diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 39bc4b1622..dfaf5a09e2 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -420,6 +420,11 @@
"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering",
"redirect_document_id": false
},
+ {
+ "source_path": "windows/security/threat-protection/windows-defender-application-control/citool-commands.md",
+ "redirect_url": "/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands",
+ "redirect_document_id": false
+ },
{
"source_path": "devices/hololens/hololens-whats-new.md",
"redirect_url": "/hololens/hololens-release-notes",
diff --git a/education/index.yml b/education/index.yml
index 1a3a69e704..ef45124188 100644
--- a/education/index.yml
+++ b/education/index.yml
@@ -2,19 +2,13 @@
title: Microsoft 365 Education Documentation
summary: Microsoft 365 Education empowers educators to unlock creativity, promote teamwork, and provide a simple and safe experience in a single, affordable solution built for education.
-# brand: aspnet | azure | dotnet | dynamics | m365 | ms-graph | office | power-apps | power-automate | power-bi | power-platform | power-virtual-agents | sql | sql-server | vs | visual-studio | windows | xamarin
brand: m365
metadata:
title: Microsoft 365 Education Documentation
description: Learn about product documentation and resources available for school IT administrators, teachers, students, and education app developers.
- ms.service: help
ms.topic: hub-page
- ms.collection: education
- author: paolomatarazzo
- ms.author: paoloma
ms.date: 08/10/2022
- manager: aaroncz
productDirectory:
title: For IT admins
diff --git a/education/windows/federated-sign-in.md b/education/windows/federated-sign-in.md
index 906d45d919..7a3ef3172c 100644
--- a/education/windows/federated-sign-in.md
+++ b/education/windows/federated-sign-in.md
@@ -2,15 +2,7 @@
title: Configure federated sign-in for Windows devices
description: Description of federated sign-in feature for Windows 11 SE and how to configure it via Intune
ms.date: 09/15/2022
-ms.prod: windows
-ms.technology: windows
ms.topic: how-to
-ms.localizationpriority: medium
-author: paolomatarazzo
-ms.author: paoloma
-ms.reviewer:
-manager: aaroncz
-ms.collection: education
appliesto:
- ✅ Windows 11 SE
---
diff --git a/education/windows/windows-11-se-faq.yml b/education/windows/windows-11-se-faq.yml
index aaf843df04..c45c1980a0 100644
--- a/education/windows/windows-11-se-faq.yml
+++ b/education/windows/windows-11-se-faq.yml
@@ -2,15 +2,7 @@
metadata:
title: Windows 11 SE Frequently Asked Questions (FAQ)
description: Use these frequently asked questions (FAQ) to learn important details about Windows 11 SE.
- ms.prod: windows
- ms.technology: windows
- author: paolomatarazzo
- ms.author: paoloma
- manager: aaroncz
- ms.reviewer:
- ms.collection: education
ms.topic: faq
- localizationpriority: medium
ms.date: 09/14/2022
appliesto:
- ✅ Windows 11 SE
diff --git a/smb/docfx.json b/smb/docfx.json
deleted file mode 100644
index 15de5f0bb4..0000000000
--- a/smb/docfx.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
- "build": {
- "content": [
- {
- "files": [
- "**/*.md",
- "**/*.yml"
- ],
- "exclude": [
- "**/obj/**",
- "smb/**",
- "**/includes/**"
- ]
- }
- ],
- "resource": [
- {
- "files": [
- "**/*.png",
- "**/*.jpg"
- ],
- "exclude": [
- "**/obj/**",
- "smb/**",
- "**/includes/**"
- ]
- }
- ],
- "overwrite": [],
- "externalReference": [],
- "globalMetadata": {
- "recommendations": true,
- "breadcrumb_path": "/windows/smb/breadcrumb/toc.json",
- "uhfHeaderId": "MSDocsHeader-M365-IT",
- "feedback_system": "None",
- "hideEdit": true,
- "_op_documentIdPathDepotMapping": {
- "./": {
- "depot_name": "TechNet.smb",
- "folder_relative_path_in_docset": "./"
- }
- },
- "contributors_to_exclude": [
- "rjagiewich",
- "traya1",
- "rmca14",
- "claydetels19",
- "Kellylorenebaker",
- "jborsecnik",
- "tiburd",
- "AngelaMotherofDragons",
- "dstrome",
- "v-dihans",
- "garycentric"
- ],
- "titleSuffix": "Windows for Small to Midsize Business"
- },
- "fileMetadata": {},
- "template": [],
- "dest": "smb",
- "markdownEngineName": "markdig"
- }
-}
diff --git a/smb/includes/smb-content-updates.md b/smb/includes/smb-content-updates.md
deleted file mode 100644
index 4414b9e00b..0000000000
--- a/smb/includes/smb-content-updates.md
+++ /dev/null
@@ -1,11 +0,0 @@
-
-
-
-
-## Week of July 18, 2022
-
-
-| Published On |Topic title | Change |
-|------|------------|--------|
-| 7/22/2022 | Deploy and manage a full cloud IT solution for your business | removed |
-| 7/22/2022 | Windows 10/11 for small to midsize businesses | removed |
diff --git a/windows/client-management/mdm/laps-csp.md b/windows/client-management/mdm/laps-csp.md
index 9c383468c7..f5c69b2fcd 100644
--- a/windows/client-management/mdm/laps-csp.md
+++ b/windows/client-management/mdm/laps-csp.md
@@ -17,7 +17,7 @@ ms.date: 09/20/2022
The Local Administrator Password Solution (LAPS) configuration service provider (CSP) is used by the enterprise to manage back up of local administrator account passwords. This CSP was added in Windows 11 as of version 25145.
> [!IMPORTANT]
-> Windows LAPS is currently only available in Windows Insider builds as of 25145 and later. Support for the Windows LAPS Azure AD scenario is currently limited to a small group of Windows Insiders.
+> Windows LAPS currently is available only in [Windows 11 Insider Preview Build 25145 and later](/windows-insider/flight-hub/#active-development-builds-of-windows-11). Support for the Windows LAPS Azure Active Directory scenario is currently in private preview, and limited to a small number of customers who have a direct engagement with engineering. Once public preview is declared in 2023, all customers will be able to evaluate this AAD scenario.
> [!TIP]
> This article covers the specific technical details of the LAPS CSP. For more information about the scenarios in which the LAPS CSP would be used, see [Windows Local Administrator Password Solution](/windows-server/identity/laps/laps).
@@ -63,7 +63,7 @@ The LAPS CSP can be used to manage devices that are either joined to Azure AD or
|ResetPasswordStatus|Yes|Yes|
> [!IMPORTANT]
-> Windows supports a LAPS Group Policy Object that is entirely separate from the LAPS CSP. Many of the various settings are common across both the LAPS GPO and CSP (GPO does not support any of the Action-related settings). As long as at least one LAPS setting is configured via CSP, any GPO-configured settings will be ignored. Also see the TBD reference on LAPS policy configuration.
+> Windows supports a LAPS Group Policy Object that is entirely separate from the LAPS CSP. Many of the various settings are common across both the LAPS GPO and CSP (GPO does not support any of the Action-related settings). As long as at least one LAPS setting is configured via CSP, any GPO-configured settings will be ignored. Also see [Configure policy settings for Windows LAPS](/windows-server/identity/laps/laps-management-policy-settings).
## ./Device/Vendor/MSFT/LAPS
diff --git a/windows/configuration/lock-down-windows-10-to-specific-apps.md b/windows/configuration/lock-down-windows-10-to-specific-apps.md
index 235382fe70..4173a48861 100644
--- a/windows/configuration/lock-down-windows-10-to-specific-apps.md
+++ b/windows/configuration/lock-down-windows-10-to-specific-apps.md
@@ -576,7 +576,7 @@ These apps are in addition to any mixed reality apps that you allow.
After the admin has completed setup, the kiosk account can sign in and repeat the setup. The admin user may want to complete the kiosk user setup before providing the PC to employees or customers.
-There's a difference between the mixed reality experiences for a kiosk user and other users. Typically, when a user connects a mixed reality device, they begin in the [Mixed Reality home](https://developer.microsoft.com/windows/mixed-reality/navigating_the_windows_mixed_reality_home). The Mixed Reality home is a shell that runs in "silent" mode when the PC is configured as a kiosk. When a kiosk user connects a mixed reality device, they'll see only a blank display in the device, and won't have access to the features and functionality available in the home. To run a mixed reality app, the kiosk user must launch the app from the PC Start screen.
+There's a difference between the mixed reality experiences for a kiosk user and other users. Typically, when a user connects a mixed reality device, they begin in the [Mixed Reality home](/windows/mixed-reality/discover/navigating-the-windows-mixed-reality-home). The Mixed Reality home is a shell that runs in "silent" mode when the PC is configured as a kiosk. When a kiosk user connects a mixed reality device, they'll see only a blank display in the device, and won't have access to the features and functionality available in the home. To run a mixed reality app, the kiosk user must launch the app from the PC Start screen.
## Policies set by multi-app kiosk configuration
diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml
index 2356b68241..a732f8301a 100644
--- a/windows/deployment/TOC.yml
+++ b/windows/deployment/TOC.yml
@@ -184,11 +184,11 @@
href: update/deploy-updates-intune.md
- name: Monitor
items:
- - name: Windows Update for Business reports (preview)
+ - name: Windows Update for Business reports
items:
- name: Windows Update for Business reports overview
href: update/wufb-reports-overview.md
- - name: Enable Windows Update for Business reports (preview)
+ - name: Enable Windows Update for Business reports
items:
- name: Windows Update for Business reports prerequisites
href: update/wufb-reports-prerequisites.md
@@ -200,7 +200,7 @@
href: update/wufb-reports-configuration-manual.md
- name: Configure clients with Microsoft Intune
href: update/wufb-reports-configuration-intune.md
- - name: Use Windows Update for Business reports (preview)
+ - name: Use Windows Update for Business reports
items:
- name: Windows Update for Business reports workbook
href: update/wufb-reports-workbook.md
@@ -210,7 +210,7 @@
href: update/wufb-reports-use.md
- name: Feedback, support, and troubleshooting
href: update/wufb-reports-help.md
- - name: Windows Update for Business reports (preview) schema reference
+ - name: Windows Update for Business reports schema reference
items:
- name: Windows Update for Business reports schema reference
href: update/wufb-reports-schema.md
diff --git a/windows/deployment/update/wufb-reports-admin-center.md b/windows/deployment/update/wufb-reports-admin-center.md
index e8b2322c33..aff23a1e5b 100644
--- a/windows/deployment/update/wufb-reports-admin-center.md
+++ b/windows/deployment/update/wufb-reports-admin-center.md
@@ -9,7 +9,7 @@ ms.localizationpriority: medium
ms.collection:
- M365-analytics
ms.topic: article
-ms.date: 06/20/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
diff --git a/windows/deployment/update/wufb-reports-configuration-intune.md b/windows/deployment/update/wufb-reports-configuration-intune.md
index 571998d9b1..dd24c62801 100644
--- a/windows/deployment/update/wufb-reports-configuration-intune.md
+++ b/windows/deployment/update/wufb-reports-configuration-intune.md
@@ -9,11 +9,11 @@ ms.author: mstewart
ms.localizationpriority: medium
ms.collection: M365-analytics
ms.topic: article
-ms.date: 08/24/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Configuring Microsoft Intune devices for Windows Update for Business reports (preview)
+# Configuring Microsoft Intune devices for Windows Update for Business reports
***(Applies to: Windows 11 & Windows 10 managed by [Microsoft Intune](/mem/intune/fundamentals/what-is-intune)***
diff --git a/windows/deployment/update/wufb-reports-configuration-manual.md b/windows/deployment/update/wufb-reports-configuration-manual.md
index 7ce5722f77..c6e2de995b 100644
--- a/windows/deployment/update/wufb-reports-configuration-manual.md
+++ b/windows/deployment/update/wufb-reports-configuration-manual.md
@@ -9,11 +9,11 @@ ms.author: mstewart
ms.localizationpriority: medium
ms.collection: M365-analytics
ms.topic: article
-ms.date: 06/06/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Manually configuring devices for Windows Update for Business reports (preview)
+# Manually configuring devices for Windows Update for Business reports
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/deployment/update/wufb-reports-configuration-script.md b/windows/deployment/update/wufb-reports-configuration-script.md
index 56d4ccd30d..8b2c8fc543 100644
--- a/windows/deployment/update/wufb-reports-configuration-script.md
+++ b/windows/deployment/update/wufb-reports-configuration-script.md
@@ -9,11 +9,11 @@ ms.author: mstewart
ms.localizationpriority: medium
ms.collection: M365-analytics
ms.topic: article
-ms.date: 06/16/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Configuring devices through the Windows Update for Business reports (preview) configuration script
+# Configuring devices through the Windows Update for Business reports configuration script
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/deployment/update/wufb-reports-enable.md b/windows/deployment/update/wufb-reports-enable.md
index 6f1acf7aea..0da1af6746 100644
--- a/windows/deployment/update/wufb-reports-enable.md
+++ b/windows/deployment/update/wufb-reports-enable.md
@@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
-ms.date: 06/06/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Enable Windows Update for Business reports (preview)
+# Enable Windows Update for Business reports
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/deployment/update/wufb-reports-help.md b/windows/deployment/update/wufb-reports-help.md
index 719cb3b0e4..df48a582a8 100644
--- a/windows/deployment/update/wufb-reports-help.md
+++ b/windows/deployment/update/wufb-reports-help.md
@@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
-ms.date: 08/10/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Windows Update for Business reports (preview) feedback, support, and troubleshooting
+# Windows Update for Business reports feedback, support, and troubleshooting
***(Applies to: Windows 11 & Windows 10)***
@@ -51,9 +51,9 @@ You can open support requests directly from the Azure portal. If the **Help + S
- **Issue type** - ***Technical***
- **Subscription** - Select the subscription used for Windows Update for Business reports
- **Service** - ***My services***
- - **Service type** - ***Log Analytics***
- - **Problem type** - ***Solutions or Insights***
- - **Problem subtype** - ***Update Compliance***
+ - **Service type** - ***Monitoring and Management***
+ - **Problem type** - ***Windows Update for Business reports***
+
1. Based on the information you provided, you'll be shown some **Recommended solutions** you can use to try to resolve the problem.
1. Complete the **Additional details** tab and then create the request on the **Review + create** tab.
diff --git a/windows/deployment/update/wufb-reports-overview.md b/windows/deployment/update/wufb-reports-overview.md
index 960d5ade58..6315bbdd8c 100644
--- a/windows/deployment/update/wufb-reports-overview.md
+++ b/windows/deployment/update/wufb-reports-overview.md
@@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
-ms.date: 08/09/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Windows Update for Business reports (preview) overview
+# Windows Update for Business reports overview
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/deployment/update/wufb-reports-prerequisites.md b/windows/deployment/update/wufb-reports-prerequisites.md
index 06347a1910..d8b3d96e52 100644
--- a/windows/deployment/update/wufb-reports-prerequisites.md
+++ b/windows/deployment/update/wufb-reports-prerequisites.md
@@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
-ms.date: 06/30/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Windows Update for Business reports (preview) prerequisites
+# Windows Update for Business reports prerequisites
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/deployment/update/wufb-reports-schema.md b/windows/deployment/update/wufb-reports-schema.md
index cf7eb1c89c..8b2936c9bc 100644
--- a/windows/deployment/update/wufb-reports-schema.md
+++ b/windows/deployment/update/wufb-reports-schema.md
@@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: reference
-ms.date: 06/06/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Windows Update for Business reports (preview)schema
+# Windows Update for Business reports schema
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/deployment/update/wufb-reports-use.md b/windows/deployment/update/wufb-reports-use.md
index befe5a0d99..060f404688 100644
--- a/windows/deployment/update/wufb-reports-use.md
+++ b/windows/deployment/update/wufb-reports-use.md
@@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
-ms.date: 06/06/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Use Windows Update for Business reports (preview)
+# Use Windows Update for Business reports
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/deployment/update/wufb-reports-workbook.md b/windows/deployment/update/wufb-reports-workbook.md
index e81b473707..3d1083467a 100644
--- a/windows/deployment/update/wufb-reports-workbook.md
+++ b/windows/deployment/update/wufb-reports-workbook.md
@@ -8,11 +8,11 @@ author: mestew
ms.author: mstewart
ms.collection: M365-analytics
ms.topic: article
-ms.date: 10/24/2022
+ms.date: 11/15/2022
ms.technology: itpro-updates
---
-# Windows Update for Business reports (preview) workbook
+# Windows Update for Business reports workbook
***(Applies to: Windows 11 & Windows 10)***
diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
index ed5f5c0edc..85e91958b3 100644
--- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
+++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
@@ -6,7 +6,9 @@ author: paolomatarazzo
ms.author: paoloma
manager: aaroncz
ms.reviewer: prsriva
-ms.collection: M365-identity-device-management
+ms.collection:
+ - M365-identity-device-management
+ - ContentEngagementFY23
ms.topic: article
localizationpriority: medium
ms.date: 02/22/2021
diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.yml b/windows/security/identity-protection/hello-for-business/hello-faq.yml
index c43ef81413..919393f45a 100644
--- a/windows/security/identity-protection/hello-for-business/hello-faq.yml
+++ b/windows/security/identity-protection/hello-for-business/hello-faq.yml
@@ -3,8 +3,8 @@ metadata:
title: Windows Hello for Business Frequently Asked Questions (FAQ)
description: Use these frequently asked questions (FAQ) to learn important details about Windows Hello for Business.
keywords: identity, PIN, biometric, Hello, passport
- ms.prod: m365-security
- ms.mktglfcycl: deploy
+ ms.prod: windows-client
+ ms.technology: itpro-security
ms.sitesec: library
ms.pagetype: security, mobile
audience: ITPro
@@ -17,7 +17,7 @@ metadata:
- highpri
ms.topic: faq
localizationpriority: medium
- ms.date: 02/21/2022
+ ms.date: 11/11/2022
appliesto:
- ✅ Windows 10
- ✅ Windows 11
@@ -100,7 +100,7 @@ sections:
- question: Can I use an external Windows Hello compatible camera or other Windows Hello compatible accessory when my laptop lid is closed or docked?
answer: |
- Some laptops and tablets with keyboards that close may not use an external Windows Hello compatible camera or other Windows Hello compatible accessory when the computer is docked with the lid closed. The issue has been addressed in the latest Windows Insiders builds and will be available in the future version of Windows 11.
+ Some laptops and tablets with keyboards that close may not use an external Windows Hello compatible camera or other Windows Hello compatible accessory when the computer is docked with the lid closed. The issue has been addressed in Windows 11, version 22H2.
- question: Why does authentication fail immediately after provisioning hybrid key trust?
answer: |
diff --git a/windows/security/identity-protection/hello-for-business/index.yml b/windows/security/identity-protection/hello-for-business/index.yml
index 3907b4b422..0f14b0a619 100644
--- a/windows/security/identity-protection/hello-for-business/index.yml
+++ b/windows/security/identity-protection/hello-for-business/index.yml
@@ -6,7 +6,8 @@ summary: Learn how to manage and deploy Windows Hello for Business.
metadata:
title: Windows Hello for Business documentation
description: Learn how to manage and deploy Windows Hello for Business.
- ms.prod: m365-security
+ ms.prod: windows-client
+ ms.technology: itpro-security
ms.topic: landing-page
author: paolomatarazzo
ms.author: paoloma
diff --git a/windows/security/index.yml b/windows/security/index.yml
index bca2ee7b90..57d27d3093 100644
--- a/windows/security/index.yml
+++ b/windows/security/index.yml
@@ -6,8 +6,9 @@ summary: Built with Zero Trust principles at the core to safeguard data and acce
metadata:
title: Windows security # Required; page title displayed in search results. Include the brand. < 60 chars.
description: Learn about Windows security # Required; article description that is displayed in search results. < 160 chars.
- ms.topic: landing-page # Required
- ms.prod: windows
+ ms.topic: landing-page
+ ms.prod: windows-client
+ ms.technology: itpro-security
ms.collection:
- m365-security-compliance
- highpri
diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.yml b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
index 2c063bad24..71ed7b8d83 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.yml
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.yml
@@ -87,8 +87,6 @@
href: merge-windows-defender-application-control-policies.md
- name: Enforce WDAC policies
href: enforce-windows-defender-application-control-policies.md
- - name: Managing WDAC Policies with CI Tool
- href: citool-commands.md
- name: Use code signing to simplify application control for classic Windows applications
href: use-code-signing-to-simplify-application-control-for-classic-windows-applications.md
items:
@@ -117,6 +115,8 @@
href: operations/known-issues.md
- name: Managed installer and ISG technical reference and troubleshooting guide
href: configure-wdac-managed-installer.md
+ - name: Managing WDAC Policies with CI Tool
+ href: operations/citool-commands.md
- name: WDAC AppId Tagging guide
href: AppIdTagging/windows-defender-application-control-appid-tagging-guide.md
items:
diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md
index 9eb2d45bf5..c24b6295c9 100644
--- a/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md
+++ b/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md
@@ -11,10 +11,10 @@ ms.localizationpriority: medium
audience: ITPro
ms.collection: M365-security-compliance
author: jsuther1974
-ms.reviewer: isbrahm
+ms.reviewer: jogeurte
ms.author: vinpa
manager: aaroncz
-ms.date: 08/14/2020
+ms.date: 11/11/2022
ms.technology: itpro-security
---
@@ -29,21 +29,25 @@ ms.technology: itpro-security
>[!NOTE]
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](feature-availability.md).
-## Using fsutil to query SmartLocker EA
+## Enabling managed installer and Intelligent Security Graph (ISG) logging events
-Customers using Windows Defender Application Control (WDAC) with Managed Installer (MI) or Intelligent Security Graph (ISG) enabled can use fsutil to determine whether a file was allowed to run by one of these features. This verification can be done by querying the Extended Attributes (EAs) on a file using fsutil and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. The presence of this EA indicates that either MI or ISG allowed the file to run. This EA's presence can be used in conjunction with enabling the MI and ISG logging events.
+Refer to [Understanding Application Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events.
+
+## Using fsutil to query extended attributes for Managed Installer (MI)
+
+Customers using Windows Defender Application Control (WDAC) with Managed Installer (MI) enabled can use fsutil.exe to determine whether a file was created by a managed installer process. This verification is done by querying the Extended Attributes (EAs) on a file using fsutil.exe and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. Then, you can use the data from the first row of output to identify if the file was created by a managed installer. For example, let's look at the fsutil.exe output for a file called application.exe:
**Example:**
```powershell
-fsutil file queryEA C:\Users\Temp\Downloads\application.exe
+fsutil.exe file queryEA C:\Users\Temp\Downloads\application.exe
Extended Attributes (EA) information for file C:\Users\Temp\Downloads\application.exe:
Ea Buffer Offset: 410
Ea Name: $KERNEL.SMARTLOCKER.ORIGINCLAIM
Ea Value Length: 7e
-0000: 01 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 ................
+0000: 01 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 ................
0010: b2 ff 10 66 bc a8 47 c7 00 d9 56 9d 3d d4 20 2a ...f..G...V.=. *
0020: 63 a3 80 e2 d8 33 8e 77 e9 5c 8d b0 d5 a7 a3 11 c....3.w.\......
0030: 83 00 00 00 00 00 00 00 5c 00 00 00 43 00 3a 00 ........\...C.:.
@@ -53,40 +57,63 @@ Ea Value Length: 7e
0070: 44 00 6f 00 77 00 6e 00 6c 00 6f 00 61 00 64 i.c.a.t.i.o.n..e.x.e
```
-## Enabling managed installer logging events
+From the output shown above, find the first row of data labeled "0000:", which is then followed by 16 two-character sets. Every four sets form a group known as a ULONG. The two-character set at the front of the first ULONG will always be "01" as shown here:
-Refer to [Understanding Application Control Events](event-id-explanations.md#diagnostic-events-for-intelligent-security-graph-isg-and-managed-installer-mi) for information on enabling optional managed installer diagnostic events.
+0000: **`01` 00 00 00** 00 00 00 00 00 00 00 00 01 00 00 00
-## Deploying the Managed Installer rule collection
+If there is "00" in the fifth position of the output (the start of the second ULONG), that indicates the EA is related to managed installer:
-Once you've completed configuring your chosen Managed Installer, by specifying which option to use in the AppLocker policy, enabling the service enforcement of it, and by enabling the Managed Installer option in a WDAC policy, you'll need to deploy it.
+0000: 01 00 00 00 **`00` 00 00 00** 00 00 00 00 01 00 00 00
-1. Use the following command to deploy the policy.
+Finally, the two-character set in the ninth position of the output (the start of the third ULONG) indicates whether the file was created by a process running as managed installer. A value of "00" means the file was directly written by a managed installer process and will run if your WDAC policy trusts managed installers.
- ```powershell
- $policyFile=
- @"
- Raw_AppLocker_Policy_XML
- "@
- Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue
+0000: 01 00 00 00 00 00 00 00 **`00` 00 00 00** 01 00 00 00
+
+If instead the starting value for the third ULONG is "02", then that indicates a "child of child". "Child of child" is set on any files created by something that was installed by a managed installer. But, the file was created **after** the managed installer completed its work. So this file **wouldn't** be allowed to run unless there's some other rule in your policy to allow it.
+
+In rarer cases, you may see other values in this position, but that will also run if your policy trusts managed installer.
+
+## Using fsutil to query extended attributes for Intelligent Security Graph (ISG)
+
+When an installer runs that has good reputation according to the ISG, the files that the installer writes to disk will inherit the reputation from the installer. These files with ISG inherited trust will also have the KERNEL.SMARTLOCKER.ORIGINCLAIM EA set as described above for managed installers. You can identify that the EA was created by the ISG by looking for the value "01" in the fifth position of the output (the start of the second ULONG) from fsutil:
+
+0000: 01 00 00 00 **`01` 00 00 00** 00 00 00 00 01 00 00 00
+
+## More troubleshooting steps for Managed Installer and ISG
+
+Both managed installer and the ISG depend on AppLocker to provide some functionality. Use the following steps to confirm that AppLocker is configured and running correctly.
+
+1. Check that AppLocker services are running. From an elevated PowerShell window, run the following and confirm the STATE shows as RUNNING for both appidsvc and AppLockerFltr:
+
+ ```powershell
+ sc.exe query appidsvc
+ SERVICE_NAME: appidsvc
+ TYPE : 30 WIN32
+ STATE : 4 RUNNING
+ (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
+ WIN32_EXIT_CODE : 0 (0x0)
+ SERVICE_EXIT_CODE : 0 (0x0)
+ CHECKPOINT : 0x0
+ WAIT_HINT : 0x0
+ sc.exe query AppLockerFltr
+ SERVICE_NAME: applockerfltr
+ TYPE : 1 KERNEL_DRIVER
+ STATE : 4 RUNNING
+ (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
+ WIN32_EXIT_CODE : 0 (0x0)
+ SERVICE_EXIT_CODE : 0 (0x0)
+ CHECKPOINT : 0x0
+ WAIT_HINT : 0x0
```
-2. Verify Deployment of the ruleset was successful
+ If not, run *appidtel start* from the elevated PowerShell window and check again.
+
+2. For managed installer, check for AppCache.dat and other *.AppLocker files created under %windir%\System32\AppLocker. There should minimally be a ".AppLocker" file created for each of EXE, DLL, and MANAGEDINSTALLER rule collections. If you don't see these files created, proceed to the next step to confirm the AppLocker policy has been correctly applied.
+
+3. For managed installer troubleshooting, check that the AppLocker effective policy is correct. From an elevated PowerShell window:
```powershell
- Get-AppLockerPolicy -Local
-
- Version RuleCollections RuleCollectionTypes
- ------- --------------- -------------------
- 1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...}
+ Get-AppLockerPolicy -Effective -XML > $env:USERPROFILE\Desktop\AppLocker.xml
```
- Verify the output shows the ManagedInstaller rule set.
-
-3. Get the policy XML (optional) using PowerShell:
-
- ```powershell
- Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue
- ```
-
- This command will show the raw XML to verify the individual rules that were set.
+ Then open the XML file created and confirm it contains the rules you expect. In particular, the policy should include at least one rule for each of the EXE, DLL, and MANAGEDINSTALLER RuleCollections. The RuleCollections can either be set to AuditOnly or Enabled. Additionally, the EXE and DLL RuleCollections must include the RuleCollectionExtensions configuration as shown in [Automatically allow apps deployed by a managed installer with Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer#create-and-deploy-an-applocker-policy-that-defines-your-managed-installer-rules-and-enables-services-enforcement-for-executables-and-dlls).
diff --git a/windows/security/threat-protection/windows-defender-application-control/citool-commands.md b/windows/security/threat-protection/windows-defender-application-control/operations/citool-commands.md
similarity index 100%
rename from windows/security/threat-protection/windows-defender-application-control/citool-commands.md
rename to windows/security/threat-protection/windows-defender-application-control/operations/citool-commands.md
diff --git a/windows/whats-new/TOC.yml b/windows/whats-new/TOC.yml
index 6a59ce9b38..5c5fc54974 100644
--- a/windows/whats-new/TOC.yml
+++ b/windows/whats-new/TOC.yml
@@ -12,10 +12,12 @@
- name: Prepare for Windows 11
href: windows-11-prepare.md
- name: What's new in Windows 11, version 22H2
- href: whats-new-windows-11-version-22h2.md
+ href: whats-new-windows-11-version-22h2.md
- name: Windows 10
expanded: true
items:
+ - name: What's new in Windows 10, version 22H2
+ href: whats-new-windows-10-version-22H2.md
- name: What's new in Windows 10, version 21H2
href: whats-new-windows-10-version-21H2.md
- name: What's new in Windows 10, version 21H1
diff --git a/windows/whats-new/index.yml b/windows/whats-new/index.yml
index 3d11bd96e3..0396341be3 100644
--- a/windows/whats-new/index.yml
+++ b/windows/whats-new/index.yml
@@ -1,22 +1,20 @@
### YamlMime:Landing
title: What's new in Windows
-summary: Find out about new features and capabilities in the latest release of Windows 10 and Windows 11.
+summary: Find out about new features and capabilities in the latest release of Windows client for IT professionals.
metadata:
title: What's new in Windows
- description: Find out about new features and capabilities in the latest release of Windows 10 and Windows 11.
- services: windows-10
- ms.service: windows-10
- ms.subservice: subservice
+ description: Find out about new features and capabilities in the latest release of Windows client for IT professionals.
+ ms.prod: windows-client
+ ms.technology: itpro-fundamentals
ms.topic: landing-page
ms.collection:
- - windows-10
- highpri
author: aczechowski
ms.author: aaroncz
manager: dougeby
- ms.date: 06/03/2022
+ ms.date: 11/14/2022
localization_priority: medium
landingContent:
@@ -38,12 +36,12 @@ landingContent:
linkLists:
- linkListType: overview
links:
+ - text: What's new in Windows 10, version 22H2
+ url: whats-new-windows-10-version-22h2.md
- text: What's new in Windows 10, version 21H2
url: whats-new-windows-10-version-21h2.md
- text: What's new in Windows 10, version 21H1
url: whats-new-windows-10-version-21h1.md
- - text: What's new in Windows 10, version 20H2
- url: whats-new-windows-10-version-20h2.md
- title: Learn more
linkLists:
@@ -54,14 +52,14 @@ landingContent:
- text: Windows release health dashboard
url: /windows/release-health/
- text: Windows 11 update history
- url: https://support.microsoft.com/topic/windows-11-update-history-a19cd327-b57f-44b9-84e0-26ced7109ba9
+ url: https://support.microsoft.com/topic/windows-11-version-22h2-update-history-ec4229c3-9c5f-4e75-9d6d-9025ab70fcce
- text: Windows 10 update history
url: https://support.microsoft.com/topic/windows-10-update-history-857b8ccb-71e4-49e5-b3f6-7073197d98fb
- - text: Windows 10 features we're no longer developing
+ - text: Windows features we're no longer developing
url: /windows/deployment/planning/windows-10-deprecated-features
- - text: Features and functionality removed in Windows 10
+ - text: Features and functionality removed in Windows
url: /windows/deployment/planning/windows-10-removed-features
- - text: Compare Windows 10 Editions
- url: https://www.microsoft.com/windowsforbusiness/compare
+ - text: Compare Windows 11 Editions
+ url: https://www.microsoft.com/windows/business/compare-windows-11
- text: Windows 10 Enterprise LTSC
url: ltsc/index.md
diff --git a/windows/whats-new/whats-new-windows-10-version-22H2.md b/windows/whats-new/whats-new-windows-10-version-22H2.md
new file mode 100644
index 0000000000..19a2bb9c46
--- /dev/null
+++ b/windows/whats-new/whats-new-windows-10-version-22H2.md
@@ -0,0 +1,38 @@
+---
+title: What's new in Windows 10, version 22H2 for IT pros
+description: Learn more about what's new in Windows 10, version 22H2, including how to get it.
+ms.prod: windows-client
+ms.technology: itpro-fundamentals
+ms.author: mstewart
+author: mestew
+manager: dougeby
+ms.localizationpriority: medium
+ms.topic: overview
+ms.date: 10/18/2022
+---
+
+# What's new in Windows 10, version 22H2
+
+
+
+Windows 10, version 22H2 is a feature update for Windows 10. It's a scoped release focused on quality improvements to the overall Windows experience in existing feature areas. It includes all previous cumulative updates to Windows 10, version 21H2. This article is for IT professionals, it lists information about this release that you should know.
+
+Windows 10, version 22H2 is an [H2-targeted release](/lifecycle/faq/windows#what-is-the-servicing-timeline-for-a-version--feature-update--of-windows-10-), and has the following servicing schedule:
+
+- **Windows 10 Professional**: Serviced for 18 months from the release date.
+- **Windows 10 Enterprise**: Serviced for 30 months from the release date.
+
+Windows 10, version 22H2 is available through Windows Server Update Services including Configuration Manager, Windows Update for Business, and the Volume Licensing Service Center (VLSC). For more information, see [How to get the Windows 10 2022 Update](https://blogs.windows.com/windowsexperience/2022/10/18/how-to-get-the-windows-10-2022-update/).
+
+Devices running earlier supported versions of Windows 10 can update to version 22H2 using an enablement package. For more information, see [Feature update to Windows 10, version 22H2 by using an enablement package](https://support.microsoft.com/topic/kb5015684-featured-update-to-windows-10-version-22h2-by-using-an-enablement-package-09d43632-f438-47b5-985e-d6fd704eee61).
+
+To learn more about the status of the Windows 10, version 22H2 rollout, known issues, and build information, see [Windows 10 release information](/windows/release-health/release-information).
+
+For more information about updated tools to support this release, see [IT tools to support Windows 10, version 22H2](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/it-tools-to-support-windows-10-version-22h2/ba-p/3655750).
+
+The Windows 10, version 22H2 feature update is installed as part of the general availability channel. Quality updates are still installed monthly on patch Tuesday.
+
+For more information, see:
+
+- [Feature and quality update definitions](/windows/deployment/update/waas-quick-start#definitions)
+- [Windows servicing channels](/windows/deployment/update/waas-overview#servicing-channels)