deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-11 21:07:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'main' into main

Browse Source
This commit is contained in:
Rebecca Agiewich 2022-11-16 11:21:02 -08:00 committed by GitHub
commit 9616da3a47
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
30 changed files with 162 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.openpublishing.redirection.json
View File

@ -420,6 +420,11 @@
"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/citool-commands.md",
"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands",
"redirect_document_id": false
},
{
"source_path": "devices/hololens/hololens-whats-new.md",
"redirect_url": "/hololens/hololens-release-notes",

6
education/index.yml
View File

@ -2,19 +2,13 @@
title: Microsoft 365 Education Documentation
summary: Microsoft 365 Education empowers educators to unlock creativity, promote teamwork, and provide a simple and safe experience in a single, affordable solution built for education.
# brand: aspnet | azure | dotnet | dynamics | m365 | ms-graph | office | power-apps | power-automate | power-bi | power-platform | power-virtual-agents | sql | sql-server | vs | visual-studio | windows | xamarin
brand: m365
metadata:
title: Microsoft 365 Education Documentation
description: Learn about product documentation and resources available for school IT administrators, teachers, students, and education app developers.
ms.service: help
ms.topic: hub-page
ms.collection: education
author: paolomatarazzo
ms.author: paoloma
ms.date: 08/10/2022
manager: aaroncz
productDirectory:
title: For IT admins

8
education/windows/federated-sign-in.md
View File

@ -2,15 +2,7 @@
title: Configure federated sign-in for Windows devices
description: Description of federated sign-in feature for Windows 11 SE and how to configure it via Intune
ms.date: 09/15/2022
ms.prod: windows
ms.technology: windows
ms.topic: how-to
ms.localizationpriority: medium
author: paolomatarazzo
ms.author: paoloma
ms.reviewer:
manager: aaroncz
ms.collection: education
appliesto:
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>
---

8
education/windows/windows-11-se-faq.yml
View File

@ -2,15 +2,7 @@
metadata:
title: Windows 11 SE Frequently Asked Questions (FAQ)
description: Use these frequently asked questions (FAQ) to learn important details about Windows 11 SE.
ms.prod: windows
ms.technology: windows
author: paolomatarazzo
ms.author: paoloma
manager: aaroncz
ms.reviewer:
ms.collection: education
ms.topic: faq
localizationpriority: medium
ms.date: 09/14/2022
appliesto:
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11 SE</a>

63
smb/docfx.json
View File

@ -1,63 +0,0 @@
{
"build": {
"content": [
{
"files": [
"**/*.md",
"**/*.yml"
],
"exclude": [
"**/obj/**",
"smb/**",
"**/includes/**"
]
}
],
"resource": [
{
"files": [
"**/*.png",
"**/*.jpg"
],
"exclude": [
"**/obj/**",
"smb/**",
"**/includes/**"
]
}
],
"overwrite": [],
"externalReference": [],
"globalMetadata": {
"recommendations": true,
"breadcrumb_path": "/windows/smb/breadcrumb/toc.json",
"uhfHeaderId": "MSDocsHeader-M365-IT",
"feedback_system": "None",
"hideEdit": true,
"_op_documentIdPathDepotMapping": {
"./": {
"depot_name": "TechNet.smb",
"folder_relative_path_in_docset": "./"
}
},
"contributors_to_exclude": [
"rjagiewich",
"traya1",
"rmca14",
"claydetels19",
"Kellylorenebaker",
"jborsecnik",
"tiburd",
"AngelaMotherofDragons",
"dstrome",
"v-dihans",
"garycentric"
],
"titleSuffix": "Windows for Small to Midsize Business"
},
"fileMetadata": {},
"template": [],
"dest": "smb",
"markdownEngineName": "markdig"
}
}

11
smb/includes/smb-content-updates.md
View File

@ -1,11 +0,0 @@
<!-- This file is generated automatically each week. Changes made to this file will be overwritten.-->
## Week of July 18, 2022
| Published On |Topic title | Change |
|------|------------|--------|
| 7/22/2022 | Deploy and manage a full cloud IT solution for your business | removed |
| 7/22/2022 | Windows 10/11 for small to midsize businesses | removed |

4
windows/client-management/mdm/laps-csp.md
View File

@ -17,7 +17,7 @@ ms.date: 09/20/2022
The Local Administrator Password Solution (LAPS) configuration service provider (CSP) is used by the enterprise to manage back up of local administrator account passwords. This CSP was added in Windows 11 as of version 25145.
> [!IMPORTANT]
> Windows LAPS is currently only available in Windows Insider builds as of 25145 and later. Support for the Windows LAPS Azure AD scenario is currently limited to a small group of Windows Insiders.
> Windows LAPS currently is available only in [Windows 11 Insider Preview Build 25145 and later](/windows-insider/flight-hub/#active-development-builds-of-windows-11). Support for the Windows LAPS Azure Active Directory scenario is currently in private preview, and limited to a small number of customers who have a direct engagement with engineering. Once public preview is declared in 2023, all customers will be able to evaluate this AAD scenario.
> [!TIP]
> This article covers the specific technical details of the LAPS CSP. For more information about the scenarios in which the LAPS CSP would be used, see [Windows Local Administrator Password Solution](/windows-server/identity/laps/laps).
@ -63,7 +63,7 @@ The LAPS CSP can be used to manage devices that are either joined to Azure AD or
|ResetPasswordStatus|Yes|Yes|
> [!IMPORTANT]
> Windows supports a LAPS Group Policy Object that is entirely separate from the LAPS CSP. Many of the various settings are common across both the LAPS GPO and CSP (GPO does not support any of the Action-related settings). As long as at least one LAPS setting is configured via CSP, any GPO-configured settings will be ignored. Also see the TBD reference on LAPS policy configuration.
> Windows supports a LAPS Group Policy Object that is entirely separate from the LAPS CSP. Many of the various settings are common across both the LAPS GPO and CSP (GPO does not support any of the Action-related settings). As long as at least one LAPS setting is configured via CSP, any GPO-configured settings will be ignored. Also see [Configure policy settings for Windows LAPS](/windows-server/identity/laps/laps-management-policy-settings).
## ./Device/Vendor/MSFT/LAPS

2
windows/configuration/lock-down-windows-10-to-specific-apps.md
View File

@ -576,7 +576,7 @@ These apps are in addition to any mixed reality apps that you allow.
After the admin has completed setup, the kiosk account can sign in and repeat the setup. The admin user may want to complete the kiosk user setup before providing the PC to employees or customers.
There's a difference between the mixed reality experiences for a kiosk user and other users. Typically, when a user connects a mixed reality device, they begin in the [Mixed Reality home](https://developer.microsoft.com/windows/mixed-reality/navigating_the_windows_mixed_reality_home). The Mixed Reality home is a shell that runs in "silent" mode when the PC is configured as a kiosk. When a kiosk user connects a mixed reality device, they'll see only a blank display in the device, and won't have access to the features and functionality available in the home. To run a mixed reality app, the kiosk user must launch the app from the PC Start screen.
There's a difference between the mixed reality experiences for a kiosk user and other users. Typically, when a user connects a mixed reality device, they begin in the [Mixed Reality home](/windows/mixed-reality/discover/navigating-the-windows-mixed-reality-home). The Mixed Reality home is a shell that runs in "silent" mode when the PC is configured as a kiosk. When a kiosk user connects a mixed reality device, they'll see only a blank display in the device, and won't have access to the features and functionality available in the home. To run a mixed reality app, the kiosk user must launch the app from the PC Start screen.
## Policies set by multi-app kiosk configuration

8
windows/deployment/TOC.yml
View File

@ -184,11 +184,11 @@
href: update/deploy-updates-intune.md
- name: Monitor
items:
- name: Windows Update for Business reports (preview)
- name: Windows Update for Business reports
items:
- name: Windows Update for Business reports overview
href: update/wufb-reports-overview.md
- name: Enable Windows Update for Business reports (preview)
- name: Enable Windows Update for Business reports
items:
- name: Windows Update for Business reports prerequisites
href: update/wufb-reports-prerequisites.md
@ -200,7 +200,7 @@
href: update/wufb-reports-configuration-manual.md
- name: Configure clients with Microsoft Intune
href: update/wufb-reports-configuration-intune.md
- name: Use Windows Update for Business reports (preview)
- name: Use Windows Update for Business reports
items:
- name: Windows Update for Business reports workbook
href: update/wufb-reports-workbook.md
@ -210,7 +210,7 @@
href: update/wufb-reports-use.md
- name: Feedback, support, and troubleshooting
href: update/wufb-reports-help.md
- name: Windows Update for Business reports (preview) schema reference
- name: Windows Update for Business reports schema reference
items:
- name: Windows Update for Business reports schema reference
href: update/wufb-reports-schema.md

2
windows/deployment/update/wufb-reports-admin-center.md
View File

@ -9,7 +9,7 @@ ms.localizationpriority: medium
ms.collection:
- M365-analytics
ms.topic: article
ms.date: 06/20/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---

4
windows/deployment/update/wufb-reports-configuration-intune.md
View File

@ -9,11 +9,11 @@ ms.author: mstewart
ms.localizationpriority: medium
ms.collection: M365-analytics
ms.topic: article
ms.date: 08/24/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Configuring Microsoft Intune devices for Windows Update for Business reports (preview)
# Configuring Microsoft Intune devices for Windows Update for Business reports
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10 managed by [Microsoft Intune](/mem/intune/fundamentals/what-is-intune)***

4
windows/deployment/update/wufb-reports-configuration-manual.md
View File

@ -9,11 +9,11 @@ ms.author: mstewart
ms.localizationpriority: medium
ms.collection: M365-analytics
ms.topic: article
ms.date: 06/06/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Manually configuring devices for Windows Update for Business reports (preview)
# Manually configuring devices for Windows Update for Business reports
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10)***

4
windows/deployment/update/wufb-reports-configuration-script.md
View File

@ -9,11 +9,11 @@ ms.author: mstewart
ms.localizationpriority: medium
ms.collection: M365-analytics
ms.topic: article
ms.date: 06/16/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Configuring devices through the Windows Update for Business reports (preview) configuration script
# Configuring devices through the Windows Update for Business reports configuration script
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10)***

4
windows/deployment/update/wufb-reports-enable.md
View File

@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
ms.date: 06/06/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Enable Windows Update for Business reports (preview)
# Enable Windows Update for Business reports
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10)***

10
windows/deployment/update/wufb-reports-help.md
View File

@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
ms.date: 08/10/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Windows Update for Business reports (preview) feedback, support, and troubleshooting
# Windows Update for Business reports feedback, support, and troubleshooting
<!-- MAX6325272, OS33771278 -->
***(Applies to: Windows 11 & Windows 10)***
@ -51,9 +51,9 @@ You can open support requests directly from the Azure portal. If the **Help + S
- **Issue type** - ***Technical***
- **Subscription** - Select the subscription used for Windows Update for Business reports
- **Service** - ***My services***
- **Service type** - ***Log Analytics***
- **Problem type** - ***Solutions or Insights***
- **Problem subtype** - ***Update Compliance***
- **Service type** - ***Monitoring and Management***
- **Problem type** - ***Windows Update for Business reports***
1. Based on the information you provided, you'll be shown some **Recommended solutions** you can use to try to resolve the problem.
1. Complete the **Additional details** tab and then create the request on the **Review + create** tab.

4
windows/deployment/update/wufb-reports-overview.md
View File

@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
ms.date: 08/09/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Windows Update for Business reports (preview) overview
# Windows Update for Business reports overview
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10)***

4
windows/deployment/update/wufb-reports-prerequisites.md
View File

@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
ms.date: 06/30/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Windows Update for Business reports (preview) prerequisites
# Windows Update for Business reports prerequisites
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10)***

4
windows/deployment/update/wufb-reports-schema.md
View File

@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: reference
ms.date: 06/06/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Windows Update for Business reports (preview)schema
# Windows Update for Business reports schema
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10)***

4
windows/deployment/update/wufb-reports-use.md
View File

@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
ms.date: 06/06/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Use Windows Update for Business reports (preview)
# Use Windows Update for Business reports
<!--37063317, 30141258, 37063041-->
***(Applies to: Windows 11 & Windows 10)***

4
windows/deployment/update/wufb-reports-workbook.md
View File

@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
ms.date: 10/24/2022
ms.date: 11/15/2022
ms.technology: itpro-updates
---
# Windows Update for Business reports (preview) workbook
# Windows Update for Business reports workbook
<!-- MAX6325272, OS33771278 -->
***(Applies to: Windows 11 & Windows 10)***

4
windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
View File

@ -6,7 +6,9 @@ author: paolomatarazzo
ms.author: paoloma
manager: aaroncz
ms.reviewer: prsriva
ms.collection: M365-identity-device-management
ms.collection:
- M365-identity-device-management
- ContentEngagementFY23
ms.topic: article
localizationpriority: medium
ms.date: 02/22/2021

8
windows/security/identity-protection/hello-for-business/hello-faq.yml
View File

@ -3,8 +3,8 @@ metadata:
title: Windows Hello for Business Frequently Asked Questions (FAQ)
description: Use these frequently asked questions (FAQ) to learn important details about Windows Hello for Business.
keywords: identity, PIN, biometric, Hello, passport
ms.prod: m365-security
ms.mktglfcycl: deploy
ms.prod: windows-client
ms.technology: itpro-security
ms.sitesec: library
ms.pagetype: security, mobile
audience: ITPro
@ -17,7 +17,7 @@ metadata:
- highpri
ms.topic: faq
localizationpriority: medium
ms.date: 02/21/2022
ms.date: 11/11/2022
appliesto:
- ✅ <b>Windows 10</b>
- ✅ <b>Windows 11</b>
@ -100,7 +100,7 @@ sections:
- question: Can I use an external Windows Hello compatible camera or other Windows Hello compatible accessory when my laptop lid is closed or docked?
answer: |
Some laptops and tablets with keyboards that close may not use an external Windows Hello compatible camera or other Windows Hello compatible accessory when the computer is docked with the lid closed. The issue has been addressed in the latest Windows Insiders builds and will be available in the future version of Windows 11.
Some laptops and tablets with keyboards that close may not use an external Windows Hello compatible camera or other Windows Hello compatible accessory when the computer is docked with the lid closed. The issue has been addressed in Windows 11, version 22H2.
- question: Why does authentication fail immediately after provisioning hybrid key trust?
answer: |

3
windows/security/identity-protection/hello-for-business/index.yml
View File

@ -6,7 +6,8 @@ summary: Learn how to manage and deploy Windows Hello for Business.
metadata:
title: Windows Hello for Business documentation
description: Learn how to manage and deploy Windows Hello for Business.
ms.prod: m365-security
ms.prod: windows-client
ms.technology: itpro-security
ms.topic: landing-page
author: paolomatarazzo
ms.author: paoloma

5
windows/security/index.yml
View File

@ -6,8 +6,9 @@ summary: Built with Zero Trust principles at the core to safeguard data and acce
metadata:
title: Windows security # Required; page title displayed in search results. Include the brand. < 60 chars.
description: Learn about Windows security # Required; article description that is displayed in search results. < 160 chars.
ms.topic: landing-page # Required
ms.prod: windows
ms.topic: landing-page
ms.prod: windows-client
ms.technology: itpro-security
ms.collection:
- m365-security-compliance
- highpri

4
windows/security/threat-protection/windows-defender-application-control/TOC.yml
View File

@ -87,8 +87,6 @@
href: merge-windows-defender-application-control-policies.md
- name: Enforce WDAC policies
href: enforce-windows-defender-application-control-policies.md
- name: Managing WDAC Policies with CI Tool
href: citool-commands.md
- name: Use code signing to simplify application control for classic Windows applications
href: use-code-signing-to-simplify-application-control-for-classic-windows-applications.md
items:
@ -117,6 +115,8 @@
href: operations/known-issues.md
- name: Managed installer and ISG technical reference and troubleshooting guide
href: configure-wdac-managed-installer.md
- name: Managing WDAC Policies with CI Tool
href: operations/citool-commands.md
- name: WDAC AppId Tagging guide
href: AppIdTagging/windows-defender-application-control-appid-tagging-guide.md
items:

91
windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md
View File

@ -11,10 +11,10 @@ ms.localizationpriority: medium
audience: ITPro
ms.collection: M365-security-compliance
author: jsuther1974
ms.reviewer: isbrahm
ms.reviewer: jogeurte
ms.author: vinpa
manager: aaroncz
ms.date: 08/14/2020
ms.date: 11/11/2022
ms.technology: itpro-security
---
@ -29,21 +29,25 @@ ms.technology: itpro-security
>[!NOTE]
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](feature-availability.md).
## Using fsutil to query SmartLocker EA
## Enabling managed installer and Intelligent Security Graph (ISG) logging events
Customers using Windows Defender Application Control (WDAC) with Managed Installer (MI) or Intelligent Security Graph (ISG) enabled can use fsutil to determine whether a file was allowed to run by one of these features. This verification can be done by querying the Extended Attributes (EAs) on a file using fsutil and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. The presence of this EA indicates that either MI or ISG allowed the file to run. This EA's presence can be used in conjunction with enabling the MI and ISG logging events.
Refer to [Understanding Application Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events.
## Using fsutil to query extended attributes for Managed Installer (MI)
Customers using Windows Defender Application Control (WDAC) with Managed Installer (MI) enabled can use fsutil.exe to determine whether a file was created by a managed installer process. This verification is done by querying the Extended Attributes (EAs) on a file using fsutil.exe and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. Then, you can use the data from the first row of output to identify if the file was created by a managed installer. For example, let's look at the fsutil.exe output for a file called application.exe:
**Example:**
```powershell
fsutil file queryEA C:\Users\Temp\Downloads\application.exe
fsutil.exe file queryEA C:\Users\Temp\Downloads\application.exe
Extended Attributes (EA) information for file C:\Users\Temp\Downloads\application.exe:
Ea Buffer Offset: 410
Ea Name: $KERNEL.SMARTLOCKER.ORIGINCLAIM
Ea Value Length: 7e
0000: 01 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 ................
0000: 01 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 ................
0010: b2 ff 10 66 bc a8 47 c7 00 d9 56 9d 3d d4 20 2a ...f..G...V.=. *
0020: 63 a3 80 e2 d8 33 8e 77 e9 5c 8d b0 d5 a7 a3 11 c....3.w.\......
0030: 83 00 00 00 00 00 00 00 5c 00 00 00 43 00 3a 00 ........\...C.:.
@ -53,40 +57,63 @@ Ea Value Length: 7e
0070: 44 00 6f 00 77 00 6e 00 6c 00 6f 00 61 00 64 i.c.a.t.i.o.n..e.x.e
```
## Enabling managed installer logging events
From the output shown above, find the first row of data labeled "0000:", which is then followed by 16 two-character sets. Every four sets form a group known as a ULONG. The two-character set at the front of the first ULONG will always be "01" as shown here:
Refer to [Understanding Application Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events.
0000: **`01` 00 00 00** 00 00 00 00 00 00 00 00 01 00 00 00
## Deploying the Managed Installer rule collection
If there is "00" in the fifth position of the output (the start of the second ULONG), that indicates the EA is related to managed installer:
Once you've completed configuring your chosen Managed Installer, by specifying which option to use in the AppLocker policy, enabling the service enforcement of it, and by enabling the Managed Installer option in a WDAC policy, you'll need to deploy it.
0000: 01 00 00 00 **`00` 00 00 00** 00 00 00 00 01 00 00 00
1. Use the following command to deploy the policy.
Finally, the two-character set in the ninth position of the output (the start of the third ULONG) indicates whether the file was created by a process running as managed installer. A value of "00" means the file was directly written by a managed installer process and will run if your WDAC policy trusts managed installers.
```powershell
$policyFile=
@"
Raw_AppLocker_Policy_XML
"@
Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue
0000: 01 00 00 00 00 00 00 00 **`00` 00 00 00** 01 00 00 00
If instead the starting value for the third ULONG is "02", then that indicates a "child of child". "Child of child" is set on any files created by something that was installed by a managed installer. But, the file was created **after** the managed installer completed its work. So this file **wouldn't** be allowed to run unless there's some other rule in your policy to allow it.
In rarer cases, you may see other values in this position, but that will also run if your policy trusts managed installer.
## Using fsutil to query extended attributes for Intelligent Security Graph (ISG)
When an installer runs that has good reputation according to the ISG, the files that the installer writes to disk will inherit the reputation from the installer. These files with ISG inherited trust will also have the KERNEL.SMARTLOCKER.ORIGINCLAIM EA set as described above for managed installers. You can identify that the EA was created by the ISG by looking for the value "01" in the fifth position of the output (the start of the second ULONG) from fsutil:
0000: 01 00 00 00 **`01` 00 00 00** 00 00 00 00 01 00 00 00
## More troubleshooting steps for Managed Installer and ISG
Both managed installer and the ISG depend on AppLocker to provide some functionality. Use the following steps to confirm that AppLocker is configured and running correctly.
1. Check that AppLocker services are running. From an elevated PowerShell window, run the following and confirm the STATE shows as RUNNING for both appidsvc and AppLockerFltr:
```powershell
sc.exe query appidsvc
SERVICE_NAME: appidsvc
TYPE : 30 WIN32
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
sc.exe query AppLockerFltr
SERVICE_NAME: applockerfltr
TYPE : 1 KERNEL_DRIVER
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
```
2. Verify Deployment of the ruleset was successful
If not, run *appidtel start* from the elevated PowerShell window and check again.
2. For managed installer, check for AppCache.dat and other *.AppLocker files created under %windir%\System32\AppLocker. There should minimally be a ".AppLocker" file created for each of EXE, DLL, and MANAGEDINSTALLER rule collections. If you don't see these files created, proceed to the next step to confirm the AppLocker policy has been correctly applied.
3. For managed installer troubleshooting, check that the AppLocker effective policy is correct. From an elevated PowerShell window:
```powershell
Get-AppLockerPolicy -Local
Version RuleCollections RuleCollectionTypes
------- --------------- -------------------
1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...}
Get-AppLockerPolicy -Effective -XML > $env:USERPROFILE\Desktop\AppLocker.xml
```
Verify the output shows the ManagedInstaller rule set.
3. Get the policy XML (optional) using PowerShell:
```powershell
Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue
```
This command will show the raw XML to verify the individual rules that were set.
Then open the XML file created and confirm it contains the rules you expect. In particular, the policy should include at least one rule for each of the EXE, DLL, and MANAGEDINSTALLER RuleCollections. The RuleCollections can either be set to AuditOnly or Enabled. Additionally, the EXE and DLL RuleCollections must include the RuleCollectionExtensions configuration as shown in [Automatically allow apps deployed by a managed installer with Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer#create-and-deploy-an-applocker-policy-that-defines-your-managed-installer-rules-and-enables-services-enforcement-for-executables-and-dlls).

0
windows/security/threat-protection/windows-defender-application-control/citool-commands.md → windows/security/threat-protection/windows-defender-application-control/operations/citool-commands.md
View File

4
windows/whats-new/TOC.yml
View File

@ -12,10 +12,12 @@
- name: Prepare for Windows 11
href: windows-11-prepare.md
- name: What's new in Windows 11, version 22H2
href: whats-new-windows-11-version-22h2.md
href: whats-new-windows-11-version-22h2.md
- name: Windows 10
expanded: true
items:
- name: What's new in Windows 10, version 22H2
href: whats-new-windows-10-version-22H2.md
- name: What's new in Windows 10, version 21H2
href: whats-new-windows-10-version-21H2.md
- name: What's new in Windows 10, version 21H1

26
windows/whats-new/index.yml
View File

@ -1,22 +1,20 @@
### YamlMime:Landing
title: What's new in Windows
summary: Find out about new features and capabilities in the latest release of Windows 10 and Windows 11.
summary: Find out about new features and capabilities in the latest release of Windows client for IT professionals.
metadata:
title: What's new in Windows
description: Find out about new features and capabilities in the latest release of Windows 10 and Windows 11.
services: windows-10
ms.service: windows-10
ms.subservice: subservice
description: Find out about new features and capabilities in the latest release of Windows client for IT professionals.
ms.prod: windows-client
ms.technology: itpro-fundamentals
ms.topic: landing-page
ms.collection:
- windows-10
- highpri
author: aczechowski
ms.author: aaroncz
manager: dougeby
ms.date: 06/03/2022
ms.date: 11/14/2022
localization_priority: medium
landingContent:
@ -38,12 +36,12 @@ landingContent:
linkLists:
- linkListType: overview
links:
- text: What's new in Windows 10, version 22H2
url: whats-new-windows-10-version-22h2.md
- text: What's new in Windows 10, version 21H2
url: whats-new-windows-10-version-21h2.md
- text: What's new in Windows 10, version 21H1
url: whats-new-windows-10-version-21h1.md
- text: What's new in Windows 10, version 20H2
url: whats-new-windows-10-version-20h2.md
- title: Learn more
linkLists:
@ -54,14 +52,14 @@ landingContent:
- text: Windows release health dashboard
url: /windows/release-health/
- text: Windows 11 update history
url: https://support.microsoft.com/topic/windows-11-update-history-a19cd327-b57f-44b9-84e0-26ced7109ba9
url: https://support.microsoft.com/topic/windows-11-version-22h2-update-history-ec4229c3-9c5f-4e75-9d6d-9025ab70fcce
- text: Windows 10 update history
url: https://support.microsoft.com/topic/windows-10-update-history-857b8ccb-71e4-49e5-b3f6-7073197d98fb
- text: Windows 10 features we're no longer developing
- text: Windows features we're no longer developing
url: /windows/deployment/planning/windows-10-deprecated-features
- text: Features and functionality removed in Windows 10
- text: Features and functionality removed in Windows
url: /windows/deployment/planning/windows-10-removed-features
- text: Compare Windows 10 Editions
url: https://www.microsoft.com/windowsforbusiness/compare
- text: Compare Windows 11 Editions
url: https://www.microsoft.com/windows/business/compare-windows-11
- text: Windows 10 Enterprise LTSC
url: ltsc/index.md

38
windows/whats-new/whats-new-windows-10-version-22H2.md Normal file
View File

@ -0,0 +1,38 @@
---
title: What's new in Windows 10, version 22H2 for IT pros
description: Learn more about what's new in Windows 10, version 22H2, including how to get it.
ms.prod: windows-client
ms.technology: itpro-fundamentals
ms.author: mstewart
author: mestew
manager: dougeby
ms.localizationpriority: medium
ms.topic: overview
ms.date: 10/18/2022
---
# What's new in Windows 10, version 22H2
<!-- 7133471 -->
Windows 10, version 22H2 is a feature update for Windows 10. It's a scoped release focused on quality improvements to the overall Windows experience in existing feature areas. It includes all previous cumulative updates to Windows 10, version 21H2. This article is for IT professionals, it lists information about this release that you should know.
Windows 10, version 22H2 is an [H2-targeted release](/lifecycle/faq/windows#what-is-the-servicing-timeline-for-a-version--feature-update--of-windows-10-), and has the following servicing schedule:
- **Windows 10 Professional**: Serviced for 18 months from the release date.
- **Windows 10 Enterprise**: Serviced for 30 months from the release date.
Windows 10, version 22H2 is available through Windows Server Update Services including Configuration Manager, Windows Update for Business, and the Volume Licensing Service Center (VLSC). For more information, see [How to get the Windows 10 2022 Update](https://blogs.windows.com/windowsexperience/2022/10/18/how-to-get-the-windows-10-2022-update/).
Devices running earlier supported versions of Windows 10 can update to version 22H2 using an enablement package. For more information, see [Feature update to Windows 10, version 22H2 by using an enablement package](https://support.microsoft.com/topic/kb5015684-featured-update-to-windows-10-version-22h2-by-using-an-enablement-package-09d43632-f438-47b5-985e-d6fd704eee61).
To learn more about the status of the Windows 10, version 22H2 rollout, known issues, and build information, see [Windows 10 release information](/windows/release-health/release-information).
For more information about updated tools to support this release, see [IT tools to support Windows 10, version 22H2](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/it-tools-to-support-windows-10-version-22h2/ba-p/3655750).
The Windows 10, version 22H2 feature update is installed as part of the general availability channel. Quality updates are still installed monthly on patch Tuesday.
For more information, see:
- [Feature and quality update definitions](/windows/deployment/update/waas-quick-start#definitions)
- [Windows servicing channels](/windows/deployment/update/waas-overview#servicing-channels)