver is detected and firmware files are copied to the Surface Dock. The Surface Dock then begins a two-phase process to apply the firmware internally. Each phase requires the Surface Dock to be disconnected from the Surface device before the firmware is applied. The driver copies the firmware into the dock, but only applies it when the user disconnects the Surface device from the Surface Dock. This ensures that there are no disruptions because the firmware is only applied when the user leaves their desk with the device.
-
-
->[!NOTE]
->You can learn more about the firmware update process for Surface devices and how firmware is updated through driver installation at the following links:
->- [How to manage and update Surface drivers and firmware](https://technet.microsoft.com/mt697551) from Microsoft Mechanics
->- [Windows Update Makes Surface Better](https://go.microsoft.com/fwlink/p/?LinkId=785354) on the Microsoft Devices Blog
-
-
-
-
-The Surface Dock firmware update process shown in Figure 1 follows these steps:
-
-1. Drivers for Surface Dock are installed on Surface devices that are connected, or have been previously connected, to a Surface Dock.
-
-2. The drivers for Surface Dock are loaded when a Surface Dock is connected to the Surface device.
-
-3. The firmware version installed in the Surface Dock is compared with the firmware version staged by the Surface Dock driver.
-
-4. If the firmware version on the Surface Dock is older than the firmware version contained in the Surface Dock driver, the main chipset firmware update files are copied from the driver to the Surface Dock.
-
-5. When the Surface Dock is disconnected, the Surface Dock installs the firmware update to the main chipset.
-
-6. When the Surface Dock is connected again, the main chipset firmware is verified against the firmware present in the Surface Dock driver.
-
-7. If the firmware update for the main chipset is installed successfully, the Surface Dock driver copies the firmware update for the DisplayPort.
-
-8. When the Surface Dock is disconnected for a second time, the Surface dock installs the firmware update to the DisplayPort chipset. This process takes up to 3 minutes to apply.
-
-
-
-*1- Driver installation can be performed by Windows Update, manual installation, or automatically downloaded with Microsoft Surface Dock Updater*
-
-*2 - The Surface Dock firmware installation process takes approximately 3 minutes*
-
-Figure 1. The Surface Dock firmware update process
-
-If the firmware installation process is interrupted (for example, if power is disconnected from the Surface Dock during firmware installation), the Surface Dock will automatically revert to the prior firmware without disruption to the user, and the update process will restart the next time the Surface Dock is disconnected. For most users this update process should be entirely transparent.
-
-## Methods for updating Surface Dock firmware
-
-
-There are three methods you can use to update the firmware of the Surface Dock:
-
-- [Automatic installation of drivers with Windows Update](#automatic-installation)
-
-- [Deployment of drivers downloaded from the Microsoft Download Center](#deployment-dlc)
-
-- [Manually update with Microsoft Surface Dock Updater](#manual-updater)
-
-## Automatic installation with Windows Update
-
-
-Windows Update is the method that most users will use. The drivers for the Surface Dock are downloaded automatically from Windows Update and the dock update process is initiated without additional user interaction. The two-phase dock update process described earlier occurs in the background as the user connects and disconnects the Surface Dock during normal use.
-
->[!NOTE]
->The driver version that is displayed in Device Manager may be different from the firmware version that the Surface Dock is using.
-
-
-
-## Deployment of drivers downloaded from the Microsoft Download Center
-
-
-This method is used mostly in environments where Surface device drivers and firmware are managed separately from Windows Update. See [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md) for more information about the different methods to manage Surface device driver and firmware updates. Updating the Surface Dock firmware through this method involves downloading and deploying an MSI package to the Surface device that contains the updated Surface Dock drivers and firmware. This is the same method recommended for updating all other Surface drivers and firmware. The two-phase firmware update process occurs in the background each time the Surface Dock is disconnected, just like it does with the Windows Update method.
-
-For more information about how to deploy MSI packages see [Create and deploy an application with System Center Configuration Manager](https://docs.microsoft.com/sccm/apps/get-started/create-and-deploy-an-application).
-
->[!NOTE]
->When drivers are installed through Windows Update or the MSI package, registry keys are added that indicate the version of firmware installed on the Surface Dock and contained within the Surface Dock driver. These registry keys can be found in:
-> **HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\WUDF\\Services\\SurfaceDockFwUpdate\\Parameters**
-
-Firmware status is displayed for both the main chipset (displayed as **Component10**) and the DisplayPort chipset (displayed as **Component20**). For each chipset there are four keys, where *xx* is **10** or **20** corresponding to each chipset:
-
-- **Component*xx*CurrentFwVersion** – This key displays the version of firmware that is installed on the currently connected or most recently connected Surface Dock.
-
-- **Component*xx*OfferFwVersion** – This key displays the version of firmware staged by the Surface Dock driver.
-
-- **Component*xx*FirmwareUpdateStatus** – This key displays the stage of the Surface Dock firmware update process.
-
-- **Component*xx*FirmwareUpdateStatusRejectReason** – This key changes as the firmware update is processed. It should result in 0 after the successful installation of Surface Dock firmware.
-
->[!NOTE]
->These registry keys are not present unless you have installed updated Surface Dock drivers through Windows Update or MSI deployment.
-
-
-
-## Manually update with Microsoft Surface Dock Updater
-
-
-The manual method using the Microsoft Surface Dock Updater tool to update the Surface Dock is used mostly in environments where IT prepares Surface Docks prior to delivery to the end user, or for troubleshooting of a Surface Dock. Microsoft Surface Dock Updater is a tool that you can run from any Surface device that is compatible with the Surface Dock, and will walk you through the process of performing the Surface Dock firmware update in the least possible amount of time. You can also use this tool to verify the firmware status of a connected Surface Dock.
-
-For more information about how to use the Microsoft Surface Dock Updater tool, please see [Microsoft Surface Dock Updater](surface-dock-updater.md). You can download the Microsoft Surface Dock Updater tool from the [Surface Tools for IT page](https://www.microsoft.com/download/details.aspx?id=46703) on the Microsoft Download Center.
-
-
-
-
-
-
-
-
-
diff --git a/devices/surface/microsoft-surface-brightness-control.md b/devices/surface/microsoft-surface-brightness-control.md
new file mode 100644
index 0000000000..b9910dfc97
--- /dev/null
+++ b/devices/surface/microsoft-surface-brightness-control.md
@@ -0,0 +1,64 @@
+---
+title: Surface Brightness Control
+description: This topic describes how you can use the Surface Brightness Control app to manage display brightness in point-of-sale and kiosk scenarios.
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.pagetype: surface, devices
+ms.sitesec: library
+author: coveminer
+ms.author: jdecker
+ms.topic: article
+ms.date: 1/15/2019
+---
+
+# Surface Brightness Control
+
+When deploying Surface devices in point of sale or other “always-on”
+kiosk scenarios, you can optimize power management using the new Surface
+Brightness Control app.
+
+Available for download with [Surface Tools for
+IT](https://www.microsoft.com/download/details.aspx?id=46703), Surface Brightness Control is
+designed to help reduce thermal load and lower the overall carbon
+footprint for deployed Surface devices. The tool automatically dims the screen when not in use and
+includes the following configuration options:
+
+ - Period of inactivity before dimming the display.
+
+ - Brightness level when dimmed.
+
+ - Maximum brightness level when in use.
+
+**To run Surface Brightness Control:**
+
+ - Install surfacebrightnesscontrol.msi on the target device and Surface Brightness Control
+ will begin working immediately.
+
+## Configuring Surface Brightness Control
+
+You can adjust the default values via the Windows Registry. For more
+information about using the Windows Registry, refer to the [Registry
+documentation](https://docs.microsoft.com/windows/desktop/sysinfo/registry).
+
+1. Run regedit from a command prompt to open the Windows Registry
+ Editor.
+
+ - Computer\HKEY\_LOCAL\_MACHINE\SOFTWARE\Microsoft\Surface\Surface
+ Brightness Control\
+
+
+| Registry Setting | Data| Description
+|-----------|------------|---------------
+| Brightness Control Enabled | Default: 01 Option: 01, 00 Type: REG_BINARY | This setting allows you to turn Surface Brightness Control on or off. To disable Surface Brightness Control, set the value to 00. If you do not configure this setting, Surface Brightness Control is on. |
+| Brightness Control On Power Enabled| Default: 01 Options: 01, 00 Type: REG_BINARY | This setting allows you to turn off Surface Brightness Control when the device is directly connected to power. To disable Surface Brightness Control when power is plugged in, set the value to 00. If you do not configure this setting, Surface Brightness Control is on. |
+| Dimmed Brightness | Default: 20 Option: Range of 0-100 percent of screen brightness Data Type: Positive integer Type: REG_DWORD | This setting allows you to manage brightness range during periods of inactivity. If you do not configure this setting, the brightness level will drop to 20 percent of full brightness after 30 seconds of inactivity. |
+Full Brightness | Default: 100 Option: Range of 0-100 percent of screen brightness Data Type: Positive integer Type: REG_DWORD | This setting allows you to manage the maximum brightness range for the device. If you do not configure this setting, the maximum brightness range is 100 percent.|
+| Inactivity Timeout| Default: 30 seconds Option: Any numeric value Data Type: Integer Type: REG_DWORD | This setting allows you to manage the period of inactivity before dimming the device. If you do not configure this setting, the inactivity timeout is 30 seconds.|
+| Telemetry Enabled | Default: 01 Option: 01, 00 Type: REG_BINARY | This setting allows you to manage the sharing of app usage information to improve software and provide better user experience. To disable telemetry, set the value to 00. If you do not configure this setting, telemetry information is shared with Microsoft in accordance with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). |
+
+
+
+## Related topics
+
+- [Battery limit setting](battery-limit.md)
+
diff --git a/devices/surface/microsoft-surface-data-eraser.md b/devices/surface/microsoft-surface-data-eraser.md
index 3e3aa60025..23e0c2dd91 100644
--- a/devices/surface/microsoft-surface-data-eraser.md
+++ b/devices/surface/microsoft-surface-data-eraser.md
@@ -57,6 +57,9 @@ Some scenarios where Microsoft Surface Data Eraser can be helpful include:
>[!NOTE]
>Because the ability to boot to USB is required to run Microsoft Surface Data Eraser, if the device is not configured to boot from USB or if the device is unable to boot or POST successfully, the Microsoft Surface Data Eraser tool will not function.
+>[!NOTE]
+>Surface Data Eraser on Surface Studio and Surface Studio 2 can take up to 6 minutes to boot into WinPE before disk erasure can occur.
+
## How to create a Microsoft Surface Data Eraser USB stick
@@ -150,6 +153,22 @@ After you create a Microsoft Surface Data Eraser USB stick, you can boot a suppo
Microsoft Surface Data Eraser is periodically updated by Microsoft. For information about the changes provided in each new version, see the following:
+### Version 3.2.78.0
+*Release Date: 4 Dec 2018*
+
+This version of Surface Data Eraser:
+
+- Includes bug fixes
+
+
+### Version 3.2.75.0
+*Release Date: 12 November 2018*
+
+This version of Surface Data Eraser:
+
+- Adds support to Surface Studio 2
+- Fixes issues with SD card
+
### Version 3.2.69.0
*Release Date: 12 October 2018*
diff --git a/devices/surface/surface-diagnostic-toolkit-business.md b/devices/surface/surface-diagnostic-toolkit-business.md
new file mode 100644
index 0000000000..0a73499333
--- /dev/null
+++ b/devices/surface/surface-diagnostic-toolkit-business.md
@@ -0,0 +1,165 @@
+---
+title: Surface Diagnostic Toolkit for Business
+description: This topic explains how to use the Surface Diagnostic Toolkit for Business.
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: jdeckerms
+ms.author: jdecker
+ms.topic: article
+ms.date: 11/15/2018
+---
+
+# Surface Diagnostic Toolkit for Business
+
+The Microsoft Surface Diagnostic Toolkit for Business (SDT) enables IT administrators to quickly investigate, troubleshoot, and resolve hardware, software, and firmware issues with Surface devices. You can run a range of diagnostic tests and software repairs in addition to obtaining device health insights and guidance for resolving issues.
+
+Specifically, SDT for Business enables you to:
+
+- [Customize the package.](#create-custom-sdt)
+- [Run the app using commands.](surface-diagnostic-toolkit-command-line.md)
+- [Run multiple hardware tests to troubleshoot issues.](surface-diagnostic-toolkit-desktop-mode.md#multiple)
+- [Generate logs for analyzing issues.](surface-diagnostic-toolkit-desktop-mode.md#logs)
+- [Obtain detailed report comparing device vs optimal configuration.](surface-diagnostic-toolkit-desktop-mode.md#detailed-report)
+
+
+## Primary scenarios and download resources
+
+To run SDT for Business, download the components listed in the following table.
+
+>[!NOTE]
+>In contrast to the way you typically install MSI packages, the SDT distributable MSI package can only be created by running Windows Installer (msiexec.exe) at a command prompt and setting the custom flag `ADMINMODE = 1`. For details, see [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md).
+
+Mode | Primary scenarios | Download | Learn more
+--- | --- | --- | ---
+Desktop mode | Assist users in running SDT on their Surface devices to troubleshoot issues. Create a custom package to deploy on one or more Surface devices allowing users to select specific logs to collect and analyze. | SDT distributable MSI package: Microsoft Surface Diagnostic Toolkit for Business Installer [Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Use Surface Diagnostic Toolkit in desktop mode](surface-diagnostic-toolkit-desktop-mode.md)
+Command line | Directly troubleshoot Surface devices remotely without user interaction, using standard tools such as Configuration Manager. It includes the following commands: `-DataCollector` collects all log files `-bpa` runs health diagnostics using Best Practice Analyzer. `-windowsupdate` checks Windows update for missing firmware or driver updates.
**Note:** Support for the ability to confirm warranty information will be available via the command `-warranty` | SDT console app: Microsoft Surface Diagnostics App Console [Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md)
+
+## Supported devices
+
+SDT for Business is supported on Surface 3 and later devices, including:
+
+- Surface Pro 6
+- Surface Laptop 2
+- Surface Go
+- Surface Go with LTE
+- Surface Book 2
+- Surface Pro with LTE Advanced (Model 1807)
+- Surface Pro (Model 1796)
+- Surface Laptop
+- Surface Studio
+- Surface Studio 2
+- Surface Book
+- Surface Pro 4
+- Surface 3 LTE
+- Surface 3
+- Surface Pro 3
+
+## Installing Surface Diagnostic Toolkit for Business
+
+To create an SDT package that you can distribute to users in your organization, you first need to install SDT at a command prompt and set a custom flag to install the tool in admin mode. SDT contains the following install option flags:
+
+- `SENDTELEMETRY` sends telemetry data to Microsoft. The flag accepts `0` for disabled or `1` for enabled. The default value is `1` to send telemetry.
+- `ADMINMODE` configures the tool to be installed in admin mode. The flag accepts `0` for client mode or `1` for IT Administrator mode. The default value is `0`.
+
+**To install SDT in ADMINMODE:**
+
+1. Sign in to your Surface device using the Administrator account.
+2. Download SDT Windows Installer Package (.msi) from the [Surface Tools for IT download page](https://www.microsoft.com/download/details.aspx?id=46703) and copy it to a preferred location on your Surface device, such as Desktop.
+3. Open a command prompt and enter:
+
+ ```
+ msiexec.exe /i ADMINMODE=1.
+ ```
+ **Example:**
+
+ ```
+ C:\Users\Administrator> msiexec.exe/I"C:\Users\Administrator\Desktop\Microsoft_Surface_Diagnostic_Toolkit_for_Business_Installer.msi" ADMINMODE=1
+ ```
+
+4. The SDT setup wizard appears, as shown in figure 1. Click **Next**.
+
+ >[!NOTE]
+ >If the setup wizard does not appear, ensure that you are signed into the Administrator account on your computer.
+
+ 
+
+ *Figure 1. Surface Diagnostic Toolkit setup wizard*
+
+5. When the SDT setup wizard appears, click **Next**, accept the End User License Agreement (EULA), and select a location to install the package.
+
+6. Click **Next** and then click **Install**.
+
+## Locating SDT on your Surface device
+
+Both SDT and the SDT app console are installed at `C:\Program Files\Microsoft\Surface\Microsoft Surface Diagnostic Toolkit for Business`.
+
+In addition to the .exe file, SDT installs a JSON file and an admin.dll file (modules\admin.dll), as shown in figure 2.
+
+
+
+*Figure 2. Files installed by SDT*
+
+
+## Preparing the SDT package for distribution
+
+Creating a custom package allows you to target the tool to specific known issues.
+
+1. Click **Start > Run**, enter **Surface** and then click **Surface Diagnostic Toolkit for Business**.
+2. When the tool opens, click **Create Custom Package**, as shown in figure 3.
+
+ 
+
+ *Figure 3. Create custom package*
+
+### Language and telemetry page
+
+
+When you start creating the custom package, you’re asked whether you agree to send data to Microsoft to help improve the application. For more information,see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). Sharing is on by default, so uncheck the box if you wish to decline.
+
+>[!NOTE]
+>This setting is limited to only sharing data generated while running packages.
+
+
+
+*Figure 4. Select language and telemetry settings*
+
+### Windows Update page
+
+Select the option appropriate for your organization. Most organizations with multiple users will typically select to receive updates via Windows Server Update Services (WSUS), as shown in figure 5. If using local Windows update packages or WSUS, enter the path as appropriate.
+
+
+
+*Figure 5. Windows Update option*
+
+### Software repair page
+
+This allows you to select or remove the option to run software repair updates.
+
+
+
+*Figure 6. Software repair option*
+
+### Collecting logs and saving package page
+
+You can select to run a wide range of logs across applications, drivers, hardware, and the operating system. Click the appropriate area and select from the menu of available logs. You can then save the package to a software distribution point or equivalent location that users can access.
+
+
+
+*Figure 7. Log option and save package*
+
+## Next steps
+
+- [Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md)
+- [Use Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md)
+
+
+
+
+
+
+
+
+
+
+
diff --git a/devices/surface/surface-diagnostic-toolkit-command-line.md b/devices/surface/surface-diagnostic-toolkit-command-line.md
new file mode 100644
index 0000000000..8d5cf4009c
--- /dev/null
+++ b/devices/surface/surface-diagnostic-toolkit-command-line.md
@@ -0,0 +1,148 @@
+---
+title: Run Surface Diagnostic Toolkit for Business using commands
+description: How to run Surface Diagnostic Toolkit in a command console
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: jdeckerms
+ms.author: jdecker
+ms.topic: article
+ms.date: 11/15/2018
+---
+
+# Run Surface Diagnostic Toolkit for Business using commands
+
+Running the Surface Diagnostic Toolkit (SDT) at a command prompt requires downloading the STD app console. After it's installed, you can run SDT at a command prompt via the Windows command console (cmd.exe) or using Windows PowerShell, including PowerShell Integrated Scripting Environment (ISE), which provides support for autocompletion of commands, copy/paste, and other features.
+
+>[!NOTE]
+>To run SDT using commands, you must be signed in to the Administrator account or signed in to an account that is a member of the Administrator group on your Surface device.
+
+## Running SDT app console
+
+Download and install SDT app console from the [Surface Tools for IT download page](https://www.microsoft.com/download/details.aspx?id=46703). You can use the Windows command prompt (cmd.exe) or Windows PowerShell to:
+
+- Collect all log files.
+- Run health diagnostics using Best Practice Analyzer.
+- Check update for missing firmware or driver updates.
+
+>[!NOTE]
+>In this release, the SDT app console supports single commands only. Running multiple command line options requires running the console exe separately for each command.
+
+By default, output files are saved in the same location as the console app. Refer to the following table for a complete list of commands.
+
+Command | Notes
+--- | ---
+-DataCollector "output file" | Collects system details into a zip file. "output file" is the file path to create system details zip file.
**Example**: `Microsoft.Surface.Diagnostics.App.Console.exe -DataCollector SDT_DataCollection.zip`
+-bpa "output file" | Checks several settings and health indicators in the device. “output file" is the file path to create the HTML report.
**Example**: `Microsoft.Surface.Diagnostics.App.Console.exe -bpa BPA.html`
+-windowsupdate | Checks Windows Update online servers for missing firmware and/or driver updates.
**Example**: Microsoft.Surface.Diagnostics.App.Console.exe -windowsupdate
+-warranty "output file" | Checks warranty information on the device (valid or invalid). The optional “output file” is the file path to create the xml file.
**Example**: Microsoft.Surface.Diagnostics.App.Console.exe –warranty “warranty.xml”
+
+
+>[!NOTE]
+>To run the SDT app console remotely on target devices, you can use a configuration management tool such as System Center Configuration Manager. Alternatively, you can create a .zip file containing the console app and appropriate console commands and deploy per your organization’s software distribution processes.
+
+## Running Best Practice Analyzer
+
+You can run BPA tests across key components such as BitLocker, Secure Boot, and Trusted Platform Module (TPM) and then output the results to a shareable file. The tool generates a series of tables with color-coded headings and condition descriptors along with guidance about how to approach resolving the issue.
+
+- Green indicates the component is running in an optimal condition (optimal).
+- Orange indicates the component is not running in an optimal condition (not optimal).
+- Red indicates the component is in an abnormal state.
+
+### Sample BPA results output
+
+
+
BitLocker
+
Description:
Checks if BitLocker is enabled on the system drive.
+
Value:
Protection On
+
Condition:
Optimal
+
Guidance:
It is highly recommended to enable BitLocker to protect your data.
+
+
+
+
Secure Boot
+
Description:
Checks if Secure Boot is enabled.
+
Value:
True
+
Condition:
Optimal
+
Guidance:
It is highly recommended to enable Secure Boot to protect your PC.
+
+
+
+
Trusted Platform Module
+
Description:
Ensures that the TPM is functional.
+
Value:
True
+
Condition:
Optimal
+
Guidance:
Without a functional TPM, security-based functions such as BitLocker may not work properly.
+
+
+
+
Connected Standby
+
Description:
Checks if Connected Standby is enabled.
+
Value:
True
+
Condition:
Optimal
+
Guidance:
Connected Standby allows a Surface device to receive updates and notifications while not being used. For best experience, Connected Standby should be enabled.
+
+
+
+
Bluetooth
+
Description:
Checks if Bluetooth is enabled.
+
Value:
Enabled
+
Condition:
Optimal
+
Guidance:
+
+
+
+
Debug Mode
+
Description:
Checks if the operating system is in Debug mode.
+
Value:
Normal
+
Condition:
Optimal
+
Guidance:
The debug boot option enables or disables kernel debugging of the Windows operating system. Enabling this option can cause system instability and can prevent DRM (digital rights managemend) protected media from playing.
+
+
+
+
Test Signing
+
Description:
Checks if Test Signing is enabled.
+
Value:
Normal
+
Condition:
Optimal
+
Guidance:
Test Signing is a Windows startup setting that should only be used to test pre-release drivers.
+
+
+
+
Active Power Plan
+
Description:
Checks that the correct power plan is active.
+
Value:
Balanced
+
Condition:
Optimal
+
Guidance:
It is highly recommended to use the "Balanced" power plan to maximize productivity and battery life.
+
+
+
+
Windows Update
+
Description:
Checks if the device is up to date with Windows updates.
+
Value:
Microsoft Silverlight (KB4023307), Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.279.1433.0)
+
Condition:
Not Optimal
+
Guidance:
Updating to the latest windows makes sure you are on the latest firmware and drivers. It is recommended to always keep your device up to date
+
+
+
+
Free Hard Drive Space
+
Description:
Checks for low free hard drive space.
+
Value:
66%
+
Condition:
Optimal
+
Guidance:
For best performance, your hard drive should have at least 10% of its capacity as free space.
+
+
+
+
Non-Functioning Devices
+
Description:
List of non-functioning devices in Device Manager.
+
Value:
+
Condition:
Optimal
+
Guidance:
Non-functioning devices in Device Manager may cause unpredictable problems with Surface devices such as, but not limited to, no power savings for the respective hardware component.
+
+
+
+
External Monitor
+
Description:
Checks for an external monitor that may have compatibility issues.
+
Value:
+
Condition:
Optimal
+
Guidance:
Check with the original equipment manufacturer for compatibility with your Surface device.
+
diff --git a/devices/surface/surface-diagnostic-toolkit-desktop-mode.md b/devices/surface/surface-diagnostic-toolkit-desktop-mode.md
new file mode 100644
index 0000000000..ee76845656
--- /dev/null
+++ b/devices/surface/surface-diagnostic-toolkit-desktop-mode.md
@@ -0,0 +1,99 @@
+---
+title: Use Surface Diagnostic Toolkit for Business in desktop mode
+description: How to use SDT to help users in your organization run the tool to identify and diagnose issues with the Surface device.
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: jdeckerms
+ms.author: jdecker
+ms.topic: article
+ms.date: 11/15/2018
+---
+
+# Use Surface Diagnostic Toolkit for Business in desktop mode
+
+This topic explains how to use the Surface Diagnostic Toolkit (SDT) to help users in your organization run the tool to identify and diagnose issues with the Surface device. Successfully running SDT can quickly determine if a reported issue is caused by failed hardware or user error.
+
+1. Direct the user to install [the SDT package](surface-diagnostic-toolkit-business.md#create-custom-sdt) from a software distribution point or network share. After it is installed, you’re ready to guide the user through a series of tests.
+
+2. Begin at the home page, which allows users to enter a description of the issue, and click **Continue**, as shown in figure 1.
+
+ 
+
+ *Figure 1. SDT in desktop mode*
+
+3. When SDT indicates the device has the latest updates, click **Continue** to advance to the catalog of available tests, as shown in figure 2.
+
+ 
+
+ *Figure 2. Select from SDT options*
+
+4. You can choose to run all the diagnostic tests. Or, if you already suspect a particular issue such as a faulty display or a power supply problem, click **Select** to choose from the available tests and click **Run Selected**, as shown in figure 3. See the following table for details of each test.
+
+ 
+
+ *Figure 3. Select hardware tests*
+
+ Hardware test | Description
+ --- | ---
+ Power Supply and Battery | Checks Power supply is functioning optimally
+ Display and Sound | Checks brightness, stuck or dead pixels, speaker and microphone functioning
+ Ports and Accessories | Checks accessories, screen attach and USB functioning
+ Connectivity | Checks Bluetooth, wireless and LTE connectivity
+ Security | Checks security related issues
+ Touch | Checks touch related issues
+ Keyboard and touch | Checks integrated keyboard connection and type cover
+ Sensors | Checks functioning of different sensors in the device
+ Hardware | Checks issues with different hardware components such as graphics card and camera
+
+
+
+
+
+
+## Running multiple hardware tests to troubleshoot issues
+
+SDT is designed as an interactive tool that runs a series of tests. For each test, SDT provides instructions summarizing the nature of the test and what users should expect or look for in order for the test to be successful. For example, to diagnose if the display brightness is working properly, SDT starts at zero and increases the brightness to 100 percent, asking users to confirm – by answering **Yes** or **No** -- that brightness is functioning as expected, as shown in figure 4.
+
+For each test, if functionality does not work as expected and the user clicks **No**, SDT generates a report of the possible causes and ways to troubleshoot it.
+
+
+
+*Figure 4. Running hardware diagnostics*
+
+1. If the brightness successfully adjusts from 0-100 percent as expected, direct the user to click **Yes** and then click **Continue**.
+2. If the brightness fails to adjust from 0-100 percent as expected, direct the user to click **No** and then click **Continue**.
+3. Guide users through remaining tests as appropriate. When finished, SDT automatically provides a high-level summary of the report, including the possible causes of any hardware issues along with guidance for resolution.
+
+
+### Repairing applications
+
+SDT enables you to diagnose and repair applications that may be causing issues, as shown in figure 5.
+
+
+
+*Figure 5. Running repairs*
+
+
+
+
+
+### Generating logs for analyzing issues
+
+SDT provides extensive log-enabled diagnosis support across applications, drivers, hardware, and operating system issues, as shown in figure 6.
+
+
+
+*Figure 6. Generating logs*
+
+
+
+
+### Generating detailed report comparing device vs. optimal configuration
+
+Based on the logs, SDT generates a report for software- and firmware-based issues that you can save to a preferred location.
+
+## Related topics
+
+- [Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md)
+
diff --git a/devices/surface/surface-dock-updater.md b/devices/surface/surface-dock-updater.md
index 925b058eb0..10b49c4719 100644
--- a/devices/surface/surface-dock-updater.md
+++ b/devices/surface/surface-dock-updater.md
@@ -27,7 +27,7 @@ When you run the Microsoft Surface Dock Updater installer you will be prompted t
>Updating Surface Dock firmware requires connectivity to the Surface Dock via the Surface Connect™ port. Installation of the Microsoft Surface Dock Updater is only supported on devices that feature the Surface Connect™ port.
>[!NOTE]
->The Surface Dock Updater tool is unable to run on Windows 10 S. Surface Dock devices used with Surface Laptop with Windows 10 S will receive updates natively through Windows Update. To manually update a Surface Dock for use with Surface Laptop and Windows 10 S, connect the Surface Dock to another Surface device with a Windows 10 Pro or Windows 10 Enterprise environment.
+>The Surface Dock Updater tool is unable to run on Windows 10 S. To manually update a Surface Dock for use with Surface Laptop and Windows 10 S, connect the Surface Dock to another Surface device with a Windows 10 Pro or Windows 10 Enterprise environment.
## Update a Surface Dock with Microsoft Surface Dock Updater
@@ -112,7 +112,7 @@ Microsoft Surface Dock Updater logs its progress into the Event Log, as shown in
## Changes and updates
-Microsoft periodically updates Surface Dock Updater. To learn more about the application of firmware by Surface Dock Updater, see [Manage Surface Dock firmware updates](https://technet.microsoft.com/itpro/surface/manage-surface-dock-firmware-updates).
+Microsoft periodically updates Surface Dock Updater.
>[!Note]
>Each update to Surface Dock firmware is included in a new version of Surface Dock Updater. To update a Surface Dock to the latest firmware, you must use the latest version of Surface Dock Updater.
@@ -191,7 +191,7 @@ This version of Surface Dock Updater adds support for the following:
* Update for Surface Dock DisplayPort firmware
-## Related topics
+
-[Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)
+
diff --git a/devices/surface/surface-enterprise-management-mode.md b/devices/surface/surface-enterprise-management-mode.md
index 77fc4c027c..e42a925b72 100644
--- a/devices/surface/surface-enterprise-management-mode.md
+++ b/devices/surface/surface-enterprise-management-mode.md
@@ -17,7 +17,7 @@ ms.date: 01/06/2017
Microsoft Surface Enterprise Management Mode (SEMM) is a feature of Surface devices with Surface UEFI that allows you to secure and manage firmware settings within your organization. With SEMM, IT professionals can prepare configurations of UEFI settings and install them on a Surface device. In addition to the ability to configure UEFI settings, SEMM also uses a certificate to protect the configuration from unauthorized tampering or removal.
>[!NOTE]
->SEMM is only available on devices with Surface UEFI firmware, such as Surface Pro 4, Surface Book, and Surface Studio. For more information about Surface UEFI, see [Manage Surface UEFI Settings](https://technet.microsoft.com/itpro/surface/manage-surface-uefi-settings).
+>SEMM is only available on devices with Surface UEFI firmware such as Surface Pro 4 and later, Surface Go, Surface Laptop, Surface Book, and Surface Studio. For more information about Surface UEFI, see [Manage Surface UEFI Settings](https://technet.microsoft.com/itpro/surface/manage-surface-uefi-settings).
When Surface devices are configured by SEMM and secured with the SEMM certificate, they are considered *enrolled* in SEMM. When the SEMM certificate is removed and control of UEFI settings is returned to the user of the device, the Surface device is considered *unenrolled* in SEMM.
@@ -25,7 +25,7 @@ There are two administrative options you can use to manage SEMM and enrolled Sur
## Microsoft Surface UEFI Configurator
-The primary workspace of SEMM is Microsoft Surface UEFI Configurator, as shown in Figure 1. Microsoft Surface UEFI Configurator is a tool that is used to create Windows Installer (.msi) packages that are used to enroll, configure, and unenroll SEMM on a Surface device. These packages contain a configuration file where the settings for UEFI are specified. SEMM packages also contain a certificate that is installed and stored in firmware and used to verify the signature of configuration files before UEFI settings are applied.
+The primary workspace of SEMM is Microsoft Surface UEFI Configurator, as shown in Figure 1. Microsoft Surface UEFI Configurator is a tool that is used to create Windows Installer (.msi) packages or WinPE images that are used to enroll, configure, and unenroll SEMM on a Surface device. These packages contain a configuration file where the settings for UEFI are specified. SEMM packages also contain a certificate that is installed and stored in firmware and used to verify the signature of configuration files before UEFI settings are applied.
@@ -74,14 +74,15 @@ You can enable or disable the following devices with SEMM:
* Docking USB Port
* On-board Audio
+* DGPU
* Type Cover
-* Micro SD or SD Card Slots
+* Micro SD Card
* Front Camera
* Rear Camera
* Infrared Camera, for Windows Hello
* Bluetooth Only
* Wi-Fi and Bluetooth
-* Trusted Platform Module (TPM)
+* LTE
You can configure the following advanced settings with SEMM:
@@ -89,9 +90,12 @@ You can configure the following advanced settings with SEMM:
* Alternate boot order, where the Volume Down button and Power button can be pressed together during boot, to boot directly to a USB or Ethernet device
* Lock the boot order to prevent changes
* Support for booting to USB devices
+* Enable Network Stack boot settings
+* Enable Auto Power On boot settings
* Display of the Surface UEFI **Security** page
* Display of the Surface UEFI **Devices** page
* Display of the Surface UEFI **Boot** page
+* Display of the Surface UEFI **DateTime** page
>[!NOTE]
>When you create a SEMM configuration package, two characters are shown on the **Successful** page, as shown in Figure 5.
@@ -116,7 +120,7 @@ These characters are the last two characters of the certificate thumbprint and s
>6. **All** or **Properties Only** must be selected in the **Show** drop-down menu.
>7. Select the field **Thumbprint**.
-To enroll a Surface device in SEMM or to apply the UEFI configuration from a configuration package, all you need to do is run the .msi file on the intended Surface device. You can use application deployment or operating system deployment technologies such as [System Center Configuration Manager](https://technet.microsoft.com/library/mt346023) or the [Microsoft Deployment Toolkit](https://technet.microsoft.com/windows/dn475741). When you enroll a device in SEMM you must be present to confirm the enrollment on the device. User interaction is not required when you apply a configuration to devices that are already enrolled in SEMM.
+To enroll a Surface device in SEMM or to apply the UEFI configuration from a configuration package, all you need to do is run the .msi file with administrative privileges on the intended Surface device. You can use application deployment or operating system deployment technologies such as [System Center Configuration Manager](https://technet.microsoft.com/library/mt346023) or the [Microsoft Deployment Toolkit](https://technet.microsoft.com/windows/dn475741). When you enroll a device in SEMM you must be present to confirm the enrollment on the device. User interaction is not required when you apply a configuration to devices that are already enrolled in SEMM.
For a step-by-step walkthrough of how to enroll a Surface device in SEMM or apply a Surface UEFI configuration with SEMM, see [Enroll and configure Surface devices with SEMM](https://technet.microsoft.com/itpro/surface/enroll-and-configure-surface-devices-with-semm).
@@ -189,10 +193,43 @@ For use with SEMM and Microsoft Surface UEFI Configurator, the certificate must
>[!NOTE]
>For organizations that use an offline root in their PKI infrastructure, Microsoft Surface UEFI Configurator must be run in an environment connected to the root CA to authenticate the SEMM certificate. The packages generated by Microsoft Surface UEFI Configurator can be transferred as files and therefore can be transferred outside the offline network environment with removable storage, such as a USB stick.
+### Managing certificates FAQ
+
+The recommended *minimum* length is 15 months. You can use a
+certificate that expires in less than 15 months or use a certificate
+that expires in longer than 15 months.
+
+>[!NOTE]
+>When a certificate expires, it does not automatically renew.
+
+**Will existing machines continue to apply the bios settings after 15
+months?**
+
+Yes, but only if the package itself was signed when the certificate was
+valid.
+
+**Will** **the SEMM package and certificate need to be updated on all
+machines that have it?**
+
+If you want SEMM reset or recovery to work, the certificate needs to be
+valid and not expired. You can use the current valid ownership
+certificate to sign a package that updates to a new certificate for
+ownership. You do not need to create a reset package.
+
+**Can bulk reset packages be created for each surface that we order? Can
+one be built that resets all machines in our environment?**
+
+The PowerShell samples that create a config package for a specific
+device type can also be used to create a reset package that is
+serial-number independent. If the certificate is still valid, you can
+create a reset package using PowerShell to reset SEMM.
+
## Version History
+### Version 2.26.136.0
+* Add support to Surface Studio 2
-### Version 2.21.136.9
+### Version 2.21.136.0
* Add support to Surface Pro 6
* Add support to Surface Laptop 2
diff --git a/devices/surface/surface-system-sku-reference.md b/devices/surface/surface-system-sku-reference.md
new file mode 100644
index 0000000000..ca870c7065
--- /dev/null
+++ b/devices/surface/surface-system-sku-reference.md
@@ -0,0 +1,59 @@
+---
+title: System SKU reference (Surface)
+description: See a reference of System Model and System SKU names.
+keywords: uefi, configure, firmware, secure, semm
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.pagetype: surface, devices, security
+ms.sitesec: library
+author: coveminer
+ms.author: v-jokai
+ms.topic: article
+ms.date: 03/20/2019
+---
+
+# System SKU reference
+
+This document provides a reference of System Model and System SKU names that you can use to quickly determine the machine state of a specific device using PowerShell, WMI,
+
+System Model and System SKU are variables stored in System Management BIOS (SMBIOS) tables in the UEFI layer of Surface devices. The System SKU name is required to differentiate between devices with the same System Model name, such as Surface Pro and Surface Pro with LTE Advanced.
+
+| Device | System Model | System SKU |
+| ---------- | ----------- | -------------- |
+| Surface 3 WiFI | Surface 3 | Surface_3 |
+| Surface 3 LTE AT&T | Surface 3 | Surface_3_US1 |
+| Surface 3 LTE Verizon | Surface 3 | Surface_3_US2 |
+| Surface 3 LTE North America | Surface 3 | Surface_3_NAG |
+| Surface 3 LTE Outside of North America and T-Mobile In Japan | Surface 3 | Surface_3_ROW |
+| Surface Pro | Surface Pro | Surface_Pro_1796 |
+| Surface Pro with LTE Advanced | Surface Pro | Surface_Pro_1807 |
+| Surface Book 2 13inch | Surface Book 2 | Surface_Book_1832 |
+| Surface Book 2 15inch | Surface Book 2 | Surface_Book_1793 |
+| Surface Go Consumer | Surface Go | Surface_Go_1824_Consumer |
+| Surface Go Commercial | Surface Go | Surface_Go_1824_Commercial |
+| Surface Pro 6 Consumer | Surface Pro 6 | Surface_Pro_6_1796_Consumer |
+| Surface Pro 6 Commercial | Surface Pro 6 | Surface_Pro_6_1796_Commercial |
+| Surface Laptop 2 Consumer | Surface Laptop 2 | Surface_Laptop_2_1769_Consumer |
+| Surface Laptop 2 Commercial | Surface Laptop 2 | Surface_Laptop_2_1769_Commercial |
+
+## Examples
+
+**PowerShell**
+ Use the following PowerShell command to pull System SKU:
+
+ ```
+gwmi -namespace root\wmi -class MS_SystemInformation | select SystemSKU
+```
+
+**System Information**
+You can also find the System SKU and System Model for a device in System Information.
+
+- Go to **Start** > **MSInfo32**.
+
+One example of how you could use this in Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager is as part of a Task Sequence WMI Condition. For example:
+
+**Task Sequence WMI Condition**
+
+
+ - WMI Namespace – Root\WMI
+ - WQL Query – SELECT * FROM MS_SystemInformation WHERE SystemSKU = "Surface_Pro_1796"
\ No newline at end of file
diff --git a/devices/surface/surface.yml b/devices/surface/surface.yml
new file mode 100644
index 0000000000..8287763c1e
--- /dev/null
+++ b/devices/surface/surface.yml
@@ -0,0 +1,61 @@
+### YamlMime:YamlDocument
+
+documentType: LandingData
+title: Surface devices
+metadata:
+ document_id:
+ title: Surface devices
+ description: Find tools, step-by-step guides, and other resources to help you plan, deploy, and manage Surface devices in your organization.
+ keywords: Windows 10, issues, fixes, announcements, Windows Server, advisories
+ ms.localizationpriority: medium
+ author: lizap
+ ms.author: elizapo
+ manager: dougkim
+ ms.topic: article
+ ms.devlang: na
+
+sections:
+- items:
+ - type: markdown
+ text: "
+ Find tools, step-by-step guides, and other resources to help you plan, deploy, and manage Surface devices in your organization.
+ "
+- title: Explore
+- items:
+ - type: markdown
+ text: "
+ Evaluate the Surface device portfolio, review the tools and technologies for management of your Surface devices, and learn about Surface technologies and devices with engineering walkthroughs.
+
**Surface Pro** Light enough to take anywhere. Powerful enough to use as a full desktop workstation. See spec
**Surface Book** Built for extreme performance. Lightning fast access to apps. Up to 16 hours of battery life. See spec
**Surface Studio** Professional-grade power and performance. Use it upright or draw on it like a drafting table. See spec
+
+ "
+- title: Plan
+- items:
+ - type: markdown
+ text: "
+ Explore essential concepts for the deployment of Windows 10 to Surface devices.
+
**Try Windows 10 Enterprise free for 90 days** Try the latest features. Test your apps, hardware, and deployment strategies. Get started
**Windows 10 upgrade paths** Upgrade to Windows 10 from a previous version, or from one edition to another. Explore paths
**Prepare for Windows 10 deployment** Get familiar with current deployment options and best practices. Review options
+
+ "
+- title: Deploy
+- items:
+ - type: markdown
+ text: "
+ Download deployment tools and get step-by-step guidance on how to upgrade a Surface device or deploy a new image.
+
**Microsoft Deployment Toolkit (MDT)** Automate Windows 10 deployment, and more easily manage security and configurations. Download the toolkit
**System Center Configuration Manager** Use in tandem with MDT to deploy Windows 10 and manage PCs and devices moving forward. Download an eval
**Surface Deployment Accelerator** Automate the creation and configuration of Windows images for Surface devices. Download the accelerator
+
+ "
+- title: Manage
+- items:
+ - type: markdown
+ text: "
+ Learn how to more easily manage and secure Surface devices in your organization.
+
**Surface IT Pro Blog** Get insight into new Surface products plus tips and tricks for IT professionals. Learn more
**Surface on Microsoft Mechanics** View technical demos and walkthroughs of Surface devices, features, and functionality. Get started
**Follow us on Twitter** Keep up with the latest news and see the latest product demonstrations. Visit Twitter
+
+ "
diff --git a/devices/surface/update.md b/devices/surface/update.md
index 29e0b9517b..df7a6e3c5d 100644
--- a/devices/surface/update.md
+++ b/devices/surface/update.md
@@ -8,7 +8,7 @@ ms.sitesec: library
author: heatherpoulsen
ms.author: jdecker
ms.topic: article
-ms.date: 12/01/2016
+ms.date: 11/13/2018
---
# Surface firmware and driver updates
@@ -22,7 +22,6 @@ Find out how to download and manage the latest firmware and driver updates for y
|[Wake On LAN for Surface devices](wake-on-lan-for-surface-devices.md) | See how you can use Wake On LAN to remotely wake up devices to perform management or maintenance tasks, or to enable management solutions automatically. |
| [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)| Get a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.|
| [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)| Explore the available options to manage firmware and driver updates for Surface devices.|
-| [Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)| Read about the different methods you can use to manage the process of Surface Dock firmware updates.|
| [Surface Dock Updater](surface-dock-updater.md)| Get a detailed walkthrough of Microsoft Surface Dock Updater.|
diff --git a/devices/surface/wake-on-lan-for-surface-devices.md b/devices/surface/wake-on-lan-for-surface-devices.md
index c584cc40bb..907ab49ce6 100644
--- a/devices/surface/wake-on-lan-for-surface-devices.md
+++ b/devices/surface/wake-on-lan-for-surface-devices.md
@@ -23,17 +23,22 @@ Surface devices that run Windows 10, version 1607 (also known as Windows 10 Anni
The following devices are supported for WOL:
-* Surface Book 2
-* Surface Pro with LTE Advanced (Model 1807)
-* Surface Pro (Model 1796)
-* Surface Laptop
-* Surface Book
-* Surface Pro 4
-* Surface 3
-* Surface Pro 3
* Surface Ethernet adapter
+* Surface USB-C to Ethernet and USB Adapter
* Surface Dock
* Surface Docking Station for Surface Pro 3
+* Surface 3
+* Surface Pro 3
+* Surface Pro 4
+* Surface Pro (5th Gen)
+* Surface Pro (5th Gen) with LTE Advanced
+* Surface Book
+* Surface Laptop (1st Gen)
+* Surface Pro 6
+* Surface Book 2
+* Surface Laptop 2
+* Surface Go
+* Surface Go with LTE Advanced
## WOL driver
diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md
index e4f3b0a922..baef69db7c 100644
--- a/devices/surface/windows-autopilot-and-surface-devices.md
+++ b/devices/surface/windows-autopilot-and-surface-devices.md
@@ -52,6 +52,9 @@ Enrolling Surface devices in Windows Autopilot at the time of purchase is a capa
When you purchase Surface devices from a Surface partner enabled for Windows Autopilot, your new devices can be enrolled in your Windows Autopilot deployment for you by the partner. Surface partners enabled for Windows Autopilot include:
-- [SHI](https://www.shi.com/?reseller=shi)
-- [Insight](https://www.insight.com/en_US/buy/partner/microsoft/surface.html)
-- [Atea](https://www.atea.com/)
\ No newline at end of file
+- [Atea](https://www.atea.com/)
+- [Connection](https://www.connection.com/brand/microsoft/microsoft-surface)
+- [Insight](https://www.insight.com/en_US/buy/partner/microsoft/surface/windows-autopilot.html)
+- [SHI](https://www.shi.com/Surface)
+
+
diff --git a/education/docfx.json b/education/docfx.json
index c01be28758..87d94a2065 100644
--- a/education/docfx.json
+++ b/education/docfx.json
@@ -9,7 +9,7 @@
],
"resource": [
{
- "files": ["**/images/**", "**/*.json"],
+ "files": ["**/images/**"],
"exclude": ["**/obj/**"]
}
],
@@ -33,6 +33,7 @@
"externalReference": [
],
"template": "op.html",
- "dest": "education"
+ "dest": "education",
+ "markdownEngineName": "dfm"
}
}
diff --git a/education/get-started/change-history-ms-edu-get-started.md b/education/get-started/change-history-ms-edu-get-started.md
index 97ddde85fb..890ee785d2 100644
--- a/education/get-started/change-history-ms-edu-get-started.md
+++ b/education/get-started/change-history-ms-edu-get-started.md
@@ -1,43 +1,42 @@
----
-title: Change history for Microsoft Education Get Started
-description: New and changed topics in the Microsoft Education get started guide.
-keywords: Microsoft Education get started guide, IT admin, IT pro, school, education, change history
+---
+title: Change history for Microsoft Education Get Started
+description: New and changed topics in the Microsoft Education get started guide.
+keywords: Microsoft Education get started guide, IT admin, IT pro, school, education, change history
ms.prod: w10
-ms.technology: Windows
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: edu
-author: CelesteDG
-ms.author: celested
-ms.date: 07/07/2017
----
-
-# Change history for Microsoft Education Get Started
-
-This topic lists the changes in the Microsoft Education IT admin get started.
-
-## July 2017
-
-| New or changed topic | Description |
-| --- | ---- |
-| [Get started: Deploy and manage a full cloud IT solution with Microsoft Education](get-started-with-microsoft-education.md) | Broke up the get started guide to highlight each phase in the Microsoft Education deployment and management process. |
-| [Set up an Office 365 Education tenant](set-up-office365-edu-tenant.md) | New. Shows the video and step-by-step guide on how to set up an Office 365 for Education tenant. |
-| [Use School Data Sync to import student data](use-school-data-sync.md) | New. Shows the video and step-by-step guide on School Data Sync and sample CSV files to import student data in a trial environment. |
-| [Enable Microsoft Teams for your school](enable-microsoft-teams.md) | New. Shows how IT admins can enable and deploy Microsoft Teams in schools. |
-| [Configure Microsoft Store for Education](configure-microsoft-store-for-education.md) | New. Shows the video and step-by-step guide on how to accept the services agreement and ensure your Microsoft Store account is associated with Intune for Education. |
-| [Use Intune for Education to manage groups, apps, and settings](use-intune-for-education.md) | New. Shows the video and step-by-step guide on how to set up Intune for Education, buy apps from the Microsoft Store for Education, and install the apps for all users in your tenant. |
-| [Set up Windows 10 education devices](set-up-windows-10-education-devices.md) | New. Shows options available to you when you need to set up new Windows 10 devices and enroll them to your education tenant. Each option contains a video and step-by-step guide. |
-| [Finish Windows 10 device setup and other tasks](finish-setup-and-other-tasks.md) | New. Shows the video and step-by-step guide on how to finish preparing your Windows 10 devices for use in the classroom. |
-
-
-## June 2017
-
-| New or changed topic | Description |
-| --- | ---- |
-| [Get started: Deploy and manage a full cloud IT solution with Microsoft Education](get-started-with-microsoft-education.md) | Includes the following updates: - New configuration guidance for IT administrators to deploy Microsoft Teams. - Updated steps for School Data Sync to show the latest workflow and user experience. - Updated steps for Option 2: Try out Microsoft Education in a trial environment. You no longer need the SDS promo code to try SDS in a trial environment. |
-
-## May 2017
-
-| New or changed topic | Description |
-| --- | ---- |
-| [Get started: Deploy and manage a full cloud IT solution with Microsoft Education](get-started-with-microsoft-education.md) | New. Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices. |
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: edu
+author: CelesteDG
+ms.author: celested
+ms.date: 07/07/2017
+---
+
+# Change history for Microsoft Education Get Started
+
+This topic lists the changes in the Microsoft Education IT admin get started.
+
+## July 2017
+
+| New or changed topic | Description |
+| --- | ---- |
+| [Get started: Deploy and manage a full cloud IT solution with Microsoft Education](get-started-with-microsoft-education.md) | Broke up the get started guide to highlight each phase in the Microsoft Education deployment and management process. |
+| [Set up an Office 365 Education tenant](set-up-office365-edu-tenant.md) | New. Shows the video and step-by-step guide on how to set up an Office 365 for Education tenant. |
+| [Use School Data Sync to import student data](use-school-data-sync.md) | New. Shows the video and step-by-step guide on School Data Sync and sample CSV files to import student data in a trial environment. |
+| [Enable Microsoft Teams for your school](enable-microsoft-teams.md) | New. Shows how IT admins can enable and deploy Microsoft Teams in schools. |
+| [Configure Microsoft Store for Education](configure-microsoft-store-for-education.md) | New. Shows the video and step-by-step guide on how to accept the services agreement and ensure your Microsoft Store account is associated with Intune for Education. |
+| [Use Intune for Education to manage groups, apps, and settings](use-intune-for-education.md) | New. Shows the video and step-by-step guide on how to set up Intune for Education, buy apps from the Microsoft Store for Education, and install the apps for all users in your tenant. |
+| [Set up Windows 10 education devices](set-up-windows-10-education-devices.md) | New. Shows options available to you when you need to set up new Windows 10 devices and enroll them to your education tenant. Each option contains a video and step-by-step guide. |
+| [Finish Windows 10 device setup and other tasks](finish-setup-and-other-tasks.md) | New. Shows the video and step-by-step guide on how to finish preparing your Windows 10 devices for use in the classroom. |
+
+
+## June 2017
+
+| New or changed topic | Description |
+| --- | ---- |
+| [Get started: Deploy and manage a full cloud IT solution with Microsoft Education](get-started-with-microsoft-education.md) | Includes the following updates: - New configuration guidance for IT administrators to deploy Microsoft Teams. - Updated steps for School Data Sync to show the latest workflow and user experience. - Updated steps for Option 2: Try out Microsoft Education in a trial environment. You no longer need the SDS promo code to try SDS in a trial environment. |
+
+## May 2017
+
+| New or changed topic | Description |
+| --- | ---- |
+| [Get started: Deploy and manage a full cloud IT solution with Microsoft Education](get-started-with-microsoft-education.md) | New. Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices. |
diff --git a/education/get-started/configure-microsoft-store-for-education.md b/education/get-started/configure-microsoft-store-for-education.md
index caf9b51520..6da930b66d 100644
--- a/education/get-started/configure-microsoft-store-for-education.md
+++ b/education/get-started/configure-microsoft-store-for-education.md
@@ -3,7 +3,6 @@ title: Configure Microsoft Store for Education
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/get-started/enable-microsoft-teams.md b/education/get-started/enable-microsoft-teams.md
index bab1e61628..5d3af7dc3d 100644
--- a/education/get-started/enable-microsoft-teams.md
+++ b/education/get-started/enable-microsoft-teams.md
@@ -3,7 +3,6 @@ title: Enable Microsoft Teams for your school
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/get-started/finish-setup-and-other-tasks.md b/education/get-started/finish-setup-and-other-tasks.md
index b15394f6ac..120b357bc2 100644
--- a/education/get-started/finish-setup-and-other-tasks.md
+++ b/education/get-started/finish-setup-and-other-tasks.md
@@ -3,7 +3,6 @@ title: Finish Windows 10 device setup and other tasks
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md
index 39dad1f8e4..6df81f8b27 100644
--- a/education/get-started/get-started-with-microsoft-education.md
+++ b/education/get-started/get-started-with-microsoft-education.md
@@ -3,7 +3,6 @@ title: Deploy and manage a full cloud IT solution with Microsoft Education
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: hero-article
diff --git a/education/get-started/set-up-office365-edu-tenant.md b/education/get-started/set-up-office365-edu-tenant.md
index 82ee6a90cd..01a5f5b4a9 100644
--- a/education/get-started/set-up-office365-edu-tenant.md
+++ b/education/get-started/set-up-office365-edu-tenant.md
@@ -3,7 +3,6 @@ title: Set up an Office 365 Education tenant
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/get-started/set-up-windows-10-education-devices.md b/education/get-started/set-up-windows-10-education-devices.md
index 5b79384b77..a62a0e282d 100644
--- a/education/get-started/set-up-windows-10-education-devices.md
+++ b/education/get-started/set-up-windows-10-education-devices.md
@@ -3,7 +3,6 @@ title: Set up Windows 10 education devices
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/get-started/set-up-windows-education-devices.md b/education/get-started/set-up-windows-education-devices.md
index ba8630edd9..e1f8ef557e 100644
--- a/education/get-started/set-up-windows-education-devices.md
+++ b/education/get-started/set-up-windows-education-devices.md
@@ -3,7 +3,6 @@ title: Set up Windows 10 devices using Windows OOBE
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/get-started/use-intune-for-education.md b/education/get-started/use-intune-for-education.md
index baef903733..d1ab32cfa9 100644
--- a/education/get-started/use-intune-for-education.md
+++ b/education/get-started/use-intune-for-education.md
@@ -3,7 +3,6 @@ title: Use Intune for Education to manage groups, apps, and settings
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/get-started/use-school-data-sync.md b/education/get-started/use-school-data-sync.md
index f880134137..f2bcfb50f9 100644
--- a/education/get-started/use-school-data-sync.md
+++ b/education/get-started/use-school-data-sync.md
@@ -3,7 +3,6 @@ title: Use School Data Sync to import student data
description: Learn how to use the new Microsoft Education system to set up a cloud infrastructure for your school, acquire devices and apps, and configure and deploy policies to your Windows 10 devices.
keywords: education, Microsoft Education, full cloud IT solution, school, deploy, setup, manage, Windows 10, Intune for Education, Office 365 for Education, School Data Sync, Microsoft Teams, Microsoft Store for Education, Azure AD, Set up School PCs
ms.prod: w10
-ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.topic: get-started
diff --git a/education/images/M365-education.svg b/education/images/M365-education.svg
index 7f83629296..9591f90f68 100644
--- a/education/images/M365-education.svg
+++ b/education/images/M365-education.svg
@@ -1,4 +1,4 @@
-
