diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 85b9e8d303..f3234c0e64 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -1,5 +1,15 @@
{
"redirections": [
+{
+ "source_path": "windows/deployment/update/waas-windows-insider-for-business-aad.md",
+ "redirect_url": "https://docs.microsoft.com/en-us/windows-insider/at-work-pro/wip-4-biz-add",
+ "redirect_document_id": true
+ },
+{
+ "source_path": "windows/deployment/update/waas-windows-insider-for-business-faq.md",
+ "redirect_url": "https://docs.microsoft.com/en-us/windows-insider/at-work-pro/wip-4-biz-get-started",
+ "redirect_document_id": true
+},
{
"source_path": "windows/deployment/update/waas-windows-insider-for-business.md",
"redirect_url": "/windows-insider/at-work-pro/wip-4-biz-get-started",
@@ -13491,11 +13501,6 @@
"redirect_document_id": true
},
{
-"source_path": "windows/update/waas-windows-insider-for-business-faq.md",
-"redirect_url": "/windows/deployment/update/waas-windows-insider-for-business-faq",
-"redirect_document_id": true
-},
-{
"source_path": "windows/update/waas-windows-insider-for-business.md",
"redirect_url": "/windows/deployment/update/waas-windows-insider-for-business",
"redirect_document_id": true
diff --git a/browsers/edge/Index.md b/browsers/edge/Index.md
index 214a02e1d0..f8a80c7b8d 100644
--- a/browsers/edge/Index.md
+++ b/browsers/edge/Index.md
@@ -37,7 +37,6 @@ Microsoft Edge lets you stay up-to-date through the Microsoft Store and to manag
| [Microsoft Edge requirements and language support](hardware-and-software-requirements.md) |Microsoft Edge is pre-installed on all Windows 10-capable devices that meet the minimum system requirements and are on the supported language list.|
| [Available policies for Microsoft Edge](available-policies.md) |Microsoft Edge works with Group Policy and Microsoft Intune to help you manage your organization's computer settings.
Group Policy objects (GPO's) can include registry-based Administrative Template policy settings, security settings, software deployment information, scripts, folder redirection, and preferences. By using Group Policy and Intune, you can set up a policy setting once, and then copy that setting onto many computers. For example, you can set up multiple security settings in a GPO that's linked to a domain, and then apply all of those settings to every computer in the domain. |
| [Use Enterprise Mode to improve compatibility](emie-to-improve-compatibility.md) |If you have specific web sites and apps that you know have compatibility problems with Microsoft Edge, you can use the Enterprise Mode site list so that the web sites will automatically open using Internet Explorer 11. Additionally, if you know that your intranet sites aren't going to work properly with Microsoft Edge, you can set all intranet sites to automatically open using IE11.
Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11. |
-| [Security enhancements for Microsoft Edge](security-enhancements-microsoft-edge.md) |Microsoft Edge is designed with significant security improvements over existing browsers, helping to defend people from increasingly sophisticated and prevalent web-based attacks against Windows. |
|[Microsoft Edge Frequently Asked Questions (FAQs)](microsoft-edge-faq.md)|Answering frequently asked questions about Microsoft Edge features, integration, support, and potential problems.
## Interoperability goals and enterprise guidance
diff --git a/browsers/edge/TOC.md b/browsers/edge/TOC.md
index cc22c085d6..21eef4d813 100644
--- a/browsers/edge/TOC.md
+++ b/browsers/edge/TOC.md
@@ -8,21 +8,19 @@
###[Home button settings](group-policies/home-button-gp.md)
###[Prelaunch Microsoft Edge and preload tabs](group-policies/prelaunch-preload-gp.md)
###[Search engine customization](group-policies/search-engine-customization-gp.md)
+###[Security and privacy management](group-policies/security-privacy-management-gp.md)
###[Start pages settings](group-policies/start-pages-gp.md)
###[Sync browser settings](group-policies/sync-browser-settings-gp.md)
-
+###[Interoperability and enterprise guidance](group-policies/interoperability-enterprise-guidance-gp.md)
##[Change history for Microsoft Edge](change-history-for-microsoft-edge.md)
-##[Enterprise guidance about using Microsoft Edge and Internet Explorer 11](enterprise-guidance-using-microsoft-edge-and-ie11.md)
-
##[Microsoft Edge requirements and language support](hardware-and-software-requirements.md)
##[Available policies for Microsoft Edge](available-policies.md)
##[Use Enterprise Mode to improve compatibility](emie-to-improve-compatibility.md)
-##[Security enhancements for Microsoft Edge](security-enhancements-microsoft-edge.md)
-
##[Microsoft Edge Frequently Asked Questions (FAQs)](microsoft-edge-faq.md)
+
diff --git a/browsers/edge/group-policies/address-bar-settings-gp.md b/browsers/edge/group-policies/address-bar-settings-gp.md
new file mode 100644
index 0000000000..7fe1afeed2
--- /dev/null
+++ b/browsers/edge/group-policies/address-bar-settings-gp.md
@@ -0,0 +1,23 @@
+---
+title: Microsoft Edge - Address bar settings
+description: 115-145 characters including spaces. Edit the intro para describing article intent to fit here. This abstract displays in the search result.
+services:
+keywords: Don’t add or edit keywords without consulting your SEO champ.
+author: shortpatti
+ms.author: pashort
+ms.date: 07/25/2018
+ms.topic: article
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Address bar settings
+>*Supported versions: Microsoft Edge on Windows 10*
+
+I need a description here
+
+
+[!INCLUDE [allow-address-bar-suggestions-include](../includes/allow-address-bar-suggestions-include.md)]
+
+[!INCLUDE [configure-search-suggestions-address-bar-include](../includes/configure-search-suggestions-address-bar-include.md)]
\ No newline at end of file
diff --git a/browsers/edge/group-policies/adobe-settings-gp.md b/browsers/edge/group-policies/adobe-settings-gp.md
new file mode 100644
index 0000000000..f910a747dd
--- /dev/null
+++ b/browsers/edge/group-policies/adobe-settings-gp.md
@@ -0,0 +1,24 @@
+---
+title: Microsoft Edge - Adobe settings
+description: 115-145 characters including spaces. Edit the intro para describing article intent to fit here. This abstract displays in the search result.
+services:
+keywords: Don’t add or edit keywords without consulting your SEO champ.
+author: shortpatti
+ms.author: pashort
+ms.date: 07/25/2018
+ms.topic: article
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Adobe settings
+>*Supported versions: Microsoft Edge on Windows 10*
+
+I need a description here, maybe with scenarios
+
+[!INCLUDE [allow-adobe-flash-include](../includes/allow-adobe-flash-include.md)]
+
+
+[!INCLUDE [configure-adobe-flash-click-to-run-include](../includes/configure-adobe-flash-click-to-run-include.md)]
+
diff --git a/browsers/edge/group-policies/books-library-management-gp.md b/browsers/edge/group-policies/books-library-management-gp.md
new file mode 100644
index 0000000000..95761893b2
--- /dev/null
+++ b/browsers/edge/group-policies/books-library-management-gp.md
@@ -0,0 +1,27 @@
+---
+title: Microsoft Edge - Books Library management
+description: 115-145 characters including spaces. Edit the intro para describing article intent to fit here. This abstract displays in the search result.
+services:
+keywords: Don’t add or edit keywords without consulting your SEO champ.
+author: shortpatti
+ms.author: pashort
+ms.date: 07/25/2018
+ms.topic: article
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Books Library management
+>*Supported versions: Microsoft Edge on Windows 10*
+
+I need a description here, maybe with scenarios
+
+
+[!INCLUDE [allow-shared-folder-books-include](../includes/allow-shared-folder-books-include.md)]
+
+[!INCLUDE [allow-config-updates-books-include](../includes/allow-config-updates-books-include.md)]
+
+[!INCLUDE [allow-ext-telemetry-books-tab-include](../includes/allow-ext-telemetry-books-tab-include.md)]
+
+[!INCLUDE [always-enable-book-library-include](../includes/always-enable-book-library-include.md)]
\ No newline at end of file
diff --git a/browsers/edge/group-policies/bowser-settings-management-gp.md b/browsers/edge/group-policies/bowser-settings-management-gp.md
new file mode 100644
index 0000000000..e38cacbf4c
--- /dev/null
+++ b/browsers/edge/group-policies/bowser-settings-management-gp.md
@@ -0,0 +1,47 @@
+---
+title: Microsoft Edge - Browser settings management
+description: 115-145 characters including spaces. Edit the intro para describing article intent to fit here. This abstract displays in the search result.
+services:
+keywords: Don’t add or edit keywords without consulting your SEO champ.
+author: shortpatti
+ms.author: pashort
+ms.date: 07/25/2018
+ms.topic: article
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Browser settings management
+>*Supported versions: Microsoft Edge on Windows 10*
+
+I need a description here, maybe with scenarios
+
+
+
+## Allow clearing browsing data on exit
+[!INCLUDE [allow-clearing-browsing-data-include](../includes/allow-clearing-browsing-data-include.md)]
+
+## Allow printing
+[!INCLUDE [allow-printing-include](../includes/allow-printing-include.md)]
+
+## Allow Saving History
+[!INCLUDE [allow-saving-history-include](../includes/allow-saving-history-include.md)]
+
+## Configure Autofill
+[!INCLUDE [configure-autofill-include](../includes/configure-autofill-include.md)]
+
+## Configure Pop-up Blocker
+[!INCLUDE [configure-pop-up-blocker-include](../includes/configure-pop-up-blocker-include.md)]
+
+## Do not sync
+[!INCLUDE [do-not-sync-include](../includes/do-not-sync-include.md)]
+
+## Do not sync browser settings
+[!INCLUDE [do-not-sync-browser-settings-include](../includes/do-not-sync-browser-settings-include.md)]
+
+## Prevent users from turning on browser syncing
+[!INCLUDE [prevent-users-to-turn-on-browser-syncing-include](../includes/prevent-users-to-turn-on-browser-syncing-include.md)]
+
+
+
diff --git a/browsers/edge/group-policies/browser-telemetry-gp.md b/browsers/edge/group-policies/browser-telemetry-gp.md
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/browsers/edge/group-policies/developer-settings-gp.md b/browsers/edge/group-policies/developer-settings-gp.md
new file mode 100644
index 0000000000..22cdbb9c06
--- /dev/null
+++ b/browsers/edge/group-policies/developer-settings-gp.md
@@ -0,0 +1,24 @@
+---
+title: Microsoft Edge - Developer settings
+description: 115-145 characters including spaces. Edit the intro para describing article intent to fit here. This abstract displays in the search result.
+services:
+keywords: Don’t add or edit keywords without consulting your SEO champ.
+author: shortpatti
+ms.author: pashort
+ms.date: 07/25/2018
+ms.topic: article
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Developer settings
+>*Supported versions: Microsoft Edge on Windows 10*
+
+I need a description here, maybe with scenarios
+
+## Allow Developer Tools
+[!INCLUDE [allow-dev-tools-include](../includes/allow-dev-tools-include.md)]
+
+## Prevent access to the about:flags page
+[!INCLUDE [prevent-access-about-flag-include](../includes/prevent-access-about-flag-include.md)]
diff --git a/browsers/edge/group-policies/enterprise-mode-gp.md b/browsers/edge/group-policies/enterprise-mode-gp.md
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/browsers/edge/group-policies/extensions-gp.md b/browsers/edge/group-policies/extensions-gp.md
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/browsers/edge/group-policies/extensions-management-gp.md b/browsers/edge/group-policies/extensions-management-gp.md
new file mode 100644
index 0000000000..0d236f343b
--- /dev/null
+++ b/browsers/edge/group-policies/extensions-management-gp.md
@@ -0,0 +1,27 @@
+---
+title: Microsoft Edge - Extensions management
+description: 115-145 characters including spaces. Edit the intro para describing article intent to fit here. This abstract displays in the search result.
+services:
+keywords: Don’t add or edit keywords without consulting your SEO champ.
+author: shortpatti
+ms.author: pashort
+ms.date: 07/25/2018
+ms.topic: article
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Extensions management
+>*Supported versions: Microsoft Edge on Windows 10*
+
+I need a description here, maybe with scenarios
+
+## Allow Extensions
+[!INCLUDE [allow-extensions-include](../includes/allow-extensions-include.md)]
+
+## Allow sideloading of extensions
+[!INCLUDE [allow-sideloading-extensions-include](../includes/allow-sideloading-extensions-include.md)]
+
+## Prevent turning off required extensions
+[!INCLUDE [prevent-turning-off-required-extensions-include](../includes/prevent-turning-off-required-extensions-include.md)]
diff --git a/browsers/edge/group-policies/favorites-bar-gp.md b/browsers/edge/group-policies/favorites-bar-gp.md
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/browsers/edge/group-policies/favorites-management-gp.md b/browsers/edge/group-policies/favorites-management-gp.md
new file mode 100644
index 0000000000..8f9645dee1
--- /dev/null
+++ b/browsers/edge/group-policies/favorites-management-gp.md
@@ -0,0 +1,31 @@
+---
+title: Microsoft Edge - Favorites management
+description: 115-145 characters including spaces. Edit the intro para describing article intent to fit here. This abstract displays in the search result.
+services:
+keywords: Don’t add or edit keywords without consulting your SEO champ.
+author: shortpatti
+ms.author: pashort
+ms.date: 07/25/2018
+ms.topic: article
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Favorites management
+>*Supported versions: Microsoft Edge on Windows 10*
+
+I need a description here, maybe with scenarios
+
+
+## Configure Favorites Bar
+[!INCLUDE [configure-favorites-bar-include](../includes/configure-favorites-bar-include.md)]
+
+## Keep favorites in sync between Internet Explorer and Microsoft Edge
+[!INCLUDE [keep-fav-sync-ie-edge-include](../includes/keep-fav-sync-ie-edge-include.md)]
+
+## Prevent changes to Favorites on Microsoft Edge
+[!INCLUDE [prevent-changes-to-favorites-include](../includes/prevent-changes-to-favorites-include.md)]
+
+## Provision Favorites
+[!INCLUDE [provision-favorites-shortdesc](../shortdesc/provision-favorites-shortdesc.md)]
\ No newline at end of file
diff --git a/browsers/edge/group-policies/home-button-gp.md b/browsers/edge/group-policies/home-button-gp.md
index 86776faa7a..442126a454 100644
--- a/browsers/edge/group-policies/home-button-gp.md
+++ b/browsers/edge/group-policies/home-button-gp.md
@@ -4,9 +4,14 @@ description: Microsoft Edge shows the home button and by clicking it the Start p
ms.author: pashort
author: shortpatti
ms.date: 07/23/2018
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
---
# Home button configuration options
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
+
Microsoft Edge shows the home button and by clicking it the Start page loads by default. You can configure the Home button to load the New tab page or a URL defined in the Set Home button URL policy. You can also configure Microsoft Edge to hide the home button.
## Policies
diff --git a/browsers/edge/group-policies/interoperability-enterprise-guidance-gp.md b/browsers/edge/group-policies/interoperability-enterprise-guidance-gp.md
new file mode 100644
index 0000000000..760bd9aeee
--- /dev/null
+++ b/browsers/edge/group-policies/interoperability-enterprise-guidance-gp.md
@@ -0,0 +1,41 @@
+---
+title: Microsoft Edge - Interoperability and enterprise guidance
+description:
+ms.author: pashort
+author: shortpatti
+ms.date: 07/23/2018
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
+---
+
+# Interoperability and enterprise guidance
+>*Supported versions: Microsoft Edge on Windows 10*
+
+If you have specific websites and apps that you know have compatibility problems with Microsoft Edge, you can use the Enterprise Mode site list so that the websites automatically open using Internet Explorer 11. Additionally, if you know that your intranet sites aren't going to work correctly with Microsoft Edge, you can set all intranet sites to open using IE11 automatically.
+
+Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11.
+
+
+**Policies**
+
+1. [Configure the Enterprise Mode Site List](#configure-the-enterprise-mode-site-list)
+2. [Send all intranet sites to Internet Explorer 11](#send-all-intranet-sites-to-internet-explorer-11)
+3. [Show message when opening sites in Internet Explorer](#show-message-when-opening-sites-in-internet-explorer)
+4. [(IE11 policy) Send all sites not included in the Enterprise Mode Site List to Microsoft Edge](#ie11-policy-send-all-sites-not-included-in-the-enterprise-mode-site-list-to-microsoft-edge)
+
+
+
+
+
+## Configure the Enterprise Mode Site List
+[!INCLUDE [configure-enterprise-mode-site-list-include](../includes/configure-enterprise-mode-site-list-include.md)]
+
+## Send all intranet sites to Internet Explorer 11
+[!INCLUDE [send-all-intranet-sites-ie-include](../includes/send-all-intranet-sites-ie-include.md)]
+
+## Show message when opening sites in Internet Explorer
+[!INCLUDE [show-message-opening-sites-ie-include](../includes/show-message-opening-sites-ie-include.md)]
+
+## (IE11 policy) Send all sites not included in the Enterprise Mode Site List to Microsoft Edge
+[!INCLUDE [ie11-send-all-sites-not-in-site-list-include](../includes/ie11-send-all-sites-not-in-site-list-include.md)]
\ No newline at end of file
diff --git a/browsers/edge/group-policies/kiosk-mode-gp.md b/browsers/edge/group-policies/kiosk-mode-gp.md
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/browsers/edge/group-policies/new-tab-page-gp.md b/browsers/edge/group-policies/new-tab-page-settings-gp.md
similarity index 67%
rename from browsers/edge/group-policies/new-tab-page-gp.md
rename to browsers/edge/group-policies/new-tab-page-settings-gp.md
index 9f5dcc2823..c9058539c8 100644
--- a/browsers/edge/group-policies/new-tab-page-gp.md
+++ b/browsers/edge/group-policies/new-tab-page-settings-gp.md
@@ -1,17 +1,21 @@
---
-title: New tab page
+title: Microsoft Edge - New tab page
description: Microsoft Edge loads the default New tab page by default. You can configure Microsoft Edge to load a New tab page URL and prevent users from changing it.
ms.author: pashort
author: shortpatti
-ms.date: 07/20/2018
+ms.date: 07/25/2018
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
---
-
-
-
# New tab page
+>*Supported versions: Microsoft Edge on Windows 10*
+
Microsoft Edge loads the default New tab page by default. You can configure Microsoft Edge to load a New tab page URL and prevent users from changing it. When you enable this policy, and you disable the Allow web content on New tab page policy, Microsoft Edge ignores any URL specified in this policy and opens about:blank.
-Policy: Set New Tab page URL
\ No newline at end of file
+
+## Set New Tab page URL
+[!INCLUDE [set-new-tab-url-include](../includes/set-new-tab-url-include.md)]
\ No newline at end of file
diff --git a/browsers/edge/group-policies/open-sites-in-ie11-gp.md b/browsers/edge/group-policies/open-sites-in-ie11-gp.md
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/browsers/edge/group-policies/prelaunch-preload-gp.md b/browsers/edge/group-policies/prelaunch-preload-gp.md
index 1443c06e6a..7cb69d09f4 100644
--- a/browsers/edge/group-policies/prelaunch-preload-gp.md
+++ b/browsers/edge/group-policies/prelaunch-preload-gp.md
@@ -3,10 +3,12 @@ title: Microsoft Edge - Prelaunch and tab preload configuration options
description: Microsoft Edge pre-launches as a background process during Windows startup when the system is idle waiting to be launched by the user. Pre-launching helps the performance of Microsoft Edge and minimizes the amount of time required to start up Microsoft Edge.
ms.author: pashort
author: shortpatti
-ms.date: 07/23/2018
+ms.date: 07/25/2018
---
# Prelaunch Microsoft Edge and preload tabs in the background
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
+
Microsoft Edge pre-launches as a background process during Windows startup when the system is idle waiting to be launched by the user. Pre-launching helps the performance of Microsoft Edge and minimizes the amount of time required to start up Microsoft Edge. You can also configure Microsoft Edge to prevent Microsoft Edge from pre-launching.
@@ -14,9 +16,11 @@ Additionally, Microsoft Edge preloads the Start and New tab pages during Windows
## Policies
+
+- [Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed](../new-policies.md#allow-microsoft-edge-to-pre-launch-at-windows-startup-when-the-system-is-idle-and-each-time-microsoft-edge-is-closed)
+
- [Allow Microsoft Edge to start and load the Start and New Tab page at Windows startup and each time Microsoft Edge is closed](../new-policies.md#allow-microsoft-edge-to-start-and-load-the-start-and-new-tab-page-at-windows-startup-and-each-time-microsoft-edge-is-closed)
-- [Allow Prelaunch ](../new-policies.md#allow-prelaunch)
## Configuration options
diff --git a/browsers/edge/group-policies/printing-gp.md b/browsers/edge/group-policies/printing-gp.md
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/browsers/edge/group-policies/search-engine-customization-gp.md b/browsers/edge/group-policies/search-engine-customization-gp.md
index d4343d0362..cc58a01261 100644
--- a/browsers/edge/group-policies/search-engine-customization-gp.md
+++ b/browsers/edge/group-policies/search-engine-customization-gp.md
@@ -3,26 +3,29 @@ title: Microsoft Edge - Search engine customization
description: By default, Microsoft Edge uses the default search engine specified in App settings, which lets users make changes to it. You can configure Microsoft Edge to use the policy-set search engine specified in the OpenSearch XML file.
ms.author: pashort
author: shortpatti
-ms.date: 07/23/2018
+ms.date: 07/25/2018
---
# Search engine customization
By default, Microsoft Edge uses the default search engine specified in App settings, which lets users make changes to it. You can configure Microsoft Edge to use the policy-set search engine specified in the OpenSearch XML file. You can also prevent users from making changes to the search engine settings.
+**Policies**
-## Policies
+- [Set default search engine](#set-default-search-engine)
+- [Allow search engine customization](#allow-search-engine-customization)
+- [Configure additional search engines](#configure-additional-search-engines)
-- [Set default search engine](../available-policies.md#set-default-search-engine)
-
-- [Allow web content on New Tab page](../available-policies.md#allow-web-content-on-new-tab-page)
-
-- [Configure additional search engines](../available-policies.md#configure-additional-search-engines)
-
-
-## Configuration options
+## Set default search engine
+[!INCLUDE [set-default-search-engine-include](../includes/set-default-search-engine-include.md)]
+
+## Allow search engine customization
+[!INCLUDE [allow-search-engine-customization-include](../includes/allow-search-engine-customization-include.md)]
+
+## Configure additional search engines
+[!INCLUDE [configure-additional-search-engines-include](../includes/configure-additional-search-engines-include.md)]
diff --git a/browsers/edge/group-policies/security-privacy-management-gp.md b/browsers/edge/group-policies/security-privacy-management-gp.md
new file mode 100644
index 0000000000..6b576d712b
--- /dev/null
+++ b/browsers/edge/group-policies/security-privacy-management-gp.md
@@ -0,0 +1,48 @@
+---
+title: Microsoft Edge - Security and privacy management
+description: Microsoft Edge helps to defend from increasingly sophisticated and prevalent web-based attacks against Windows. While most websites are safe, some sites have been designed to steal personal information or gain access to your system’s resources.
+ms.author: pashort
+author: shortpatti
+ms.date: 07/25/2018
+---
+
+# Security and privacy management
+>*Supported versions: Microsoft Edge on Windows 10*
+
+Microsoft Edge helps to defend from increasingly sophisticated and prevalent web-based attacks against Windows. While most websites are safe, some sites are malicious in nature, like stealing personal information or gain access to your system’s resources. By no longer supporting VBScript, JScript, VML, Browser Helper Objects, Toolbars, ActiveX controls, and Internet Explorer document modes, Microsoft Edge significantly reduces attacks making the browser more secure.
+
+
+| | |
+|---|---|
+| **Windows Hello** | Authenticates the user and the website with asymmetric cryptography. |
+| **Microsoft SmartScreen** | Defends against phishing by performing reputation checks on sites visited and blocking any site that is thought to be a phishing site. SmartScreen also helps to defend against installing malicious software or file downloads, even from trusted sites. |
+| **Certificate Reputation system** | Collects data about certificates in use, detecting new certificates and flagging fraudulent certificates automatically. |
+| **Microsoft EdgeHTML** | Defends against hacking through the following security standards features:- Support for the W3C standard for Content Security Policy (CSP), which helps web developers defend their sites against cross-site scripting attacks.
- Support for the HTTP Strict Transport Security (HSTS) feature, which is IETF-standard compliant, and helps to ensure that connections to sites are always secure.
|
+| **Code integrity and image loading restrictions** | Prevents malicious DLLs from loading or injecting into the content processes. Only signed images are allowed to load in Microsoft Edge. Binaries on remote devices (such as UNC or WebDAV) can't load. |
+| **Memory corruption mitigations** | Defends against memory corruption weaknesses and vulnerabilities with the use of [CWE-416: Use After Free](http://cwe.mitre.org/data/definitions/416.html) (UAF). |
+| **Memory Garbage Collector (MemGC) mitigation** | Replaces Memory Protector and helps to defend the browser from UAF vulnerabilities by freeing memory from the programmer and automating it, only freeing memory when the automation detects that there are no more references left pointing to a given block of memory. |
+| **Control Flow Guard** | Compiles checks around code that performs indirect jumps based on a pointer, restricting those jumps to only going to function entry points with known addresses. Control Flow Guard is a Microsoft Visual Studio technology. |
+
+
+## Configure cookies
+[!INCLUDE [configure-cookies-include](../includes/configure-cookies-include.md)]
+
+## Configure Password Manager
+[!INCLUDE [configure-password-manager-include](../includes/configure-password-manager-include.md)]
+
+## Configure Windows Defender SmartScreen
+[!INCLUDE [configure-windows-defender-smartscreen-include](../includes/configure-windows-defender-smartscreen-include.md)]
+
+## Prevent bypassing Windows Defender SmartScreen prompts for files
+[!INCLUDE [prevent-bypassing-win-defender-files-include](../includes/prevent-bypassing-win-defender-files-include.md)]
+
+## Prevent bypassing Windows Defender SmartScreen prompts for sites
+[!INCLUDE [prevent-bypassing-win-defender-sites-include](../includes/prevent-bypassing-win-defender-sites-include.md)]
+
+## Prevent certificate error overrides
+[!INCLUDE [prevent-certificate-error-overrides-include](../includes/prevent-certificate-error-overrides-include.md)]
+
+## Prevent using Localhost IP address for WebRTC
+[!INCLUDE [prevent-localhost-address-for-webrtc-include](../includes/prevent-localhost-address-for-webrtc-include.md)]
+
+
diff --git a/browsers/edge/group-policies/start-pages-gp.md b/browsers/edge/group-policies/start-pages-gp.md
index 8243c6af91..2dd04e1e28 100644
--- a/browsers/edge/group-policies/start-pages-gp.md
+++ b/browsers/edge/group-policies/start-pages-gp.md
@@ -1,29 +1,42 @@
---
-title: Start pages
+title: Microsoft Edge - Start pages
description: Configure Microsoft Edge to load either the Start page, New tab page, previously opened pages, or a specific page or pages.
ms.author: pashort
author: shortpatti
-ms.date: 07/23/2018
+ms.date: 07/25/2018
+ms.prod: edge
+ms.mktglfcycl: explore
+ms.sitesec: library
---
# Start pages
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
+
Microsoft Edge loads the pages specified in App settings as the default Start pages. You can configure Microsoft Edge to load either the Start page, New tab page, previously opened pages, or a specific page or pages. You can also configure Microsoft Edge to prevent users from making changes.
+**Policies**
-## Policies
+- [Configure Open Microsoft Edge With](#configure-open-microsoft-edge-with)
+- [Configure Start Pages](#configure-start-pages)
+- [Disable Lockdown of Start pages](#disable-lockdown-of-start-pages)
-- [Configure Open Microsoft Edge With](../new-policies.md#configure-open-microsoft-edge-with)
-
-- [Configure Start Pages](../available-policies.md#configure-start-pages)
-
-- [Disable Lockdown of Start Pages](../available-policies.md#configure-windows-defender-smartscreen)
-
-## Configuration options
+## Configure Open Microsoft Edge With
+[!INCLUDE [configure-open-edge-with-include](../includes/configure-open-edge-with-include.md)]
+
+## Configure Start Pages
+[!INCLUDE [configure-start-pages-include](../includes/configure-start-pages-include.md)]
+
+## Disable Lockdown of Start pages
+[!INCLUDE [disable-lockdown-of-start-pages-include](../includes/disable-lockdown-of-start-pages-include.md)]
+
+
+## Configuration options
+
| **Configure Open Microsoft Edge With** | **Configure Start Pages** | **Disabled Lockdown of Start Pages** | **Outcome** |
| --- | --- | --- | --- |
| Enabled (applies to all options) | Enabled – String | Enabled (all configured start pages are editable) | Load URLs defined in the Configure Open Microsoft Edge With policy, and allow users to make changes. |
diff --git a/browsers/edge/group-policies/sync-browser-settings-gp.md b/browsers/edge/group-policies/sync-browser-settings-gp.md
index 77c702759c..9a056e4c25 100644
--- a/browsers/edge/group-policies/sync-browser-settings-gp.md
+++ b/browsers/edge/group-policies/sync-browser-settings-gp.md
@@ -1,12 +1,13 @@
---
-title: Microsoft Edge - Sync browser settings
+title: Microsoft Edge - Sync browser settings options
description: By default, the “browser” group syncs automatically between the user’s devices, letting users make changes.
ms.author: pashort
author: shortpatti
ms.date: 07/23/2018
---
-# Sync browser settings
+# Sync browser settings options
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
By default, the “browser” group syncs automatically between the user’s devices, letting users make changes. The “browser” group uses the Sync your Settings option in Settings to sync information like history and favorites. You can configure Microsoft Edge to prevent the “browser” group from syncing and prevent users from turning on the Sync your Settings toggle in Settings. If you want syncing turned off by default but not disabled, select the _Allow users to turn “browser” syncing_ option in the Do not sync browser policy.
diff --git a/browsers/edge/group-policies/bowsing-history-gp.md b/browsers/edge/group-policies/telemetry-management-gp.md
similarity index 100%
rename from browsers/edge/group-policies/bowsing-history-gp.md
rename to browsers/edge/group-policies/telemetry-management-gp.md
diff --git a/browsers/edge/images/prelaunch-edge-and-preload-tabs-sm.png b/browsers/edge/images/prelaunch-edge-and-preload-tabs-sm.png
index d64a086446..51dfd7258a 100644
Binary files a/browsers/edge/images/prelaunch-edge-and-preload-tabs-sm.png and b/browsers/edge/images/prelaunch-edge-and-preload-tabs-sm.png differ
diff --git a/browsers/edge/images/prelaunch-edge-and-preload-tabs.png b/browsers/edge/images/prelaunch-edge-and-preload-tabs.png
index a92724f9b0..b786cfb3bb 100644
Binary files a/browsers/edge/images/prelaunch-edge-and-preload-tabs.png and b/browsers/edge/images/prelaunch-edge-and-preload-tabs.png differ
diff --git a/browsers/edge/images/prelaunch-edge-only-sm.png b/browsers/edge/images/prelaunch-edge-only-sm.png
index bb85307b41..875f1a8ce6 100644
Binary files a/browsers/edge/images/prelaunch-edge-only-sm.png and b/browsers/edge/images/prelaunch-edge-only-sm.png differ
diff --git a/browsers/edge/images/prelaunch-edge-only.png b/browsers/edge/images/prelaunch-edge-only.png
index 920c05cd50..89e1152ec6 100644
Binary files a/browsers/edge/images/prelaunch-edge-only.png and b/browsers/edge/images/prelaunch-edge-only.png differ
diff --git a/browsers/edge/images/preload-tabs-only-sm.png b/browsers/edge/images/preload-tabs-only-sm.png
index 61d4f40388..5ee58403f1 100644
Binary files a/browsers/edge/images/preload-tabs-only-sm.png and b/browsers/edge/images/preload-tabs-only-sm.png differ
diff --git a/browsers/edge/images/preload-tabs-only.png b/browsers/edge/images/preload-tabs-only.png
index 6fe90b363d..da42bc5a0f 100644
Binary files a/browsers/edge/images/preload-tabs-only.png and b/browsers/edge/images/preload-tabs-only.png differ
diff --git a/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md b/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md
index 722b2ce5e8..96da415a28 100644
--- a/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md
+++ b/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md
@@ -21,7 +21,7 @@
- **GP ADMX file name:** MicrosoftEdge.admx
#### MDM settings
-- **MDM name:** Browser/[Browser/EnableExtendedBooksTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-enableextendedbookstelemetry)
+- **MDM name:** [Browser/EnableExtendedBooksTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-enableextendedbookstelemetry)
- **Supported devices:** Desktop and Mobile
- **URI full path:** ./Vendor/MSFT/Policy/Config/Browser/EnableExtendedBooksTelemetry
- **Data type:** Integer
diff --git a/browsers/edge/includes/allow-full-screen-include.md b/browsers/edge/includes/allow-full-screen-include.md
index 1d4d274689..b7fc715298 100644
--- a/browsers/edge/includes/allow-full-screen-include.md
+++ b/browsers/edge/includes/allow-full-screen-include.md
@@ -1,5 +1,6 @@
-
+
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Enabled or not configured (Allowed)*
diff --git a/browsers/edge/includes/allow-prelaunch-include.md b/browsers/edge/includes/allow-prelaunch-include.md
index 840600bc3c..4721684c1f 100644
--- a/browsers/edge/includes/allow-prelaunch-include.md
+++ b/browsers/edge/includes/allow-prelaunch-include.md
@@ -1,6 +1,7 @@
-
+
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Enabled or not configured (Allowed)*
[!INCLUDE [allow-prelaunch-shortdesc](../shortdesc/allow-prelaunch-shortdesc.md)]
@@ -20,7 +21,7 @@ For more details about configuring the prelaunch and preload options, see [Prela
### ADMX info and settings
#### ADMX info
-- **GP English name:** Allow Prelaunch
+- **GP English name:** Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed
- **GP name:** AllowPreLaunch
- **GP path:** Windows Components/Microsoft Edge
- **GP ADMX file name:** MicrosoftEdge.admx
diff --git a/browsers/edge/includes/allow-printing-include.md b/browsers/edge/includes/allow-printing-include.md
index 9d4a72c6eb..e6bea96847 100644
--- a/browsers/edge/includes/allow-printing-include.md
+++ b/browsers/edge/includes/allow-printing-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Enabled or not configured (Allowed)*
[!INCLUDE [allow-printing-shortdesc](../shortdesc/allow-printing-shortdesc.md)]
diff --git a/browsers/edge/includes/allow-saving-history-include.md b/browsers/edge/includes/allow-saving-history-include.md
index 568901972a..f9d38d178e 100644
--- a/browsers/edge/includes/allow-saving-history-include.md
+++ b/browsers/edge/includes/allow-saving-history-include.md
@@ -1,5 +1,6 @@
-
+
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Enabled or not configured (Allowed)*
[!INCLUDE [allow-saving-history-shortdesc](../shortdesc/allow-saving-history-shortdesc.md)]
diff --git a/browsers/edge/includes/allow-sideloading-extensions-include.md b/browsers/edge/includes/allow-sideloading-extensions-include.md
index 5967adff78..0ad2b3c542 100644
--- a/browsers/edge/includes/allow-sideloading-extensions-include.md
+++ b/browsers/edge/includes/allow-sideloading-extensions-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Enabled (Allowed)*
[!INCLUDE [allow-sideloading-of-extensions-shortdesc](../shortdesc/allow-sideloading-of-extensions-shortdesc.md)]
diff --git a/browsers/edge/includes/allow-tab-preloading-include.md b/browsers/edge/includes/allow-tab-preloading-include.md
index 2e733ae025..b80f9ce8b6 100644
--- a/browsers/edge/includes/allow-tab-preloading-include.md
+++ b/browsers/edge/includes/allow-tab-preloading-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, version 1802*
>*Default setting: Enabled or not configured (Allowed)*
[!INCLUDE [allow-tab-preloading-shortdesc](../shortdesc/allow-tab-preloading-shortdesc.md)]
diff --git a/browsers/edge/includes/allow-web-content-new-tab-page-include.md b/browsers/edge/includes/allow-web-content-new-tab-page-include.md
index 97541bcdbc..ac8e6d2951 100644
--- a/browsers/edge/includes/allow-web-content-new-tab-page-include.md
+++ b/browsers/edge/includes/allow-web-content-new-tab-page-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10*
>*Default setting: Enabled (Default New tab page loads)*
diff --git a/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md b/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md
index c83e7a6175..669ba4bf75 100644
--- a/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md
+++ b/browsers/edge/includes/configure-browser-telemetry-for-m365-analytics-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Disabled or not configured (No data collected or sent)*
[!INCLUDE [configure-browser-telemetry-for-m365-analytics-shortdesc](../shortdesc/configure-browser-telemetry-for-m365-analytics-shortdesc.md)]
diff --git a/browsers/edge/includes/configure-edge-kiosk-reset-idle-timeout-include.md b/browsers/edge/includes/configure-edge-kiosk-reset-idle-timeout-include.md
index 6bd419669a..44539d481e 100644
--- a/browsers/edge/includes/configure-edge-kiosk-reset-idle-timeout-include.md
+++ b/browsers/edge/includes/configure-edge-kiosk-reset-idle-timeout-include.md
@@ -1,5 +1,6 @@
-
+
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: 5 minutes*
[!INCLUDE [configure-kiosk-reset-after-idle-timeout-shortdesc](../shortdesc/configure-kiosk-reset-after-idle-timeout-shortdesc.md)]
diff --git a/browsers/edge/includes/configure-enterprise-mode-site-list-include.md b/browsers/edge/includes/configure-enterprise-mode-site-list-include.md
index 70c658640e..9d99e69788 100644
--- a/browsers/edge/includes/configure-enterprise-mode-site-list-include.md
+++ b/browsers/edge/includes/configure-enterprise-mode-site-list-include.md
@@ -35,8 +35,7 @@
### Related Policies
-[Show message opening sites in IE](../available-policies.md#show-message-when-opening-sites-in-internet-explorer):
-[!INCLUDE
+[Show message opening sites in IE](../available-policies.md#show-message-when-opening-sites-in-internet-explorer): [!INCLUDE
[show-message-when-opening-sites-in-ie-shortdesc](../shortdesc/show-message-when-opening-sites-in-ie-shortdesc.md)]
### Related topics
diff --git a/browsers/edge/includes/configure-favorites-bar-include.md b/browsers/edge/includes/configure-favorites-bar-include.md
index 5084758101..1b797ebb79 100644
--- a/browsers/edge/includes/configure-favorites-bar-include.md
+++ b/browsers/edge/includes/configure-favorites-bar-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, new major release*
>*Default setting: Not configured (Hidden)*
diff --git a/browsers/edge/includes/configure-home-button-include.md b/browsers/edge/includes/configure-home-button-include.md
index 5bc9e5ed5f..c6362b39dc 100644
--- a/browsers/edge/includes/configure-home-button-include.md
+++ b/browsers/edge/includes/configure-home-button-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10*
>*Default setting: Disabled or not configured (Show home button and load the Start page)*
diff --git a/browsers/edge/includes/configure-microsoft-edge-kiosk-mode-include.md b/browsers/edge/includes/configure-microsoft-edge-kiosk-mode-include.md
index 1b14f42d96..034fd5b55e 100644
--- a/browsers/edge/includes/configure-microsoft-edge-kiosk-mode-include.md
+++ b/browsers/edge/includes/configure-microsoft-edge-kiosk-mode-include.md
@@ -1,6 +1,6 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Not configured*
[!INCLUDE [configure-kiosk-mode-shortdesc](../shortdesc/configure-kiosk-mode-shortdesc.md)]
diff --git a/browsers/edge/includes/configure-open-edge-with-include.md b/browsers/edge/includes/configure-open-edge-with-include.md
index cb87605e7b..95da8a5fbd 100644
--- a/browsers/edge/includes/configure-open-edge-with-include.md
+++ b/browsers/edge/includes/configure-open-edge-with-include.md
@@ -1,6 +1,6 @@
-
->*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
-->
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Enabled (A specific page or pages)*
[!INCLUDE [configure-open-microsoft-edge-with-shortdesc](../shortdesc/configure-open-microsoft-edge-with-shortdesc.md)]
diff --git a/browsers/edge/includes/configure-start-pages-include.md b/browsers/edge/includes/configure-start-pages-include.md
index 063493610f..9a3c3c9861 100644
--- a/browsers/edge/includes/configure-start-pages-include.md
+++ b/browsers/edge/includes/configure-start-pages-include.md
@@ -40,7 +40,7 @@ For more details about configuring the Start pages, see [Start pages](../group-p
- [Disable Lockdown of Start Pages](#disable-lockdown-of-start-pages-include): [!INCLUDE [disable-lockdown-of-start-pages-shortdesc](../shortdesc/disable-lockdown-of-start-pages-shortdesc.md)]
-- [Configure Start Pages](#configure-start-pages-include): [!INCLUDE [configure-start-pages-shortdesc](../shortdesc/configure-start-pages-shortdesc.md)]
+- [Configure Open Microsoft Edge With](../new-policies.md#configure-open-microsoft-edge-with): [!INCLUDE [configure-open-microsoft-edge-with-shortdesc](../shortdesc/configure-open-microsoft-edge-with-shortdesc.md)]
diff --git a/browsers/edge/includes/do-not-sync-browser-settings-include.md b/browsers/edge/includes/do-not-sync-browser-settings-include.md
index 416002380a..87c355b74f 100644
--- a/browsers/edge/includes/do-not-sync-browser-settings-include.md
+++ b/browsers/edge/includes/do-not-sync-browser-settings-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Disabled or not configured (Allowed/turned on)*
[!INCLUDE [do-not-sync-browser-settings-shortdesc](../shortdesc/do-not-sync-browser-settings-shortdesc.md)]
@@ -14,7 +14,7 @@
### Configuration options
-For more details about configuring the browser syncing options, see [Sync browser settings](../group-policies/sync-browser-settings-gp.md).
+For more details about configuring the browser syncing options, see [Sync browser settings options](../group-policies/sync-browser-settings-gp.md).
diff --git a/browsers/edge/includes/ie11-send-all-sites-not-in-site-list-include.md b/browsers/edge/includes/ie11-send-all-sites-not-in-site-list-include.md
new file mode 100644
index 0000000000..ed4e9b1019
--- /dev/null
+++ b/browsers/edge/includes/ie11-send-all-sites-not-in-site-list-include.md
@@ -0,0 +1,7 @@
+>*Supported versions: Internet Explorer 11 on Windows 10, version 1607 or later*
+>*Default setting: Disabled or not configured*
+
+By default, all sites open the currently active browser. With this policy, you can automatically open all sites not included in the Enterprise Mode Site List in Microsoft Edge. When you enable this policy, you must also turn on the Internet Explorer\Use the Enterprise Mode IE website list policy and include at least one site in the Enterprise Mode Site List.
+
+>[!NOTE]
+>If you’ve also enabled the Microsoft Edge [Send all intranet sites to Internet Explorer 11](../available-policies.md#send-all-intranet-sites-to-internet-explorer-11) policy, all intranet sites continue to open in Internet Explorer 11.
diff --git a/browsers/edge/includes/prevent-certificate-error-overrides-include.md b/browsers/edge/includes/prevent-certificate-error-overrides-include.md
index ecafd230d4..052ef6499e 100644
--- a/browsers/edge/includes/prevent-certificate-error-overrides-include.md
+++ b/browsers/edge/includes/prevent-certificate-error-overrides-include.md
@@ -1,5 +1,6 @@
-
+
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Disabled or not configured (Allowed/turned off)*
[!INCLUDE [prevent-certificate-error-overrides-shortdesc](../shortdesc/prevent-certificate-error-overrides-shortdesc.md)]
diff --git a/browsers/edge/includes/prevent-turning-off-required-extensions-include.md b/browsers/edge/includes/prevent-turning-off-required-extensions-include.md
index 14bb5698dd..dad8213fef 100644
--- a/browsers/edge/includes/prevent-turning-off-required-extensions-include.md
+++ b/browsers/edge/includes/prevent-turning-off-required-extensions-include.md
@@ -1,5 +1,6 @@
-
+
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Disabled or not configured (Allowed)*
[!INCLUDE [prevent-turning-off-required-extensions-shortdesc](../shortdesc/prevent-turning-off-required-extensions-shortdesc.md)]
diff --git a/browsers/edge/includes/prevent-users-to-turn-on-browser-syncing-include.md b/browsers/edge/includes/prevent-users-to-turn-on-browser-syncing-include.md
index 56aba7900a..7da4682d47 100644
--- a/browsers/edge/includes/prevent-users-to-turn-on-browser-syncing-include.md
+++ b/browsers/edge/includes/prevent-users-to-turn-on-browser-syncing-include.md
@@ -1,6 +1,5 @@
-
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Enabled or not configured (Prevented/turned off)*
[!INCLUDE [prevent-users-to-turn-on-browser-syncing-shortdesc](../shortdesc/prevent-users-to-turn-on-browser-syncing-shortdesc.md)]
@@ -14,7 +13,7 @@
### Configuration options
-For more details about configuring the browser syncing options, see [Sync browser settings](../group-policies/sync-browser-settings-gp.md).
+For more details about configuring the browser syncing options, see [Sync browser settings options](../group-policies/sync-browser-settings-gp.md).
### ADMX info and settings
diff --git a/browsers/edge/includes/set-home-button-url-include.md b/browsers/edge/includes/set-home-button-url-include.md
index f48928783f..26f674b19d 100644
--- a/browsers/edge/includes/set-home-button-url-include.md
+++ b/browsers/edge/includes/set-home-button-url-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Disabled or not configured (Blank)*
[!INCLUDE [set-home-button-url-shortdesc](../shortdesc/set-home-button-url-shortdesc.md)]
diff --git a/browsers/edge/includes/set-new-tab-url-include.md b/browsers/edge/includes/set-new-tab-url-include.md
index 1a87c558b7..ffd31bd264 100644
--- a/browsers/edge/includes/set-new-tab-url-include.md
+++ b/browsers/edge/includes/set-new-tab-url-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Disabled or not configured (Blank)*
[!INCLUDE [set-new-tab-url-shortdesc](../shortdesc/set-new-tab-url-shortdesc.md)]
diff --git a/browsers/edge/includes/show-message-opening-sites-ie-include.md b/browsers/edge/includes/show-message-opening-sites-ie-include.md
index 31ab3deef6..d6cdf4b94a 100644
--- a/browsers/edge/includes/show-message-opening-sites-ie-include.md
+++ b/browsers/edge/includes/show-message-opening-sites-ie-include.md
@@ -1,5 +1,6 @@
-
+
+
+>*Supported versions: Microsoft Edge on Windows 10, version 1607 and later*
>*Default setting: Disabled or not configured (No additional message)*
diff --git a/browsers/edge/includes/unlock-home-button-include.md b/browsers/edge/includes/unlock-home-button-include.md
index 45da5927a2..91a7a446e4 100644
--- a/browsers/edge/includes/unlock-home-button-include.md
+++ b/browsers/edge/includes/unlock-home-button-include.md
@@ -1,5 +1,5 @@
-
+
+>*Supported versions: Microsoft Edge on Windows 10, next major update to Windows*
>*Default setting: Disabled or not configured (Home button is locked)*
[!INCLUDE [unlock-home-button-shortdesc](../shortdesc/unlock-home-button-shortdesc.md)]
diff --git a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
index dc1470d929..a3679f369c 100644
--- a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
+++ b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
@@ -7,13 +7,13 @@ ms.prod: edge
ms.sitesec: library
title: Deploy Microsoft Edge kiosk mode
ms.localizationpriority: high
-ms.date: 07/23/2018
+ms.date: 07/25/2018
---
# Deploy Microsoft Edge kiosk mode (Preview)
>Applies to: Microsoft Edge on Windows 10
->Preview build 17713+
+>Preview build 17723
Microsoft Edge kiosk mode works with assigned access to let IT administrators create a tailored browsing experience designed for kiosk devices. To use Microsoft Edge kiosk mode, you must configure Microsoft Edge as an application in assigned access. Learn more about [Configuring kiosk and shared devices running Windows desktop editions](https://docs.microsoft.com/en-us/windows/configuration/kiosk-shared-pc).
@@ -45,7 +45,7 @@ When you set up Microsoft Edge kiosk mode in multi-app assigned access, Microsof
The multi-app Microsoft Edge kiosk mode types include:
-3. **Public browsing** supports browsing the internet and runs InPrivate with minimal features available. In this configuration, Microsoft Edge can be one of many apps available. Users can close and open multiple InPrivate windows. On a multi-app kiosk device, Microsoft Edge can interact with other applications. For example, if Internet Explorer 11 is set up in multi-app assigned access. You can enable Enterprise Mode to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support. Examples of public browsing include an information kiosk device at a public library or hotel concierge desk that provides access to Microsoft Edge and other app(s).
+3. **Public browsing** supports browsing the internet and runs InPrivate with minimal features available. In this configuration, Microsoft Edge can be one of many apps available. Users can close and open multiple InPrivate windows. On a multi-app kiosk device, Microsoft Edge can interact with other applications. For example, if Internet Explorer 11 is set up in multi-app assigned access. You can enable Enterprise Mode to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support. A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other app(s).
@@ -56,7 +56,7 @@ The multi-app Microsoft Edge kiosk mode types include:
## Let’s get started!
Before you can configure Microsoft Edge kiosk mode, you must set up Microsoft Edge in assigned access. You can set up Microsoft Edge kiosk mode in assigned access using:
-- **Windows Settings.** (Build 17723) Best for physically setting up a single device as a kiosk. With this method, you set up assigned access and configure the kiosk or digital sign device using Settings. You can configure Microsoft Edge in single-app (kiosk type – Full-screen or public browsing) and define a single URL for the Home button, Start page, and New tab page. You can also set the reset after an idle timeout.
+- **Windows Settings.** Best for physically setting up a single device as a kiosk. With this method, you set up assigned access and configure the kiosk or digital sign device using Settings. You can configure Microsoft Edge in single-app (kiosk type – Full-screen or public browsing) and define a single URL for the Home button, Start page, and New tab page. You can also set the reset after an idle timeout.
- **Microsoft Intune or other MDM service.** Best for setting up multiple devices as a kiosk. With this method, you configure Microsoft Edge in assigned access and configure how Microsoft Edge behaves when it’s running in kiosk mode with assigned access.
@@ -78,8 +78,6 @@ Before you can configure Microsoft Edge kiosk mode, you must set up Microsoft Ed
### Use Windows Settings
->Preview build 17723
-
Windows Settings is the simplest and easiest way to set up one or a couple of devices because you must perform these steps on each device. This method is ideal for small businesses.
@@ -116,7 +114,7 @@ Windows Settings is the simplest and easiest way to set up one or a couple of de
13. Close **Settings** to save your choices automatically and apply them the next time the user account logs on.
-14. Configure the policies for Microsoft Edge kiosk mode. For details on the valid kiosk policy settings, see [Related policies](#related-policies).
+14. Configure the policies for Microsoft Edge kiosk mode. For details on the valid kiosk policy settings, see [Relevant policies](#relevant-policies).
15. Validate the Microsoft Edge kiosk mode by restarting the device and signing in with the local kiosk account.
@@ -210,7 +208,7 @@ Use any of the Microsoft Edge policies listed below to enhance the kiosk experie
| [AllowMicrosoftCompatibilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) |  |  | 1 |  |
| [AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) |  |  |  |  |
| [AllowPopups](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpopups) |  |  |  |  |
-| [AllowPrelaunch](new-policies.md#allow-prelaunch)\* |  |  |  |  |
+| [AllowPrelaunch](new-policies.md#allow-microsoft-edge-to-pre-launch-at-windows-startup-when-the-system-is-idle-and-each-time-microsoft-edge-is-closed)\* |  |  |  |  |
| [AllowPrinting](new-policies.md#allow-printing)\* |  |  |  |  |
| [AllowSavingHistory](new-policies.md#allow-saving-history)\* |  |  |  |  |
| [AllowSearchEngineCustomization](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchenginecustomization) |  |  |  |  |
@@ -230,7 +228,7 @@ Use any of the Microsoft Edge policies listed below to enhance the kiosk experie
| [ConfigureOpenMicrosoftEdgeWith](new-policies.md#configure-open-microsoft-edge-with)\* |  |  |  |  |
| [ConfigureTelemetryForMicrosoft365Analytics](new-policies.md#configure-collection-of-browsing-data-for-microsoft-365-analytics)\* |  |  |  |  |
| [DisableLockdownOfStartPages](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-disablelockdownofstartpages) |  |  |  |  |
-| [DoNotSyncBrowserSetting](available-policies.md#do-not-sync-browser-settings)\* and [PreventUsersFromTurningOnBrowserSyncing](new-policies.md#prevent-users-from-turning-on-browser-syncing)\* |  |  |  |  |
+| [Experience/DoNotSyncBrowserSetting](available-policies.md#do-not-sync-browser-settings)\* and [Experience/PreventUsersFromTurningOnBrowserSyncing](new-policies.md#prevent-users-from-turning-on-browser-syncing)\* |  |  |  |  |
| [EnableExtendedBooksTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-enableextendedbookstelemetry) |  |  |  |  |
| [EnterpriseModeSiteList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-enterprisemodesitelist) |  |  | 1 |  |
| [FirstRunURL](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-firstrunurl) |  |  |  |  |
@@ -257,7 +255,7 @@ Use any of the Microsoft Edge policies listed below to enhance the kiosk experie
*\* New policy coming in the next release of Windows 10.*
*1) For multi-app assigned access, you must configure Internet Explorer 11.*
-*2) For digital/interactive signage to enable Flash, set [AllowFlashClickToRun](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowflashclicktorun) to 0.*
+*2) For digital/interactive signage to enable Flash, set [AllowFlashClickToRun].(https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowflashclicktorun) to 0.*
**Legend:**
 = Not applicable or not supported
@@ -287,23 +285,11 @@ Use any of the Microsoft Edge policies listed below to enhance the kiosk experie
---
-## Known issues with RS_PRERELEASE build 17723
+## Known issues with prerelease build 17723
-- When you set up Microsoft Edge kiosk mode on a single-app kiosk device you must set the “ConfigureKioskMode” policy because the default behavior is not honored.
- - **Expected behavior** – Microsoft Edge kiosk mode launches in full-screen mode.
- - **Actual behavior** – Normal Microsoft Edge launches.
-
-- When you enable or set the “ConfigureFavoritesBar” policy to 1, the favorites bar does not show in Microsoft Edge kiosk mode.
- - **Expected behavior** – Microsoft Edge kiosk mode shows the favorites bar.
- - **Actual behavior** – The favorites bar is hidden.
-
-- Extensions should not be available in Public browsing multi-app kiosk.
- - **Expected behavior** – Extensions are disabled in _Settings and more_ menu.
- - **Actual behavior** – Extensions are accessible in _Settings and more_ menu.
-
-- Books should not be available in Public browsing multi-app kiosk.
- - **Expected behavior** – Books are disabled in _Settings and more_ menu.
- - **Actual behavior** – Books are accessible in _Settings and more_ menu.
+When you set up Microsoft Edge kiosk mode on a single-app kiosk device you must set the “ConfigureKioskMode” policy because the default behavior is not honored.
+- **Expected behavior** – Microsoft Edge kiosk mode launches in full-screen mode.
+- **Actual behavior** – Normal Microsoft Edge launches.
---
diff --git a/browsers/edge/new-policies.md b/browsers/edge/new-policies.md
index 79ef29fafe..ac0e768adf 100644
--- a/browsers/edge/new-policies.md
+++ b/browsers/edge/new-policies.md
@@ -8,7 +8,7 @@ ms.mktglfcycl: explore
ms.sitesec: library
title: New Microsoft Edge Group Policies and MDM settings
ms.localizationpriority:
-ms.date: 07/23/2018
+ms.date: 07/25/2018
---
# New Microsoft Edge Group Policies and MDM settings (Preview)
@@ -32,8 +32,8 @@ We are discontinuing the use of the **Configure Favorites** group policy. Use th
| **Group Policy** | **New/update?** | **MDM Setting** | **New/update?** |
| --- | --- | --- | --- |
| [Allow fullscreen mode](#allow-fullscreen-mode) | New | [AllowFullscreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowfullscreenmode) | New |
+| [Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed](#allow-prelaunch) | New | [AllowPrelaunch](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowprelaunch) | New |
| [Allow Microsoft Edge to start and load the Start and New Tab page at Windows startup and each time Microsoft Edge is closed](#allow-microsoft-edge-to-start-and-load-the-start-and-new-tab-page-at-windows-startup-and-each-time-microsoft-edge-is-closed) | New | [AllowTabPreloading](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowtabpreloading) | New |
-| [Allow Prelaunch](#allow-prelaunch) | New | [AllowPrelaunch](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowprelaunch) | New |
| [Allow printing](#allow-printing) | New | [AllowPrinting](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowprinting) | New |
| [Allow Saving History](#allow-saving-history) | New | [AllowSavingHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsavinghistory) | New |
| [Allow sideloading of Extensions](#allow-sideloading-of-extensions) | New | [AllowSideloadingExtensions](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsideloadingofextensions) | New |
@@ -60,12 +60,12 @@ We are discontinuing the use of the **Configure Favorites** group policy. Use th
## Allow fullscreen mode
[!INCLUDE [allow-full-screen-include](includes/allow-full-screen-include.md)]
+## Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed
+[!INCLUDE [allow-prelaunch-include](includes/allow-prelaunch-include.md)]
+
## Allow Microsoft Edge to start and load the Start and New Tab page at Windows startup and each time Microsoft Edge is closed
[!INCLUDE [allow-tab-preloading-include](includes/allow-tab-preloading-include.md)]
-## Allow Prelaunch
-[!INCLUDE [allow-prelaunch-include](includes/allow-prelaunch-include.md)]
-
## Allow printing
[!INCLUDE [allow-printing-include.md](includes/allow-printing-include.md)]
diff --git a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
index b4f3ce2304..e600fe9c9e 100644
--- a/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
+++ b/windows/client-management/mdm/enterprisemodernappmanagement-csp.md
@@ -7,11 +7,13 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: MariciaAlforque
-ms.date: 03/01/2018
+ms.date: 07/24/2018
---
# EnterpriseModernAppManagement CSP
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
The EnterpriseModernAppManagement configuration service provider (CSP) is used for the provisioning and reporting of modern enterprise apps. For details about how to use this CSP to for reporting apps inventory, installation and removal of apps for users, provisioning apps to devices, and managing app licenses, see [Enterprise app management](enterprise-app-management.md).
@@ -23,30 +25,30 @@ The following image shows the EnterpriseModernAppManagement configuration servic
**Device or User context**
-
For user context, use **./User/Vendor/MSFT** path and for device context, use **./Device/Vendor/MSFT** path.
+For user context, use **./User/Vendor/MSFT** path and for device context, use **./Device/Vendor/MSFT** path.
> [!Note]
> Windows Holographic and Windows 10 Mobile only support per-user configuration of the EnterpriseModernAppManagement CSP.
**AppManagement**
-
Required. Used for inventory and app management (post-install).
+Required. Used for inventory and app management (post-install).
**AppManagement/UpdateScan**
-
Required. Used to start the Windows Update scan.
+Required. Used to start the Windows Update scan.
-
Supported operation is Execute.
+Supported operation is Execute.
**AppManagement/LastScanError**
-
Required. Reports the last error code returned by the update scan.
+Required. Reports the last error code returned by the update scan.
-
Supported operation is Get.
+Supported operation is Get.
**AppManagement/AppInventoryResults**
-
Added in Windows 10, version 1511. Required. Returns the results for app inventory that was created after the AppInventoryQuery operation.
+Added in Windows 10, version 1511. Required. Returns the results for app inventory that was created after the AppInventoryQuery operation.
-
Supported operation is Get.
+Supported operation is Get.
-
Here's an example of AppInventoryResults operation.
+Here's an example of AppInventoryResults operation.
``` syntax
@@ -60,9 +62,9 @@ The following image shows the EnterpriseModernAppManagement configuration servic
```
**AppManagement/AppInventoryQuery**
-Added in Windows 10, version 1511. Required. Specifies the query for app inventory.
+Added in Windows 10, version 1511. Required. Specifies the query for app inventory.
-
Query parameters:
+Query parameters:
- Output - Specifies the parameters for the information returned in AppInventoryResults operation. Mutiple value must be separate by |. Valid values are:
- PackagesName - returns the *PackageFamilyName* and *PackageFullName* of the app. Default if nothing is specified.
@@ -92,9 +94,9 @@ The following image shows the EnterpriseModernAppManagement configuration servic
If you do not specify this value, then all publishers are returned.
-
Supported operation is Get and Replace.
+Supported operation is Get and Replace.
-
The following example sets the inventory query for the package names and checks the status for reinstallation for all main packages that are nonStore apps.
+The following example sets the inventory query for the package names and checks the status for reinstallation for all main packages that are nonStore apps.
``` syntax
@@ -109,9 +111,9 @@ The following image shows the EnterpriseModernAppManagement configuration servic
```
**AppManagement/RemovePackage**
-
Added in Windows 10, version 1703. Used to remove packages. Not supported for ./User/Vendor/MSFT.
+Added in Windows 10, version 1703. Used to remove packages. Not supported for ./User/Vendor/MSFT.
-
Parameters:
+Parameters:
- Package
@@ -128,9 +130,9 @@ The following image shows the EnterpriseModernAppManagement configuration servic
-Supported operation is Execute.
+Supported operation is Execute.
-
The following example removes a package for all users:
+The following example removes a package for all users:
````XML
@@ -148,30 +150,30 @@ The following image shows the EnterpriseModernAppManagement configuration servic
````
**AppManagement/nonStore**
-Used to manage enterprise apps or developer apps that were not acquired from the Microsoft Store.
+Used to manage enterprise apps or developer apps that were not acquired from the Microsoft Store.
-
Supported operation is Get.
+Supported operation is Get.
**AppManagement/System**
-
Reports apps installed as part of the operating system.
+Reports apps installed as part of the operating system.
-
Supported operation is Get.
+Supported operation is Get.
**AppManagement/AppStore**
-
Required. Used for managing apps from the Microsoft Store.
+Required. Used for managing apps from the Microsoft Store.
-
Supported operations are Get and Delete.
+Supported operations are Get and Delete.
**.../****_PackageFamilyName_**
-
Optional. Package family name (PFN) of the app. There is one for each PFN on the device when reporting inventory. These items are rooted under their signing origin.
+Optional. Package family name (PFN) of the app. There is one for each PFN on the device when reporting inventory. These items are rooted under their signing origin.
-
Supported operations are Get and Delete.
+Supported operations are Get and Delete.
> [!Note]
> XAP files use a product ID in place of PackageFamilyName. Here's an example of XAP product ID (including the braces), {12345678-9012-3456-7890-123456789012}.
-
Here's an example for uninstalling an app:
+Here's an example for uninstalling an app:
``` syntax
@@ -191,79 +193,76 @@ The following image shows the EnterpriseModernAppManagement configuration servic
```
**.../*PackageFamilyName*/****_PackageFullName_**
-Optional. Full name of the package installed.
+Optional. Full name of the package installed.
-
Supported operations are Get and Delete.
+Supported operations are Get and Delete.
> [!Note]
> XAP files use a product ID in place of PackageFullName. Here's an example of XAP product ID (including the braces), {12345678-9012-3456-7890-123456789012}.
**.../*PackageFamilyName*/*PackageFullName*/Name**
-
Required. Name of the app. Value type is string.
+Required. Name of the app. Value type is string.
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/Version**
-
Required. Version of the app. Value type is string.
+Required. Version of the app. Value type is string.
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/Publisher**
-
Required. Publisher name of the app. Value type is string.
+Required. Publisher name of the app. Value type is string.
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/Architecture**
-
Required. Architecture of installed package. Value type is string.
+Required. Architecture of installed package. Value type is string.
> [!Note]
> Not applicable to XAP files.
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/InstallLocation**
-
Required. Install location of the app on the device. Value type is string.
+Required. Install location of the app on the device. Value type is string.
> [!Note]
> Not applicable to XAP files.
-
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/IsFramework**
-
Required. Whether or not the app is a framework package. Value type is int. The value is 1 if the app is a framework package and 0 (zero) for all other cases.
+Required. Whether or not the app is a framework package. Value type is int. The value is 1 if the app is a framework package and 0 (zero) for all other cases.
> [!Note]
> Not applicable to XAP files.
-
-
Supported operation is Get.
+ Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/IsBundle**
-
Required. The value is 1 if the package is an app bundle and 0 (zero) for all other cases. Value type is int.
+Required. The value is 1 if the package is an app bundle and 0 (zero) for all other cases. Value type is int.
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/InstallDate**
-
Required. Date the app was installed. Value type is string.
+Required. Date the app was installed. Value type is string.
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/ResourceID**
-
Required. Resource ID of the app. This is null for the main app, ~ for a bundle, and contains resource information for resources packages. Value type is string.
+Required. Resource ID of the app. This is null for the main app, ~ for a bundle, and contains resource information for resources packages. Value type is string.
> [!Note]
> Not applicable to XAP files.
-
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/PackageStatus**
-
Required. Provides information about the status of the package. Value type is int. Valid values are:
+Required. Provides information about the status of the package. Value type is int. Valid values are:
- OK (0) - The package is usable.
- LicenseIssue (1) - The license of the package is not valid.
@@ -274,50 +273,47 @@ The following image shows the EnterpriseModernAppManagement configuration servic
> [!Note]
> Not applicable to XAP files.
-
-
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/RequiresReinstall**
-
Required. Specifies whether the package state has changed and requires a reinstallation of the app. This can occur when new app resources are required, such as when a device has a change in language preference or a new DPI. It can also occur of the package was corrupted. If the value is 1, reinstallation of the app is performed. Value type is int.
+Required. Specifies whether the package state has changed and requires a reinstallation of the app. This can occur when new app resources are required, such as when a device has a change in language preference or a new DPI. It can also occur of the package was corrupted. If the value is 1, reinstallation of the app is performed. Value type is int.
> [!Note]
> Not applicable to XAP files.
-
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/Users**
-
Required. Registered users of the app and the package install state. If the query is at the device level, it returns all the registered users of the device. If you query the user context, it will only return the current user. Value type is string.
+Required. Registered users of the app and the package install state. If the query is at the device level, it returns all the registered users of the device. If you query the user context, it will only return the current user. Value type is string.
- Not Installed = 0
- Staged = 1
- Installed = 2
- Paused = 6
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/*PackageFullName*/IsProvisioned**
-
Required. The value is 0 or 1 that indicates if the app is provisioned on the device. The value type is int.
+Required. The value is 0 or 1 that indicates if the app is provisioned on the device. The value type is int.
-
Supported operation is Get.
+Supported operation is Get.
**.../*PackageFamilyName*/DoNotUpdate**
-
Required. Specifies whether you want to block a specific app from being updated via auto-updates.
+Required. Specifies whether you want to block a specific app from being updated via auto-updates.
-
Supported operations are Add, Get, Delete, and Replace.
+Supported operations are Add, Get, Delete, and Replace.
**.../*PackageFamilyName*/AppSettingPolicy** (only for ./User/Vendor/MSFT)
-
Added in Windows 10, version 1511. Interior node for all managed app setting values. This node is only supported in the user context.
+Added in Windows 10, version 1511. Interior node for all managed app setting values. This node is only supported in the user context.
**.../*PackageFamilyName*/AppSettingPolicy/****_SettingValue_** (only for ./User/Vendor/MSFT)
-
Added in Windows 10, version 1511. The *SettingValue* and data represent a key value pair to be configured for the app. The node represents the name of the key and the data represents the value. You can find this value in LocalSettings in the Managed.App.Settings container.
+Added in Windows 10, version 1511. The *SettingValue* and data represent a key value pair to be configured for the app. The node represents the name of the key and the data represents the value. You can find this value in LocalSettings in the Managed.App.Settings container.
-
This setting only works for apps that support the feature and it is only supported in the user context.
+This setting only works for apps that support the feature and it is only supported in the user context.
-
Value type is string. Supported operations are Add, Get, Replace, and Delete.
+Value type is string. Supported operations are Add, Get, Replace, and Delete.
-
The following example sets the value for the 'Server'
+The following example sets the value for the 'Server'
``` syntax
@@ -335,7 +331,7 @@ The following image shows the EnterpriseModernAppManagement configuration servic
```
-
The following example gets all managed app settings for a specific app.
+The following example gets all managed app settings for a specific app.
``` syntax
@@ -349,7 +345,7 @@ The following image shows the EnterpriseModernAppManagement configuration servic
```
-**.../*PackageFamilyName*/MaintainProcessorArchitectureOnUpdate**
+**.../_PackageFamilyName_/MaintainProcessorArchitectureOnUpdate**
Added in Windows 10, version 1803. Specify whether on a AMD64 device, across an app update, the architecture of the installed app must not change. For example if you have the x86 flavor of a Windows app installed, with this setting enabled, across an update, the x86 flavor will be installed even when x64 flavor is available.
Supported operations are Add, Get, Delete, and Replace. Value type is integer.
@@ -363,32 +359,125 @@ Expected Behavior on an AMD64 machine that has x86 flavor of an app installed (M
|True |Disabled |X86 flavor is picked |
|False (not set) |Not configured |X64 flavor is picked |
+**.../_PackageFamilyName_/NonRemovable**
+Added in Windows 10, next major version. Specifies if an app is nonremovable by the user.
+
+This setting allows the IT admin to set an app to be nonremovable, or unable to be uninstalled by a user. This is useful in enterprise and education scenarios, where the IT admin might want to ensure that everyone always has certain apps and they won't be removed accidentally. This is also useful when there are multiple users per device, and you want to ensure that one user doesn’t remove it for all users.
+
+This setting requires admin permission. This can only be set per device, not per user. You can query the setting using AppInvetoryQuery or AppInventoryResults.
+
+Value type is integer. Supported operations are Add, Get, Replace, and Delete.
+
+Valid values:
+- 0 – app is not in the nonremovable app policy list
+- 1 – app is included in the nonremovable app policy list
+
+**Examples:**
+
+Add an app to the nonremovable app policy list
+```
+
+
+
+ 1
+ -
+
+ ./Device/Vendor/MSFT/EnterpriseModernAppManagement/AppManagement/AppStore/Test123/NonRemovable
+
+
+ int
+
+ 0
+
+
+
+
+
+```
+
+Delete an app from the nonremovable app policy list
+```
+
+
+
+ 1
+ -
+
+ ./Device/Vendor/MSFT/EnterpriseModernAppManagement/AppManagement/AppStore/Test123/NonRemovable
+
+
+
+
+
+
+```
+
+Get list of apps in the nonremovable app policy list
+```
+
+
+
+ 1
+ -
+
+ ./Device/Vendor/MSFT/EnterpriseModernAppManagement/AppManagement/AppStore/Test123/NonRemovable
+
+
+
+
+
+
+```
+
+Replace an app in the nonremovable app policy list
+Data 0 = app is not in the app policy list
+Data 1 = app is in the app policy list
+```
+
+
+
+ 1
+ -
+
+ ./Device/Vendor/MSFT/EnterpriseModernAppManagement/AppManagement/AppStore/Test123/NonRemovable
+
+
+ int
+
+ 0
+
+
+
+
+
+```
+
**AppInstallation**
-
Required node. Used to perform app installation.
+Required node. Used to perform app installation.
**AppInstallation/****_PackageFamilyName_**
-
Optional node. Package family name (PFN) of the app. There is one for each PFN on the device when reporting inventory. These items are rooted under their signing origin.
+Optional node. Package family name (PFN) of the app. There is one for each PFN on the device when reporting inventory. These items are rooted under their signing origin.
-
Supported operations are Get and Add.
+Supported operations are Get and Add.
> [!Note]
> XAP files use a product ID in place of PackageFamilyName. Here's an example of XAP product ID (including the braces), {12345678-9012-3456-7890-123456789012}.
**AppInstallation/*PackageFamilyName*/StoreInstall**
-
Required. Command to perform an install of an app and a license from the Microsoft Store.
+Required. Command to perform an install of an app and a license from the Microsoft Store.
-
Supported operation is Execute, Add, Delete, and Get.
+Supported operation is Execute, Add, Delete, and Get.
**AppInstallation/*PackageFamilyName*/HostedInstall**
-
Required. Command to perform an install of an app package from a hosted location (this can be a local drive, a UNC, or https data source).
+Required. Command to perform an install of an app package from a hosted location (this can be a local drive, a UNC, or https data source).
-
Supported operation is Execute, Add, Delete, and Get.
+Supported operation is Execute, Add, Delete, and Get.
**AppInstallation/*PackageFamilyName*/LastError**
-
Required. Last error relating to the app installation.
+Required. Last error relating to the app installation.
-
Supported operation is Get.
+Supported operation is Get.
> [!Note]
> This element is not present after the app is installed.
@@ -396,50 +485,50 @@ Expected Behavior on an AMD64 machine that has x86 flavor of an app installed (M
**AppInstallation/*PackageFamilyName*/LastErrorDescription**
-
Required. Description of last error relating to the app installation.
+Required. Description of last error relating to the app installation.
-
Supported operation is Get.
+Supported operation is Get.
> [!Note]
> This element is not present after the app is installed.
**AppInstallation/*PackageFamilyName*/Status**
-
Required. Status of app installation. The following values are returned:
+Required. Status of app installation. The following values are returned:
- NOT\_INSTALLED (0) - The node was added, but the execution has not completed.
- INSTALLING (1) - Execution has started, but the deployment has not completed. If the deployment completes regardless of success, this value is updated.
- FAILED (2) - Installation failed. The details of the error can be found under LastError and LastErrorDescription.
- INSTALLED (3) - Once an install is successful this node is cleaned up, however in the event the clean up action has not completed, this state may briefly appear.
-
Supported operation is Get.
+Supported operation is Get.
> [!Note]
> This element is not present after the app is installed.
**AppInstallation/*PackageFamilyName*/ProgessStatus**
-
Required. An integer the indicates the progress of the app installation. For https locations, this indicates the download progress. ProgressStatus is not available for provisioning and it is only for user-based installations. In provisioning, the value is always 0 (zero).
+Required. An integer the indicates the progress of the app installation. For https locations, this indicates the download progress. ProgressStatus is not available for provisioning and it is only for user-based installations. In provisioning, the value is always 0 (zero).
-
Supported operation is Get.
+Supported operation is Get.
> [!Note]
> This element is not present after the app is installed.
**AppLicenses**
-
Required node. Used to manage licenses for app scenarios.
+Required node. Used to manage licenses for app scenarios.
**AppLicenses/StoreLicenses**
-
Required node. Used to manage licenses for store apps.
+Required node. Used to manage licenses for store apps.
**AppLicenses/StoreLicenses/****_LicenseID_**
-
Optional node. License ID for a store installed app. The license ID is generally the PFN of the app.
+Optional node. License ID for a store installed app. The license ID is generally the PFN of the app.
-
Supported operations are Add, Get, and Delete.
+Supported operations are Add, Get, and Delete.
**AppLicenses/StoreLicenses/*LicenseID*/LicenseCategory**
-
Added in Windows 10, version 1511. Required. Category of license that is used to classify various license sources. Valid value:
+Added in Windows 10, version 1511. Required. Category of license that is used to classify various license sources. Valid value:
- Unknown - unknown license category
- Retail - license sold through retail channels, typically from the Microsoft Store
@@ -447,39 +536,39 @@ Expected Behavior on an AMD64 machine that has x86 flavor of an app installed (M
- OEM - license issued to an OEM
- Developer - developer license, typically installed during the app development or side-loading scernarios.
-
Supported operation is Get.
+Supported operation is Get.
**AppLicenses/StoreLicenses/*LicenseID*/LicenseUsage**
-
Added in Windows 10, version 1511. Required. Indicates the allowed usage for the license. Valid values:
+Added in Windows 10, version 1511. Required. Indicates the allowed usage for the license. Valid values:
- Unknown - usage is unknown
- Online - the license is only valid for online usage. This is for applications with concurrence requirements, such as an app used on several computers, but can only be used on one at any given time.
- Offline - license is valid for use offline. You don't need a connection to the internet to use this license.
- Enterprise Root -
-
Supported operation is Get.
+Supported operation is Get.
**AppLicenses/StoreLicenses/*LicenseID*/RequesterID**
-
Added in Windows 10, version 1511. Required. Identifier for the entity that requested the license, such as the client who acquired the license. For example, all licenses issued by the Store for Business for a particular enterprise client has the same RequesterID.
+Added in Windows 10, version 1511. Required. Identifier for the entity that requested the license, such as the client who acquired the license. For example, all licenses issued by the Store for Business for a particular enterprise client has the same RequesterID.
-
Supported operation is Get.
+Supported operation is Get.
**AppLicenses/StoreLicenses/*LicenseID*/AddLicense**
-
Required. Command to add license.
+Required. Command to add license.
-
Supported operation is Execute.
+Supported operation is Execute.
**AppLicenses/StoreLicenses/*LicenseID*/GetLicenseFromStore**
-
Added in Windows 10, version 1511. Required. Command to get license from the store.
+Added in Windows 10, version 1511. Required. Command to get license from the store.
-
Supported operation is Execute.
+Supported operation is Execute.
## Examples
-
For examples of how to use this CSP to for reporting apps inventory, installation and removal of apps for users, provisioning apps to devices, and managing app licenses, see [Enterprise app management](enterprise-app-management.md).
+For examples of how to use this CSP to for reporting apps inventory, installation and removal of apps for users, provisioning apps to devices, and managing app licenses, see [Enterprise app management](enterprise-app-management.md).
-
Query the device for a specific app subcategory, such as nonStore apps.
+Query the device for a specific app subcategory, such as nonStore apps.
``` syntax
@@ -492,9 +581,9 @@ Expected Behavior on an AMD64 machine that has x86 flavor of an app installed (M
```
-
The result contains a list of apps, such as <Data>App1/App2/App3</Data>.
+The result contains a list of apps, such as <Data>App1/App2/App3</Data>.
-
Subsequent query for a specific app for its properties.
+Subsequent query for a specific app for its properties.
``` syntax
diff --git a/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md b/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md
index 08075cd45e..3bbc3d3401 100644
--- a/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md
+++ b/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md
@@ -7,17 +7,19 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: MariciaAlforque
-ms.date: 03/01/2018
+ms.date: 07/23/2018
---
# EnterpriseModernAppManagement DDF
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
This topic shows the OMA DM device description framework (DDF) for the **EnterpriseModernAppManagement** configuration service provider. DDF files are used only with OMA DM provisioning XML.
Looking for the DDF XML files? See [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download).
-The XML below is for Windows 10, version 1803.
+The XML below is for Windows 10, next major version.
``` syntax
@@ -26,41 +28,85 @@ The XML below is for Windows 10, version 1803.
[]>
1.2
+
+ EnterpriseModernAppManagement
+ ./Vendor/MSFT
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AppManagement
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
- EnterpriseModernAppManagement
- ./Vendor/MSFT
+
+
+
-
+
-
+
+ EnterpriseID
- AppManagement
+
+
+
-
+
-
+
+ PackageFamilyName
@@ -76,632 +122,19 @@ The XML below is for Windows 10, version 1803.
-
-
-
-
-
-
- EnterpriseID
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- PackageFamilyName
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- PackageFullName
-
-
-
-
-
- Name
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- Version
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- Publisher
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- Architecture
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- InstallLocation
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- IsFramework
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- IsBundle
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- InstallDate
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- ResourceID
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- PackageStatus
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- RequiresReinstall
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- Users
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- IsProvisioned
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
-
- DoNotUpdate
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- DoNotUpdate
-
- text/plain
-
-
-
-
- AppSettingPolicy
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- SettingValue
-
- text/plain
-
-
-
-
-
- MaintainProcessorArchitectureOnUpdate
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- MaintainProcessorArchitectureOnUpdate
-
- text/plain
-
-
-
-
-
-
- UpdateScan
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- LastScanError
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- AppInventoryResults
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- AppInventoryQuery
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- RemovePackage
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
-
- AppInstallation
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- PackageFamilyName
+ PackageFullName
- StoreInstall
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- HostedInstall
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- LastError
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- LastErrorDesc
+ Name
@@ -721,7 +154,87 @@ The XML below is for Windows 10, version 1803.
- Status
+ Version
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Publisher
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Architecture
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InstallLocation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ IsFramework
@@ -741,7 +254,127 @@ The XML below is for Windows 10, version 1803.
- ProgressStatus
+ IsBundle
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InstallDate
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ResourceID
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PackageStatus
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RequiresReinstall
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Users
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ IsProvisioned
@@ -761,31 +394,38 @@ The XML below is for Windows 10, version 1803.
-
-
- AppLicenses
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- StoreLicenses
+ DoNotUpdate
+
+
+
+
+
+
+
+
+
+
+
+
+
+ DoNotUpdate
+
+ text/plain
+
+
+
+
+ AppSettingPolicy
+
+
+
+
+
+
@@ -794,7 +434,7 @@ The XML below is for Windows 10, version 1803.
-
+
@@ -807,9 +447,10 @@ The XML below is for Windows 10, version 1803.
+
-
+
@@ -817,13 +458,172 @@ The XML below is for Windows 10, version 1803.
- LicenseID
+ SettingValue
+
+ text/plain
+
+
+
+
+
+ MaintainProcessorArchitectureOnUpdate
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ MaintainProcessorArchitectureOnUpdate
+
+ text/plain
+
+
+
+
+ NonRemovable
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ NonRemovable
+
+ text/plain
+
+
+
+
+
+ ReleaseManagement
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ReleaseManagementKey
+
+
+
+
+
+ ChannelId
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ReleaseId
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ EffectiveRelease
+
+
+
+
+
+
+
+
+
+
+
+
+
- LicenseCategory
+ ChannelId
@@ -832,7 +632,7 @@ The XML below is for Windows 10, version 1803.
-
+
@@ -843,7 +643,7 @@ The XML below is for Windows 10, version 1803.
- LicenseUsage
+ ReleaseId
@@ -852,67 +652,7 @@ The XML below is for Windows 10, version 1803.
-
-
-
-
-
-
- text/plain
-
-
-
-
- RequesterID
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- AddLicense
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- GetLicenseFromStore
-
-
-
-
-
-
-
-
-
+
@@ -926,19 +666,442 @@ The XML below is for Windows 10, version 1803.
+
+ UpdateScan
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LastScanError
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AppInventoryResults
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AppInventoryQuery
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RemovePackage
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+
+ AppInstallation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ PackageFamilyName
+
+
+
+
+
+ StoreInstall
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ HostedInstall
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LastError
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LastErrorDesc
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Status
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ProgressStatus
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+
+
+ AppLicenses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ StoreLicenses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ LicenseID
+
+
+
+
+
+ LicenseCategory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LicenseUsage
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RequesterID
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AddLicense
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ GetLicenseFromStore
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+
+
+
-```
-
-## Related topics
-
-[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)
-
-
-
-
-
-
-
-
-
-
+```
\ No newline at end of file
diff --git a/windows/client-management/mdm/images/provisioning-csp-enterprisemodernappmanagement.png b/windows/client-management/mdm/images/provisioning-csp-enterprisemodernappmanagement.png
index a28f41fe6a..95d2fcf840 100644
Binary files a/windows/client-management/mdm/images/provisioning-csp-enterprisemodernappmanagement.png and b/windows/client-management/mdm/images/provisioning-csp-enterprisemodernappmanagement.png differ
diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index 2f7d533bf3..e5266a6456 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -1638,6 +1638,10 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
+| [Win32CompatibilityAppraiser CSP](win32compatibilityappraiser-csp.md) |
+Added new configuration service provider.
+ |
+
| [WindowsLicensing CSP](windowslicensing-csp.md) |
Added S mode settings.
|
@@ -1669,6 +1673,10 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
Defender/EnableLowCPUPriority
Defender/SignatureUpdateFallbackOrder
Defender/SignatureUpdateFileSharesSources
+DeviceInstallation/AllowInstallationOfMatchingDeviceIDs
+DeviceInstallation/AllowInstallationOfMatchingDeviceSetupClasses
+DeviceInstallation/PreventDeviceMetadataFromNetwork
+DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings
DmaGuard/DeviceEnumerationPolicy
Experience/AllowClipboardHistory
TaskManager/AllowEndTask
diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md
index e9d7a78158..cbc9d1bf0b 100644
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
@@ -1214,7 +1214,7 @@ To verify AllowPopups is set to 0 (not allowed):
ADMX Info:
-- GP English name: *Allow Prelaunch*
+- GP English name: *Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed*
- GP name: *AllowPrelaunch*
- GP path: *Windows Components/Microsoft Edge*
- GP ADMX file name: *MicrosoftEdge.admx*
diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md
index a149748012..80adf12056 100644
--- a/windows/deployment/TOC.md
+++ b/windows/deployment/TOC.md
@@ -235,10 +235,6 @@
### [Manage device restarts after updates](update/waas-restart.md)
### [Manage additional Windows Update settings](update/waas-wu-settings.md)
### [Determine the source of Windows updates](update/windows-update-sources.md)
-### [Windows Insider Program for Business](update/waas-windows-insider-for-business.md)
-#### [Introduction to the Windows Insider Program for Business](update/WIP4Biz-intro.md)
-#### [Windows Insider Program for Business Frequently Asked Questions](update/waas-windows-insider-for-business-faq.md)
-#### [Olympia Corp enrollment](update/olympia/olympia-enrollment-guidelines.md)
### [Change history for Update Windows 10](update/change-history-for-update-windows-10.md)
## [Windows Analytics](update/windows-analytics-overview.md)
diff --git a/windows/deployment/update/waas-windows-insider-for-business-aad.md b/windows/deployment/update/waas-windows-insider-for-business-aad.md
deleted file mode 100644
index e8099960b8..0000000000
--- a/windows/deployment/update/waas-windows-insider-for-business-aad.md
+++ /dev/null
@@ -1,123 +0,0 @@
----
-title: Windows Insider Program for Business using Azure Active Directory
-description: Benefits and configuration of corporate accounts in the Windows Insider Program
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-author: DaniHalfin
-ms.localizationpriority: medium
-ms.author: daniha
-ms.date: 10/16/2017
----
-
-# Windows Insider Program for Business using Azure Active Directory
-
-
-**Applies to**
-
-- Windows 10
-
-> **Looking for information about Windows 10 for personal or home use?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
-
-We recently added features and benefits to better support the IT Professionals and business users in our Windows Insider community. This includes the option to download Windows 10 Insider Preview builds using your corporate credentials in Azure Active Directory (AAD). By enrolling devices in AAD, you increase the visibility of feedback submitted by users in your organization – especially on features that support your specific business needs.
-
->[!NOTE]
->At this point, the Windows Insider Program for Business only supports Azure Active Directory (and not Active Directory on premises) as a corporate authentication method.
-
->[!TIP]
->New to Azure Active Directory? Go here for [an introduction to AAD](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect), including guidance for [adding users](https://docs.microsoft.com/azure/active-directory/active-directory-users-create-azure-portal), [device registration](https://docs.microsoft.com/azure/active-directory/active-directory-device-registration-overview) and [integrating your on-premises directories with Azure AD](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect).
->
->If your company is currently not using AAD – but has a paid subscription to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services – you have a free subscription to Microsoft Azure Active Directory. This subscription can be used to create users for enrollment in the Windows Insider Program for Business.
-
-In order to get the most benefit out of the Windows Insider Program for Business, organizations should not use a test tenant of AAD. There will be no modifications to the AAD tenant to support the Windows Insider Program as it will only be used as an authentication method.
-
-## Register your organization's Azure AD domain to the Windows Insider Program for Business
-Rather than have each user in your organization register for Windows 10 Insider Preview builds, you can now simply register your domain – and cover all users with just one registration.
-
-1. On the [Windows Insider](https://insider.windows.com) website, go to **For Business > Getting Started** to [register your organizational Azure AD account](https://insider.windows.com/en-us/insidersigninaad/).
-2. **Register your domain**. Rather than have each user register individually for Windows Insider Preview builds, administrators can simply [register their domain](https://insider.windows.com/en-us/for-business-organization-admin/) and control settings centrally.
-
->[!IMPORTANT]
->The signed-in user needs to be a **Global Administrator** of the Azure AD domain in order to be able to register the domain.
-
-## Check if a device is connected to your company’s Azure Active Directory subscription
-Simply go to **Settings > Accounts > Access work or school**. If a corporate account is on Azure Active Directory and it is connected to the device, you will see the account listed as highlighted in the image below.
-
-
-
-## Enroll a device with an Azure Active Directory account
-1. Navigate to the [**Getting Started**](https://insider.windows.com/en-us/getting-started/) page on [Windows Insider](https://insider.windows.com).
-2. Go to **Register your organization account** and follow the instructions.
-3. On your Windows 10 device, go to **Settings > Updates & Security > Windows Insider Program**.
-4. Enter the AAD account that you used to register and follow the on-screen directions.
-
->[!NOTE]
->Make sure that you have administrator rights to the machine and that it has latest Windows updates.
-
-## Switch device enrollment from your Microsoft account to your AAD account
-1. Visit [insider.windows.com](https://insider.windows.com) to register your AAD account. If you are signed in with your Microsoft account, sign out, then sign back in with your corporate AAD account.
-2. Click **Get started**, read and accept the privacy statement and program terms and click **Submit**.
-3. On your Windows 10 PC, go to **Settings > Updates & Security > Windows Insider Program**.
-4. Under Windows Insider account, click your Microsoft account, then **Change** to open a Sign In box.
-5. Select your corporate account and click Continue to change your account.
-
-
-
->[!NOTE]
->Your device must be connected to your corporate account in AAD for the account to appear in the account list.
-
-## User consent requirement
-
-With the current version of the Feedback Hub app, we need the user's consent to access their AAD account profile data (We read their name, organizational tenant ID and user ID). When they sign in for the first time with the AAD account, they will see a popup asking for their permission, like this:
-
-
-
-Once agreed, everything will work fine, and that user won't be prompted for permission again.
-
-### Something went wrong
-
-The option for users to give consent for apps to access their profile data is controlled through Azure Active Directory. This means the AAD administrators have the ability to allow or block users from giving consent.
-
-In case the administrators blocked this option, when the user signs in with the AAD account, they will see the following error message:
-
-
-
-This blocks the user from signing in, which means they won't be able to use the Feedback Hub app with their AAD credentials.
-
-**To fix this issue**, an administrator of the AAD directory will need to enable user consent for apps to access their data.
-
-To do this through the **classic Azure portal**:
-1. Go to https://manage.windowsazure.com/ .
-2. Switch to the **Active Directory** dashboard.
- 
-3. Select the appropriate directory and go to the **Configure** tab.
-4. Under the **integrated applications** section, enable **Users may give applications permissions to access their data**.
- 
-
-To do this through the **new Azure portal**:
-1. Go to https://portal.azure.com/ .
-2. Switch to the **Active Directory** dashboard.
- 
-3. Switch to the appropriate directory.
- 
-4. Under the **Manage** section, select **User settings**.
- 
-5. In the **Enterprise applications** section, enable **Users can allow apps to access their data**.
- 
-
-
-## Frequently Asked Questions
-
-### Will my test machines be affected by automatic registration?
-All devices enrolled in the Windows Insider Program (physical or virtual) will receive Windows 10 Insider Preview builds (regardless of registration with MSA or AAD).
-
-### Once I register with my corporate account in AAD, do I need to keep my Microsoft account for the Windows Insider Program?
-No, once you set up your device using AAD credentials – all feedback and flighting on that machine will be under your AAD account. You may need MSA for other machines that aren’t being used on your corporate network or to get Microsoft Store App updates.
-
-### How do I stop receiving updates?
-You can simply “unlink” your account by going to **Settings > Updates & Security > Windows Insider Program**, select Windows Insider Account and click **Unlink**.
-
-
-## Related Topics
-- [Windows Insider Program for Business](waas-windows-insider-for-business.md)
-- [Windows Insider Program for Business Frequently Asked Questions](waas-windows-insider-for-business-faq.md)
diff --git a/windows/deployment/update/waas-windows-insider-for-business-faq.md b/windows/deployment/update/waas-windows-insider-for-business-faq.md
deleted file mode 100644
index 0d5282bf9f..0000000000
--- a/windows/deployment/update/waas-windows-insider-for-business-faq.md
+++ /dev/null
@@ -1,106 +0,0 @@
----
-title: Windows Insider Program for Business Frequently Asked Questions
-description: Frequently Asked Questions and answers about the Windows Insider Program
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-author: DaniHalfin
-ms.localizationpriority: medium
-ms.author: daniha
-ms.date: 10/24/2017
----
-
-# Windows Insider Program for Business Frequently Asked Questions
-
-
-**Applies to**
-
-- Windows 10
-
-> **Looking for information about Windows 10 for personal or home use?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq)
-
-### Are the Windows Insider Program and Windows Insider Program for Business separate programs?
-No, in fact just the opposite. The Windows Insider Program was created in 2014 to help Microsoft engage with Windows Fans worldwide. Windows Insiders are the first to be able to try new Windows features that we introduce through Windows 10 Insider Preview Builds. At the same time, they can provide feedback through the Feedback Hub App which helps create even better versions of Windows for all users. The Windows Insider Program for Business enables you to incorporate Insider Preview builds into your deployment plans using your corporate credentials, deepen connections with the IT Pro community, collect feedback within your organization, and increase the visibility of your organization’s feedback – especially on features that support productivity and business needs. Together we can resolve blocking or critical issues to better support your organization’s needs sooner. Incorporating the Windows Insider Program for Business into your deployment plans enables you to prepare your organization for the next update of Windows 10, to deploy new services and tools more quickly, to help secure your applications, and to increase productivity and confidence in the stability of your environment. Windows Insider Program for Business participants collaborate with the Windows team to build and document features, infuse innovation, and plan for what’s around the bend. We’ve architected some great features together, received amazing feedback, and we’re not done.
-
-### What Languages are available?
-Insider Preview builds are available in the following languages: English (United States), English (United Kingdom), Chinese (Simplified), Chinese (Traditional), Portuguese (Brazilian), Japanese, Russian, German, French, French (Canada), Korean, Italian, Spanish, Spanish (Latin America), Swedish, Finnish, Turkish, Arabic, Dutch, Czech, Polish, Thai, Catalan, Hindi, and Vietnamese.
-
-If your Windows build is not in one of the available base languages, you will not receive Insider Preview builds.
-
-Hindi, Catalan, and Vietnamese can only be installed as a language pack over [supported base languages](https://support.microsoft.com/help/14236/language-packs).
-
->[!NOTE]
-> To learn how to install a language pack, see [How to add an input language to your PC Additional](https://support.microsoft.com/instantanswers/60f32ff8-8697-4452-af7d-647439c38433/how-to-add-and-switch-input-languages-on-your-pc).
-
-### How do I register for the Windows Insider Program for Business?
-To register for the Windows Insider Program for Business, follow the steps below using your corporate account in Azure Active Directory (AAD). This account is the same account that you use for Office 365 and other Microsoft services.
-
-1. Visit https://insider.windows.com and click **Get Started**.
-2. Sign-in with your corporate account in AAD (username/password) and follow the on-screen registration directions.
-3. Enroll your Windows 10 PC to get the latest Windows 10 Insider Preview builds. Go to **Settings > Updates & Security > Windows Insider Program**. Click **Get Started**, enter your corporate credentials that you used to register, then follow the on-screen directions.
-
->[!NOTE]
->Make sure that you have administrator rights to your machine and that it has latest Windows updates.
-
-### Are there any management capabilities that allow an IT admin to manage settings for a corporate environment?
-Yes. Starting with Windows 10, version 1709, the Windows Insider Program for Business now enables administrators to apply the following group policies to help them manage their organization’s preview builds:
-
-**Manage preview builds:** Administrators can enable or prevent builds from installing on a device. You also have an option to disable preview builds once the release is public.
-**Branch Readiness Level:** Administrators can set the Windows readiness level, including Fast, Slow, Release Preview Rings of Windows Insider Preview) and allows administrators to defer or pause delivery of updates.
-
-See more information on the [Getting started with Windows Insider Program for Business](/windows-insider/at-work-pro/wip-4-biz-get-started) section.
-
-### How can I find out if my corporate account is on Azure Active Directory?
-On your PC, go to **Settings > Accounts > Access work or school**. If your organization has set up your corporate account in Azure Active Directory and it is connected to your PC, you will see the account listed as highlighted in the image below.
-
-
-
-### I have more than one Azure Active Directory account. Which should I use?
-Register for Windows Insider Program for Business with the same active account that you use to access your corporate email in Office 365 and other Microsoft services. To ensure you get the most benefit out of the Windows Insider Program for Business and that your company is fully represented, do not set up a separate tenant for testing activities. There will be no modifications to the AAD tenant to support Windows Insider Program for Business, and it will only be used as an authentication method.
-
-### Can I register multiple users from my organization at the same time for the Windows Insider Program for Business?
-Yes. The Windows Insider Program for Business now allows organizations to register their domain and control settings centrally rather than require each user to register individually for Insider Preview builds. In order to register, follow instructions on the [Getting started with Windows Insider Program for Business](/windows-insider/at-work-pro/wip-4-biz-get-started) section.
-
-### My account is listed in Active Directory but not Azure Active Directory. Can I still register using my Active Directory credentials?
-No. At this point, we are only supporting Azure Active Directory as a corporate authentication method. If you’d like to suggest or upvote another authentication method, please visit this [forum](https://answers.microsoft.com/en-us/insider/forum/insider_wintp).
-
-### I just want to participate as a Windows Insider. Do I still need to register with my corporate account in Azure Active Directory?
-No. You can join using your Microsoft account (MSA) by following the steps below. However, please note that if you want to access the benefits of the Windows Insider Program for Business, you will need to sign-up using your corporate account in Azure Active Directory.
-
-1. Visit https://insider.windows.com and click Get Started.
-2. Register with your Microsoft account and follow the on-screen registration directions.
-3. Enroll your Windows 10 PC to get the latest Windows 10 Insider Preview builds by going to **Settings > Updates & Security > Windows Insider Program** and entering your Microsoft account that you used to register. Now follow the on-screen directions.
-
->[!NOTE]
->Make sure that you have administrator rights to your machine and that it has latest Windows updates.
-
-### I am already a Windows Insider. I want to switch my account from my Microsoft account to my corporate account in Azure Active Directory. How do I do this?
-In just a few steps, you can switch your existing program registration from your Microsoft account to your corporate account in Azure Active Directory.
-
-1. Visit https://insider.windows.com. If you are signed in with your Microsoft account, sign out then sign back in to register with your corporate account in AAD.
-2. On your Windows 10 PC, go to **Settings > Updates & Security > Windows Insider Program**.
-3. In your account Under Windows Insider account, click **Change** to open a pop-up box.
-4. Select your corporate account and click Continue to change your account.
-
->[!NOTE]
->Your corporate account must be connected to the device for it to appear in the account list.
-
-### How do I sign into the Feedback Hub with my corporate credentials?
-Sign in to the Feedback Hub using the same AAD account you are using to flight builds.
-
-### Am I going to lose all the feedback I submitted and badges I earned with my MSA?
-No. However, your feedback will not be transferred from your MSA to your AAD account. You can switch back to your MSA account in the Feedback Hub to access feedback you’ve submitted and badges you’ve earned.
-
-### How is licensing handled for Windows 10 Insider builds?
-All PCs need to have a valid Windows 10 license. This requirement applies whether the device is joined to the Windows Insider Program using a Microsoft account or an Azure Active Directory account.
-
-### Can I use the Software in a live operating environment?
-The software is a pre-release version, and we do not recommend that organizations run Windows Insider Preview builds outside of their test environments. This software may not work the way a final version of the software will. We may change it for the final, commercial version. We also may not release a commercial version.
-
-### Can a single MSA or AAD account be used to register more than one PC in the program?
-Yes. If each PC has a valid Windows 10 or Windows 10 Mobile license you can use your MSA on as many devices as you’d like. However, the main concern would be that within the feedback it all looks like it comes from a single user. If multiple devices are experiencing problems with a build, you’d want the ability to submit the same feedback from multiple people (or upvote the same piece of feedback).
-
-
-## Related Topics
-- [Windows Insider Program for Business](waas-windows-insider-for-business.md)
-- [Windows Insider Program for Business using Azure Active Directory](waas-windows-insider-for-business-aad.md)
\ No newline at end of file
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index b7ac65f33b..9467fc2e6d 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -125,13 +125,13 @@
######### [Is domain seen in organization](windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
#######File
-######## [Block file API](windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md)
+######## [Block file](windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md)
######## [Get file information](windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md)
######## [Get file related alerts](windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md)
######## [Get file related machines](windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md)
######## [Get file statistics](windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md)
-######## [Get FileActions collection API](windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md)
-######## [Unblock file API](windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md)
+######## [Get FileActions collection](windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md)
+######## [Unblock file](windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md)
#######IP
######## [Get IP related alerts](windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
@@ -139,25 +139,25 @@
######## [Get IP statistics](windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md)
######## [Is IP seen in organization](windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md)
#######Machines
-######## [Collect investigation package API](windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md)
+######## [Collect investigation package](windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md)
######## [Find machine information by IP](windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
######## [Get machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md)
-######## [Get FileMachineAction object API](windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
-######## [Get FileMachineActions collection API](windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
+######## [Get FileMachineAction object](windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
+######## [Get FileMachineActions collection](windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
######## [Get machine by ID](windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md)
######## [Get machine log on users](windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
######## [Get machine related alerts](windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
-######## [Get MachineAction object API](windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md)
-######## [Get MachineActions collection API](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md)
+######## [Get MachineAction object](windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md)
+######## [Get MachineActions collection](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md)
######## [Get machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md)
-######## [Get package SAS URI API](windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md)
-######## [Isolate machine API](windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md)
-######## [Release machine from isolation API](windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md)
-######## [Remove app restriction API](windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
-######## [Request sample API](windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md)
-######## [Restrict app execution API](windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md)
-######## [Run antivirus scan API](windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md)
-######## [Stop and quarantine file API](windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md)
+######## [Get package SAS URI](windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md)
+######## [Isolate machine](windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md)
+######## [Release machine from isolation](windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md)
+######## [Remove app restriction](windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
+######## [Request sample](windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md)
+######## [Restrict app execution](windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md)
+######## [Run antivirus scan](windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md)
+######## [Stop and quarantine file](windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md
index e0acbff6f6..193fddfef8 100644
--- a/windows/security/threat-protection/windows-defender-atp/TOC.md
+++ b/windows/security/threat-protection/windows-defender-atp/TOC.md
@@ -116,13 +116,13 @@
###### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
#####File
-###### [Block file API](block-file-windows-defender-advanced-threat-protection.md)
+###### [Block file](block-file-windows-defender-advanced-threat-protection.md)
###### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md)
###### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md)
###### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md)
###### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md)
-###### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md)
-###### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md)
+###### [Get FileActions collection](get-fileactions-collection-windows-defender-advanced-threat-protection.md)
+###### [Unblock file](unblock-file-windows-defender-advanced-threat-protection.md)
#####IP
###### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
@@ -130,25 +130,25 @@
###### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md)
###### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md)
#####Machines
-###### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md)
+###### [Collect investigation package](collect-investigation-package-windows-defender-advanced-threat-protection.md)
###### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
-###### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
-###### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
+###### [Get FileMachineAction object](get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
+###### [Get FileMachineActions collection](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
###### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md)
###### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
###### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
-###### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md)
-###### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md)
+###### [Get MachineAction object](get-machineaction-object-windows-defender-advanced-threat-protection.md)
+###### [Get MachineActions collection](get-machineactions-collection-windows-defender-advanced-threat-protection.md)
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
-###### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md)
-###### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md)
-###### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md)
-###### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
-###### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md)
-###### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md)
-###### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md)
-###### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md)
+###### [Get package SAS URI](get-package-sas-uri-windows-defender-advanced-threat-protection.md)
+###### [Isolate machine](isolate-machine-windows-defender-advanced-threat-protection.md)
+###### [Release machine from isolation](unisolate-machine-windows-defender-advanced-threat-protection.md)
+###### [Remove app restriction](unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
+###### [Request sample](request-sample-windows-defender-advanced-threat-protection.md)
+###### [Restrict app execution](restrict-code-execution-windows-defender-advanced-threat-protection.md)
+###### [Run antivirus scan](run-av-scan-windows-defender-advanced-threat-protection.md)
+###### [Stop and quarantine file](stop-quarantine-file-windows-defender-advanced-threat-protection.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md
index 6dfc383d4f..933ac113b2 100644
--- a/windows/security/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md
@@ -52,7 +52,7 @@ If successful, this method returns 200, Ok response code with empty body, which
## Example
-Request
+**Request**
Here is an example of the request.
@@ -66,7 +66,7 @@ Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md
index b9e163b603..1d19deb5cb 100644
--- a/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md
@@ -51,7 +51,7 @@ If successful, this method returns 201, Created response code and _MachineAction
## Example
-Request
+**Request**
Here is an example of the request.
@@ -63,7 +63,7 @@ Content-type: application/json
}
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md
index 11149f97e2..fec2f15177 100644
--- a/windows/security/threat-protection/windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md
@@ -1,7 +1,7 @@
---
title: Find machine information by internal IP API
-description: Use this API to create calls related to finding a machine entry around a specific timestamp by FQDN or internal IP.
-keywords: apis, graph api, supported apis, find machine, machine information, IP
+description: Use this API to create calls related to finding a machine entry around a specific timestamp by internal IP.
+keywords: ip, apis, graph api, supported apis, find machine, machine information
search.product: eADQiWindows 10XVcnh
ms.prod: w10
ms.mktglfcycl: deploy
@@ -9,8 +9,8 @@ ms.sitesec: library
ms.pagetype: security
ms.author: macapara
author: mjcaparas
-ms.localizationpriority: medium
-ms.date: 12/08/2017
+ms.localizationpriority: high
+ms.date: 07/25/2018
---
# Find machine information by internal IP API
@@ -20,15 +20,17 @@ ms.date: 12/08/2017
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+Find a machine entity around a specific timestamp by internal IP.
-Find a machine entity around a specific timestamp by FQDN or internal IP.
+>[!NOTE]
+>The timestamp must be within the last 30 days.
## Permissions
User needs read permissions.
## HTTP request
```
-GET /testwdatppreview/machines/find(timestamp={time},key={IP/FQDN})
+GET /testwdatppreview/machines/find(timestamp={time},key={IP})
```
## Request headers
@@ -49,19 +51,20 @@ If no machine found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
```
-GET https://graph.microsoft.com/testwdatppreview/machines/find(timestamp={time},key={IP/FQDN})
+GET https://graph.microsoft.com/testwdatppreview/machines/find(timestamp=2018-06-19T10:00:00Z,key='10.166.93.61')
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
+The response will return a list of all machines that reported this IP address within sixteen minutes prior and after the timestamp.
```
HTTP/1.1 200 OK
diff --git a/windows/security/threat-protection/windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md
index 84dee5c7d5..11933fc1f8 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md
@@ -50,7 +50,7 @@ If actor does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -59,7 +59,7 @@ GET https://graph.microsoft.com/testwdatppreview/actors/zinc
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md
index 8a5762e665..7d607f80b0 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If actor does not exist or no related alerts - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/actors/zinc/alerts
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md
index 419cb34165..7bd281c1c2 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If alert not found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/alerts/{id}
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md
index 9db57c1f3a..feb7c72977 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If alert not found or actor not found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -59,7 +59,7 @@ Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md
index 2345c8b138..1dc2400622 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If alert not found or domain not found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/alerts/{id}/domains
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md
index df332bb31e..692038dece 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If alert not found or files not found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/alerts/{id}/files
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md
index be6ceafbb2..13d6fa451e 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If alert not found or IPs not found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/alerts/{id}/ips
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md
index 3ef95e980b..c65563b583 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md
@@ -48,7 +48,7 @@ If alert not found or machine not found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -57,7 +57,7 @@ GET https://graph.microsoft.com/testwdatppreview/alerts/{id}/machine
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md
index 0844973f7e..0ca328f129 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If alert not found or user not found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/alerts/{id}/user
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md
index 554f7a5466..91370e6ab4 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md
@@ -50,7 +50,7 @@ If no recent alerts found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -59,7 +59,7 @@ GET https://graph.microsoft.com/testwdatppreview/alerts
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md
index 7d08798a81..edf69b8cc2 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If domain or alert does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/domains/{id}/alerts
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md
index c33a75f487..42274f276d 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If domain or machines do not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/domains/{id}/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection.md
index 8fc1561fca..a8d16cda6c 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If domain does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/domains/{id}/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md
index 73c57db52c..3a8aecdcdc 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md
@@ -50,7 +50,7 @@ If file does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -59,7 +59,7 @@ GET https://graph.microsoft.com/testwdatppreview/files/{id}
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md
index fd93bb2eae..3bc108f4c5 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If file or alerts do not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/files/{id}/alerts
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md
index e6c5a9365d..46a55266b9 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If file or machines do not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/files/{id}/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md
index 64a0f6b518..379a272b7f 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If file do not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/files/{id}/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md
index 12c0fa3996..58ec0179eb 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md
@@ -51,7 +51,7 @@ If successful, this method returns 200, Ok response code with a collection of Fi
## Example
-Request
+**Request**
Here is an example of the request on an organization that has three FileActions.
@@ -59,7 +59,7 @@ Here is an example of the request on an organization that has three FileActions.
GET https://graph.microsoft.com/testwdatppreview/fileactions
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md
index 754f96f452..e30ca834b1 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md
@@ -47,7 +47,7 @@ If successful, this method returns 200, Ok response code with the *FileMachineAc
## Example
-Request
+**Request**
Here is an example of the request.
@@ -55,7 +55,7 @@ Here is an example of the request.
GET https://graph.microsoft.com/testwdatppreview/filemachineactions/3dc88ce3-dd0c-40f7-93fc-8bd14317aab6
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md
index a539468085..4f981ccd54 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md
@@ -47,7 +47,7 @@ If successful, this method returns 200, Ok response code with a collection of Fi
## Example 1
-Request
+**Request**
Here is an example of the request on an organization that has three FileMachineActions.
@@ -55,7 +55,7 @@ Here is an example of the request on an organization that has three FileMachineA
GET https://graph.microsoft.com/testwdatppreview/filemachineactions
```
-Response
+**Response**
Here is an example of the response.
@@ -113,7 +113,7 @@ Content-type: application/json
##Example 2
-Request
+**Request**
Here is an example of a request that filters the FileMachineActions by machine ID and shows the latest two FileMachineActions.
@@ -121,7 +121,7 @@ Here is an example of a request that filters the FileMachineActions by machine I
GET https://graph.microsoft.com/testwdatppreview/filemachineactions?$filter=machineId eq 'f46b9bb259ed4a7fb9981b73510e3cc7aa81ec1f'&$top=2
```
-Response
+**Response**
```
HTTP/1.1 200 Ok
diff --git a/windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md
index 9df15443a5..b1ad30ecd5 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If IP and alerts do not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/ips/{id}/alerts
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md
index 057ba3204c..1796c563b1 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md
@@ -42,7 +42,7 @@ If IP or machines do not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -51,7 +51,7 @@ GET https://graph.microsoft.com/testwdatppreview/ips/{id}/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md
index 2707f3e8f3..f04eee146e 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If domain does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/ips/{id}/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md
index 4fae64901f..cdb7691d99 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If no machine found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/machines/{id}
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md
index f63f7a4ac8..f73f0600fd 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md
@@ -50,7 +50,7 @@ If no machine found or no users found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -59,7 +59,7 @@ GET https://graph.microsoft.com/testwdatppreview/machines/{id}/logonusers
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md
index 4d8df5b6a4..2cbf47c5da 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If no machine or no alerts found - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/machines/{id}/alerts
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md
index 2fc484f7ef..21214216c0 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md
@@ -47,7 +47,7 @@ If successful, this method returns 200, Ok response code with the *MachineAction
## Example
-Request
+**Request**
Here is an example of the request.
@@ -55,7 +55,7 @@ Here is an example of the request.
GET https://graph.microsoft.com/testwdatppreview/machineactions/2e9da30d-27f6-4208-81f2-9cd3d67893ba
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md
index 5cd4a460b5..4f8250057a 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md
@@ -47,7 +47,7 @@ If successful, this method returns 200, Ok response code with a collection of Ma
## Example 1
-Request
+**Request**
Here is an example of the request on an organization that has three MachineActions.
@@ -55,7 +55,7 @@ Here is an example of the request on an organization that has three MachineActio
GET https://graph.microsoft.com/testwdatppreview/machineactions
```
-Response
+**Response**
Here is an example of the response.
@@ -107,7 +107,7 @@ Content-type: application/json
## Example 2
-Request
+**Request**
Here is an example of a request that filters the MachineActions by machine ID and shows the latest two MachineActions.
@@ -117,7 +117,7 @@ GET https://graph.microsoft.com/testwdatppreview/machineactions?$filter=machineI
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md
index 23858c2f48..15f5915642 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If no recent machines - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md
index bfb9838d29..ade4afd10e 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md
@@ -48,7 +48,7 @@ If successful, this method returns 200, Ok response code with object that holds
## Example
-Request
+**Request**
Here is an example of the request.
@@ -57,7 +57,7 @@ GET https://graph.microsoft.com/testwdatppreview/machineactions/7327b54fd718525c
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md
index 813f2d6b28..44a41412fe 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If user does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/users/{id}
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md
index 1d59e3024a..12c741d3fe 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If user does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/users/{id}/alerts
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md
index c4555f4144..80a2b92234 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If user or machine does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/users/{id}/machines
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md
index dde8702b35..3bda2052aa 100644
--- a/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md
@@ -42,7 +42,7 @@ If domain does not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -51,7 +51,7 @@ GET https://graph.microsoft.com/testwdatppreview/domains/{id}
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md
index 3071b4389d..0e5cdd372b 100644
--- a/windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md
@@ -49,7 +49,7 @@ If IP do not exist - 404 Not Found.
## Example
-Request
+**Request**
Here is an example of the request.
@@ -58,7 +58,7 @@ GET https://graph.microsoft.com/testwdatppreview/ips/{id}
Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md
index 747a0d6995..8a1af5560e 100644
--- a/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md
@@ -57,7 +57,7 @@ If successful, this method returns 201, Created response code and _MachineAction
## Example
-Request
+**Request**
Here is an example of the request.
@@ -70,7 +70,7 @@ Content-type: application/json
}
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md
index 2a77493d4a..5e12dabe3d 100644
--- a/windows/security/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md
@@ -52,7 +52,7 @@ If successful, this method returns 201, Created response code and *FileMachineAc
## Example
-Request
+**Request**
Here is an example of the request.
@@ -66,7 +66,7 @@ Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md
index 86e95ef071..b7b33d60ef 100644
--- a/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md
@@ -51,7 +51,7 @@ If successful, this method returns 201, Created response code and _MachineAction
## Example
-Request
+**Request**
Here is an example of the request.
@@ -63,7 +63,7 @@ Content-type: application/json
}
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md
index ff6df83998..c6803604a8 100644
--- a/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md
@@ -59,7 +59,7 @@ If successful, this method returns 201, Created response code and _MachineAction
## Example
-Request
+**Request**
Here is an example of the request.
@@ -72,7 +72,7 @@ Content-type: application/json
}
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md
index 246a062ea3..9540e46529 100644
--- a/windows/security/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md
@@ -52,7 +52,7 @@ If successful, this method returns 201, Created response code and _FileMachineAc
## Example
-Request
+**Request**
Here is an example of the request.
@@ -65,7 +65,7 @@ Content-type: application/json
}
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md
index 8a85f201ce..7ea3ec1258 100644
--- a/windows/security/threat-protection/windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md
@@ -52,7 +52,7 @@ If successful, this method returns 200, Ok response code with empty body, which
## Example
-Request
+**Request**
Here is an example of the request.
@@ -64,7 +64,7 @@ Content-type: application/json
}
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
index 2d3ab9fbaf..c0ef9d02f6 100644
--- a/windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
@@ -51,7 +51,7 @@ If successful, this method returns 201, Created response code and _MachineAction
## Example
-Request
+**Request**
Here is an example of the request.
@@ -63,7 +63,7 @@ Content-type: application/json
}
```
-Response
+**Response**
Here is an example of the response.
diff --git a/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
index dcd0775b9e..4c8788c337 100644
--- a/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
@@ -51,7 +51,7 @@ If successful, this method returns 201, Created response code and _MachineAction
## Example
-Request
+**Request**
Here is an example of the request.
@@ -64,7 +64,7 @@ Content-type: application/json
```
-Response
+**Response**
Here is an example of the response.