deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #901 from MicrosoftDocs/public

Browse Source 
Public to master
This commit is contained in:
Dani Halfin 2019-08-14 15:55:25 -07:00 committed by GitHub
commit a1030ae546
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
222 changed files with 3354 additions and 3411 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md
View File

@ -171,13 +171,13 @@ You can determine which zones or domains are used for data collection, using Pow
**To set up data collection using a domain allow list**
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -SiteAllowList sharepoint.com,outlook.com,onedrive.com`.
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -SiteAllowList sharepoint.com,outlook.com,onedrive.com`.
>**Important**<br>Wildcards, like \*.microsoft.com, arent supported.
**To set up data collection using a zone allow list**
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -ZoneAllowList Computer,Intranet,TrustedSites,Internet,RestrictedSites`.
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -ZoneAllowList Computer,Intranet,TrustedSites,Internet,RestrictedSites`.
>**Important**<br>Only Computer, Intranet, TrustedSites, Internet, and RestrictedSites are supported.

332
browsers/internet-explorer/TOC.md
View File

@ -1,188 +1,188 @@
#[IE11 Deployment Guide for IT Pros](ie11-deploy-guide/index.md)
# [IE11 Deployment Guide for IT Pros](ie11-deploy-guide/index.md)
##[Change history for the Internet Explorer 11 (IE11) Deployment Guide](ie11-deploy-guide/change-history-for-internet-explorer-11.md)
## [Change history for the Internet Explorer 11 (IE11) Deployment Guide](ie11-deploy-guide/change-history-for-internet-explorer-11.md)
##[System requirements and language support for Internet Explorer 11](ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md)
## [System requirements and language support for Internet Explorer 11](ie11-deploy-guide/system-requirements-and-language-support-for-ie11.md)
##[List of updated features and tools - Internet Explorer 11 (IE11)](ie11-deploy-guide/updated-features-and-tools-with-ie11.md)
## [List of updated features and tools - Internet Explorer 11 (IE11)](ie11-deploy-guide/updated-features-and-tools-with-ie11.md)
##[Install and Deploy Internet Explorer 11 (IE11)](ie11-deploy-guide/install-and-deploy-ie11.md)
###[Customize Internet Explorer 11 installation packages](ie11-deploy-guide/customize-ie11-install-packages.md)
####[Using IEAK 11 to create packages](ie11-deploy-guide/using-ieak11-to-create-install-packages.md)
####[Create packages for multiple operating systems or languages](ie11-deploy-guide/create-install-packages-for-multiple-operating-systems-or-languages.md)
####[Using .INF files to create packages](ie11-deploy-guide/using-inf-files-to-create-install-packages.md)
###[Choose how to install Internet Explorer 11 (IE11)](ie11-deploy-guide/choose-how-to-install-ie11.md)
####[Install Internet Explorer 11 (IE11) - System Center 2012 R2 Configuration Manager](ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md)
####[Install Internet Explorer 11 (IE11) - Windows Server Update Services (WSUS)](ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md)
####[Install Internet Explorer 11 (IE11) - Microsoft Intune](ie11-deploy-guide/install-ie11-using-microsoft-intune.md)
####[Install Internet Explorer 11 (IE11) - Network](ie11-deploy-guide/install-ie11-using-the-network.md)
####[Install Internet Explorer 11 (IE11) - Operating system deployment systems](ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md)
####[Install Internet Explorer 11 (IE11) - Third-party tools](ie11-deploy-guide/install-ie11-using-third-party-tools.md)
###[Choose how to deploy Internet Explorer 11 (IE11)](ie11-deploy-guide/choose-how-to-deploy-ie11.md)
####[Deploy Internet Explorer 11 using Automatic Version Synchronization (AVS)](ie11-deploy-guide/deploy-ie11-using-automatic-version-synchronization-avs.md)
####[Deploy Internet Explorer 11 using software distribution tools](ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md)
###[Virtualization and compatibility with Internet Explorer 11](ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md)
## [Install and Deploy Internet Explorer 11 (IE11)](ie11-deploy-guide/install-and-deploy-ie11.md)
### [Customize Internet Explorer 11 installation packages](ie11-deploy-guide/customize-ie11-install-packages.md)
#### [Using IEAK 11 to create packages](ie11-deploy-guide/using-ieak11-to-create-install-packages.md)
#### [Create packages for multiple operating systems or languages](ie11-deploy-guide/create-install-packages-for-multiple-operating-systems-or-languages.md)
#### [Using .INF files to create packages](ie11-deploy-guide/using-inf-files-to-create-install-packages.md)
### [Choose how to install Internet Explorer 11 (IE11)](ie11-deploy-guide/choose-how-to-install-ie11.md)
#### [Install Internet Explorer 11 (IE11) - System Center 2012 R2 Configuration Manager](ie11-deploy-guide/install-ie11-using-system-center-configuration-manager.md)
#### [Install Internet Explorer 11 (IE11) - Windows Server Update Services (WSUS)](ie11-deploy-guide/install-ie11-using-windows-server-update-services-wsus.md)
#### [Install Internet Explorer 11 (IE11) - Microsoft Intune](ie11-deploy-guide/install-ie11-using-microsoft-intune.md)
#### [Install Internet Explorer 11 (IE11) - Network](ie11-deploy-guide/install-ie11-using-the-network.md)
#### [Install Internet Explorer 11 (IE11) - Operating system deployment systems](ie11-deploy-guide/install-ie11-using-operating-system-deployment-systems.md)
#### [Install Internet Explorer 11 (IE11) - Third-party tools](ie11-deploy-guide/install-ie11-using-third-party-tools.md)
### [Choose how to deploy Internet Explorer 11 (IE11)](ie11-deploy-guide/choose-how-to-deploy-ie11.md)
#### [Deploy Internet Explorer 11 using Automatic Version Synchronization (AVS)](ie11-deploy-guide/deploy-ie11-using-automatic-version-synchronization-avs.md)
#### [Deploy Internet Explorer 11 using software distribution tools](ie11-deploy-guide/deploy-ie11-using-software-distribution-tools.md)
### [Virtualization and compatibility with Internet Explorer 11](ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md)
##[Collect data using Enterprise Site Discovery](ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md)
## [Collect data using Enterprise Site Discovery](ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md)
##[Enterprise Mode for Internet Explorer 11 (IE11)](ie11-deploy-guide/enterprise-mode-overview-for-ie11.md)
###[Tips and tricks to manage Internet Explorer compatibility](ie11-deploy-guide/tips-and-tricks-to-manage-ie-compatibility.md)
###[Enterprise Mode and the Enterprise Mode Site List](ie11-deploy-guide/what-is-enterprise-mode.md)
###[Set up Enterprise Mode logging and data collection](ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md)
###[Turn on Enterprise Mode and use a site list](ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md)
###[Enterprise Mode schema v.2 guidance](ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md)
###[Enterprise Mode schema v.1 guidance](ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md)
###[Check for a new Enterprise Mode site list xml file](ie11-deploy-guide/check-for-new-enterprise-mode-site-list-xml-file.md)
###[Turn on local control and logging for Enterprise Mode](ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md)
###[Use the Enterprise Mode Site List Manager](ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md)
####[Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
####[Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
####[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
####[Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
####[Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager](ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md)
####[Fix validation problems using the Enterprise Mode Site List Manager](ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md)
####[Search your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
####[Save your site list to XML in the Enterprise Mode Site List Manager](ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md)
####[Export your Enterprise Mode site list from the Enterprise Mode Site List Manager](ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md)
####[Import your Enterprise Mode site list to the Enterprise Mode Site List Manager](ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md)
####[Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
####[Remove all sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
###[Use the Enterprise Mode Site List Portal](ie11-deploy-guide/use-the-enterprise-mode-portal.md)
####[Set up the Enterprise Mode Site List Portal](ie11-deploy-guide/set-up-enterprise-mode-portal.md)
#####[Use the Settings page to finish setting up the Enterprise Mode Site List Portal](ie11-deploy-guide/configure-settings-enterprise-mode-portal.md)
#####[Add employees to the Enterprise Mode Site List Portal](ie11-deploy-guide/add-employees-enterprise-mode-portal.md)
####[Workflow-based processes for employees using the Enterprise Mode Site List Portal](ie11-deploy-guide/workflow-processes-enterprise-mode-portal.md)
#####[Create a change request using the Enterprise Mode Site List Portal](ie11-deploy-guide/create-change-request-enterprise-mode-portal.md)
#####[Verify your changes using the Enterprise Mode Site List Portal](ie11-deploy-guide/verify-changes-preprod-enterprise-mode-portal.md)
#####[Approve a change request using the Enterprise Mode Site List Portal](ie11-deploy-guide/approve-change-request-enterprise-mode-portal.md)
#####[Schedule approved change requests for production using the Enterprise Mode Site List Portal](ie11-deploy-guide/schedule-production-change-enterprise-mode-portal.md)
#####[Verify the change request update in the production environment using the Enterprise Mode Site List Portal](ie11-deploy-guide/verify-changes-production-enterprise-mode-portal.md)
#####[View the apps currently on the Enterprise Mode Site List](ie11-deploy-guide/view-apps-enterprise-mode-site-list.md)
#####[View the available Enterprise Mode reports from the Enterprise Mode Site List Portal](ie11-deploy-guide/view-enterprise-mode-reports-for-portal.md)
###[Using IE7 Enterprise Mode or IE8 Enterprise Mode](ie11-deploy-guide/using-enterprise-mode.md)
###[Fix web compatibility issues using document modes and the Enterprise Mode site list](ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md)
###[Remove sites from a local Enterprise Mode site list](ie11-deploy-guide/remove-sites-from-a-local-enterprise-mode-site-list.md)
###[Remove sites from a local compatibility view list](ie11-deploy-guide/remove-sites-from-a-local-compatibililty-view-list.md)
###[Turn off Enterprise Mode](ie11-deploy-guide/turn-off-enterprise-mode.md)
## [Enterprise Mode for Internet Explorer 11 (IE11)](ie11-deploy-guide/enterprise-mode-overview-for-ie11.md)
### [Tips and tricks to manage Internet Explorer compatibility](ie11-deploy-guide/tips-and-tricks-to-manage-ie-compatibility.md)
### [Enterprise Mode and the Enterprise Mode Site List](ie11-deploy-guide/what-is-enterprise-mode.md)
### [Set up Enterprise Mode logging and data collection](ie11-deploy-guide/set-up-enterprise-mode-logging-and-data-collection.md)
### [Turn on Enterprise Mode and use a site list](ie11-deploy-guide/turn-on-enterprise-mode-and-use-a-site-list.md)
### [Enterprise Mode schema v.2 guidance](ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md)
### [Enterprise Mode schema v.1 guidance](ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md)
### [Check for a new Enterprise Mode site list xml file](ie11-deploy-guide/check-for-new-enterprise-mode-site-list-xml-file.md)
### [Turn on local control and logging for Enterprise Mode](ie11-deploy-guide/turn-on-local-control-and-logging-for-enterprise-mode.md)
### [Use the Enterprise Mode Site List Manager](ie11-deploy-guide/use-the-enterprise-mode-site-list-manager.md)
#### [Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2)](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md)
#### [Add single sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1)](ie11-deploy-guide/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md)
#### [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2)](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md)
#### [Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1)](ie11-deploy-guide/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md)
#### [Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager](ie11-deploy-guide/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md)
#### [Fix validation problems using the Enterprise Mode Site List Manager](ie11-deploy-guide/fix-validation-problems-using-the-enterprise-mode-site-list-manager.md)
#### [Search your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
#### [Save your site list to XML in the Enterprise Mode Site List Manager](ie11-deploy-guide/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md)
#### [Export your Enterprise Mode site list from the Enterprise Mode Site List Manager](ie11-deploy-guide/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md)
#### [Import your Enterprise Mode site list to the Enterprise Mode Site List Manager](ie11-deploy-guide/import-into-the-enterprise-mode-site-list-manager.md)
#### [Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
#### [Remove all sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager](ie11-deploy-guide/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md)
### [Use the Enterprise Mode Site List Portal](ie11-deploy-guide/use-the-enterprise-mode-portal.md)
#### [Set up the Enterprise Mode Site List Portal](ie11-deploy-guide/set-up-enterprise-mode-portal.md)
##### [Use the Settings page to finish setting up the Enterprise Mode Site List Portal](ie11-deploy-guide/configure-settings-enterprise-mode-portal.md)
##### [Add employees to the Enterprise Mode Site List Portal](ie11-deploy-guide/add-employees-enterprise-mode-portal.md)
#### [Workflow-based processes for employees using the Enterprise Mode Site List Portal](ie11-deploy-guide/workflow-processes-enterprise-mode-portal.md)
##### [Create a change request using the Enterprise Mode Site List Portal](ie11-deploy-guide/create-change-request-enterprise-mode-portal.md)
##### [Verify your changes using the Enterprise Mode Site List Portal](ie11-deploy-guide/verify-changes-preprod-enterprise-mode-portal.md)
##### [Approve a change request using the Enterprise Mode Site List Portal](ie11-deploy-guide/approve-change-request-enterprise-mode-portal.md)
##### [Schedule approved change requests for production using the Enterprise Mode Site List Portal](ie11-deploy-guide/schedule-production-change-enterprise-mode-portal.md)
##### [Verify the change request update in the production environment using the Enterprise Mode Site List Portal](ie11-deploy-guide/verify-changes-production-enterprise-mode-portal.md)
##### [View the apps currently on the Enterprise Mode Site List](ie11-deploy-guide/view-apps-enterprise-mode-site-list.md)
##### [View the available Enterprise Mode reports from the Enterprise Mode Site List Portal](ie11-deploy-guide/view-enterprise-mode-reports-for-portal.md)
### [Using IE7 Enterprise Mode or IE8 Enterprise Mode](ie11-deploy-guide/using-enterprise-mode.md)
### [Fix web compatibility issues using document modes and the Enterprise Mode site list](ie11-deploy-guide/fix-compat-issues-with-doc-modes-and-enterprise-mode-site-list.md)
### [Remove sites from a local Enterprise Mode site list](ie11-deploy-guide/remove-sites-from-a-local-enterprise-mode-site-list.md)
### [Remove sites from a local compatibility view list](ie11-deploy-guide/remove-sites-from-a-local-compatibililty-view-list.md)
### [Turn off Enterprise Mode](ie11-deploy-guide/turn-off-enterprise-mode.md)
##[Group Policy and Internet Explorer 11 (IE11)](ie11-deploy-guide/group-policy-and-ie11.md)
###[Group Policy management tools](ie11-deploy-guide/group-policy-objects-and-ie11.md)
####[Group Policy and the Group Policy Management Console (GPMC)](ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md)
####[Group Policy and the Local Group Policy Editor](ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md)
####[Group Policy and Advanced Group Policy Management (AGPM)](ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md)
####[Group Policy and Windows Powershell](ie11-deploy-guide/group-policy-windows-powershell-ie11.md)
####[Group Policy and Shortcut Extensions](ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md)
###[New group policy settings for Internet Explorer 11](ie11-deploy-guide/new-group-policy-settings-for-ie11.md)
###[Set the default browser using Group Policy](ie11-deploy-guide/set-the-default-browser-using-group-policy.md)
###[ActiveX installation using group policy](ie11-deploy-guide/activex-installation-using-group-policy.md)
###[Group Policy and compatibility with Internet Explorer 11](ie11-deploy-guide/group-policy-compatibility-with-ie11.md)
###[Group policy preferences and Internet Explorer 11](ie11-deploy-guide/group-policy-preferences-and-ie11.md)
###[Administrative templates and Internet Explorer 11](ie11-deploy-guide/administrative-templates-and-ie11.md)
###[Enable and disable add-ons using administrative templates and group policy](ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md)
## [Group Policy and Internet Explorer 11 (IE11)](ie11-deploy-guide/group-policy-and-ie11.md)
### [Group Policy management tools](ie11-deploy-guide/group-policy-objects-and-ie11.md)
#### [Group Policy and the Group Policy Management Console (GPMC)](ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11.md)
#### [Group Policy and the Local Group Policy Editor](ie11-deploy-guide/group-policy-and-local-group-policy-editor-ie11.md)
#### [Group Policy and Advanced Group Policy Management (AGPM)](ie11-deploy-guide/group-policy-and-advanced-group-policy-mgmt-ie11.md)
#### [Group Policy and Windows Powershell](ie11-deploy-guide/group-policy-windows-powershell-ie11.md)
#### [Group Policy and Shortcut Extensions](ie11-deploy-guide/group-policy-shortcut-extensions-ie11.md)
### [New group policy settings for Internet Explorer 11](ie11-deploy-guide/new-group-policy-settings-for-ie11.md)
### [Set the default browser using Group Policy](ie11-deploy-guide/set-the-default-browser-using-group-policy.md)
### [ActiveX installation using group policy](ie11-deploy-guide/activex-installation-using-group-policy.md)
### [Group Policy and compatibility with Internet Explorer 11](ie11-deploy-guide/group-policy-compatibility-with-ie11.md)
### [Group policy preferences and Internet Explorer 11](ie11-deploy-guide/group-policy-preferences-and-ie11.md)
### [Administrative templates and Internet Explorer 11](ie11-deploy-guide/administrative-templates-and-ie11.md)
### [Enable and disable add-ons using administrative templates and group policy](ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md)
##[Manage Internet Explorer 11](ie11-deploy-guide/manage-ie11-overview.md)
###[Auto detect settings Internet Explorer 11](ie11-deploy-guide/auto-detect-settings-for-ie11.md)
###[Auto configuration settings for Internet Explorer 11](ie11-deploy-guide/auto-configuration-settings-for-ie11.md)
###[Auto proxy configuration settings for Internet Explorer 11](ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md)
## [Manage Internet Explorer 11](ie11-deploy-guide/manage-ie11-overview.md)
### [Auto detect settings Internet Explorer 11](ie11-deploy-guide/auto-detect-settings-for-ie11.md)
### [Auto configuration settings for Internet Explorer 11](ie11-deploy-guide/auto-configuration-settings-for-ie11.md)
### [Auto proxy configuration settings for Internet Explorer 11](ie11-deploy-guide/auto-proxy-configuration-settings-for-ie11.md)
##[Troubleshoot Internet Explorer 11 (IE11)](ie11-deploy-guide/troubleshoot-ie11.md)
###[Setup problems with Internet Explorer 11](ie11-deploy-guide/setup-problems-with-ie11.md)
###[Install problems with Internet Explorer 11](ie11-deploy-guide/install-problems-with-ie11.md)
###[Problems after installing Internet Explorer 11](ie11-deploy-guide/problems-after-installing-ie11.md)
###[Auto configuration and auto proxy problems with Internet Explorer 11](ie11-deploy-guide/auto-configuration-and-auto-proxy-problems-with-ie11.md)
###[User interface problems with Internet Explorer 11](ie11-deploy-guide/user-interface-problems-with-ie11.md)
###[Group Policy problems with Internet Explorer 11](ie11-deploy-guide/group-policy-problems-ie11.md)
###[.NET Framework problems with Internet Explorer 11](ie11-deploy-guide/net-framework-problems-with-ie11.md)
###[Enhanced Protected Mode problems with Internet Explorer](ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md)
###[Fix font rendering problems by turning off natural metrics](ie11-deploy-guide/turn-off-natural-metrics.md)
###[Intranet problems with Internet Explorer 11](ie11-deploy-guide/intranet-problems-and-ie11.md)
###[Browser cache changes and roaming profiles](ie11-deploy-guide/browser-cache-changes-and-roaming-profiles.md)
## [Troubleshoot Internet Explorer 11 (IE11)](ie11-deploy-guide/troubleshoot-ie11.md)
### [Setup problems with Internet Explorer 11](ie11-deploy-guide/setup-problems-with-ie11.md)
### [Install problems with Internet Explorer 11](ie11-deploy-guide/install-problems-with-ie11.md)
### [Problems after installing Internet Explorer 11](ie11-deploy-guide/problems-after-installing-ie11.md)
### [Auto configuration and auto proxy problems with Internet Explorer 11](ie11-deploy-guide/auto-configuration-and-auto-proxy-problems-with-ie11.md)
### [User interface problems with Internet Explorer 11](ie11-deploy-guide/user-interface-problems-with-ie11.md)
### [Group Policy problems with Internet Explorer 11](ie11-deploy-guide/group-policy-problems-ie11.md)
### [.NET Framework problems with Internet Explorer 11](ie11-deploy-guide/net-framework-problems-with-ie11.md)
### [Enhanced Protected Mode problems with Internet Explorer](ie11-deploy-guide/enhanced-protected-mode-problems-with-ie11.md)
### [Fix font rendering problems by turning off natural metrics](ie11-deploy-guide/turn-off-natural-metrics.md)
### [Intranet problems with Internet Explorer 11](ie11-deploy-guide/intranet-problems-and-ie11.md)
### [Browser cache changes and roaming profiles](ie11-deploy-guide/browser-cache-changes-and-roaming-profiles.md)
##[Out-of-date ActiveX control blocking](ie11-deploy-guide/out-of-date-activex-control-blocking.md)
###[Blocked out-of-date ActiveX controls](ie11-deploy-guide/blocked-out-of-date-activex-controls.md)
## [Out-of-date ActiveX control blocking](ie11-deploy-guide/out-of-date-activex-control-blocking.md)
### [Blocked out-of-date ActiveX controls](ie11-deploy-guide/blocked-out-of-date-activex-controls.md)
##[Deprecated document modes and Internet Explorer 11](ie11-deploy-guide/deprecated-document-modes.md)
## [Deprecated document modes and Internet Explorer 11](ie11-deploy-guide/deprecated-document-modes.md)
##[What is the Internet Explorer 11 Blocker Toolkit?](ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md)
###[Internet Explorer 11 delivery through automatic updates](ie11-deploy-guide/ie11-delivery-through-automatic-updates.md)
###[Internet Explorer 11 Blocker Toolkit FAQ](ie11-faq/faq-ie11-blocker-toolkit.md)
## [What is the Internet Explorer 11 Blocker Toolkit?](ie11-deploy-guide/what-is-the-internet-explorer-11-blocker-toolkit.md)
### [Internet Explorer 11 delivery through automatic updates](ie11-deploy-guide/ie11-delivery-through-automatic-updates.md)
### [Internet Explorer 11 Blocker Toolkit FAQ](ie11-faq/faq-ie11-blocker-toolkit.md)
##[Missing Internet Explorer Maintenance settings for Internet Explorer 11](ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md)
## [Missing Internet Explorer Maintenance settings for Internet Explorer 11](ie11-deploy-guide/missing-internet-explorer-maintenance-settings-for-ie11.md)
##[Missing the Compatibility View Button](ie11-deploy-guide/missing-the-compatibility-view-button.md)
## [Missing the Compatibility View Button](ie11-deploy-guide/missing-the-compatibility-view-button.md)
##[Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013](ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md)
## [Deploy pinned websites using Microsoft Deployment Toolkit (MDT) 2013](ie11-deploy-guide/deploy-pinned-sites-using-mdt-2013.md)
#[IE11 Frequently Asked Questions (FAQ) Guide for IT Pros](ie11-faq/faq-for-it-pros-ie11.md)
# [IE11 Frequently Asked Questions (FAQ) Guide for IT Pros](ie11-faq/faq-for-it-pros-ie11.md)
#[Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](ie11-ieak/index.md)
##[What IEAK can do for you](ie11-ieak/what-ieak-can-do-for-you.md)
##[Internet Explorer Administration Kit (IEAK) information and downloads](ie11-ieak/ieak-information-and-downloads.md)
##[Before you start using IEAK 11](ie11-ieak/before-you-create-custom-pkgs-ieak11.md)
###[Hardware and software requirements for IEAK 11](ie11-ieak/hardware-and-software-reqs-ieak11.md)
###[Determine the licensing version and features to use in IEAK 11](ie11-ieak/licensing-version-and-features-ieak11.md)
###[Security features and IEAK 11](ie11-ieak/security-and-ieak11.md)
###[File types used or created by IEAK 11](ie11-ieak/file-types-ieak11.md)
###[Tasks and references to consider before creating and deploying custom packages using IEAK 11](ie11-ieak/create-manage-deploy-custom-pkgs-ieak11.md)
###[Create the build computer folder structure using IEAK 11](ie11-ieak/create-build-folder-structure-ieak11.md)
###[Set up auto detection for DHCP or DNS servers using IEAK 11](ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md)
###[Use proxy auto-configuration (.pac) files with IEAK 11](ie11-ieak/proxy-auto-config-examples.md)
###[Customize the toolbar button and Favorites List icons using IEAK 11](ie11-ieak/guidelines-toolbar-and-favorites-list-ieak11.md)
###[Use the uninstallation .INF files to uninstall custom components](ie11-ieak/create-uninstall-inf-files-for-custom-components.md)
###[Add and approve ActiveX controls using the IEAK 11](ie11-ieak/add-and-approve-activex-controls-ieak11.md)
###[Register an uninstall app for custom components using IEAK 11](ie11-ieak/register-uninstall-app-ieak11.md)
###[Customize Automatic Search for Internet Explorer using IEAK 11](ie11-ieak/customize-automatic-search-for-ie.md)
###[Create multiple versions of your custom package using IEAK 11](ie11-ieak/create-multiple-browser-packages-ieak11.md)
###[Before you install your package over your network using IEAK 11](ie11-ieak/prep-network-install-with-ieak11.md)
###[Use the RSoP snap-in to review policy settings](ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md)
###[IEAK 11 - Frequently Asked Questions](ie11-faq/faq-ieak11.md)
###[Troubleshoot custom package and IEAK 11 problems](ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md)
# [Internet Explorer Administration Kit 11 (IEAK 11) - Administration Guide for IT Pros](ie11-ieak/index.md)
## [What IEAK can do for you](ie11-ieak/what-ieak-can-do-for-you.md)
## [Internet Explorer Administration Kit (IEAK) information and downloads](ie11-ieak/ieak-information-and-downloads.md)
## [Before you start using IEAK 11](ie11-ieak/before-you-create-custom-pkgs-ieak11.md)
### [Hardware and software requirements for IEAK 11](ie11-ieak/hardware-and-software-reqs-ieak11.md)
### [Determine the licensing version and features to use in IEAK 11](ie11-ieak/licensing-version-and-features-ieak11.md)
### [Security features and IEAK 11](ie11-ieak/security-and-ieak11.md)
### [File types used or created by IEAK 11](ie11-ieak/file-types-ieak11.md)
### [Tasks and references to consider before creating and deploying custom packages using IEAK 11](ie11-ieak/create-manage-deploy-custom-pkgs-ieak11.md)
### [Create the build computer folder structure using IEAK 11](ie11-ieak/create-build-folder-structure-ieak11.md)
### [Set up auto detection for DHCP or DNS servers using IEAK 11](ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md)
### [Use proxy auto-configuration (.pac) files with IEAK 11](ie11-ieak/proxy-auto-config-examples.md)
### [Customize the toolbar button and Favorites List icons using IEAK 11](ie11-ieak/guidelines-toolbar-and-favorites-list-ieak11.md)
### [Use the uninstallation .INF files to uninstall custom components](ie11-ieak/create-uninstall-inf-files-for-custom-components.md)
### [Add and approve ActiveX controls using the IEAK 11](ie11-ieak/add-and-approve-activex-controls-ieak11.md)
### [Register an uninstall app for custom components using IEAK 11](ie11-ieak/register-uninstall-app-ieak11.md)
### [Customize Automatic Search for Internet Explorer using IEAK 11](ie11-ieak/customize-automatic-search-for-ie.md)
### [Create multiple versions of your custom package using IEAK 11](ie11-ieak/create-multiple-browser-packages-ieak11.md)
### [Before you install your package over your network using IEAK 11](ie11-ieak/prep-network-install-with-ieak11.md)
### [Use the RSoP snap-in to review policy settings](ie11-ieak/rsop-snapin-for-policy-settings-ieak11.md)
### [IEAK 11 - Frequently Asked Questions](ie11-faq/faq-ieak11.md)
### [Troubleshoot custom package and IEAK 11 problems](ie11-ieak/troubleshooting-custom-browser-pkg-ieak11.md)
##[Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](ie11-ieak/ieak11-wizard-custom-options.md)
###[Use the File Locations page in the IEAK 11 Wizard](ie11-ieak/file-locations-ieak11-wizard.md)
###[Use the Platform Selection page in the IEAK 11 Wizard](ie11-ieak/platform-selection-ieak11-wizard.md)
###[Use the Language Selection page in the IEAK 11 Wizard](ie11-ieak/language-selection-ieak11-wizard.md)
###[Use the Package Type Selection page in the IEAK 11 Wizard](ie11-ieak/pkg-type-selection-ieak11-wizard.md)
###[Use the Feature Selection page in the IEAK 11 Wizard](ie11-ieak/feature-selection-ieak11-wizard.md)
###[Use the Automatic Version Synchronization page in the IEAK 11 Wizard](ie11-ieak/auto-version-sync-ieak11-wizard.md)
###[Use the Custom Components page in the IEAK 11 Wizard](ie11-ieak/custom-components-ieak11-wizard.md)
###[Use the Internal Install page in the IEAK 11 Wizard](ie11-ieak/internal-install-ieak11-wizard.md)
###[Use the User Experience page in the IEAK 11 Wizard](ie11-ieak/user-experience-ieak11-wizard.md)
###[Use the Browser User Interface page in the IEAK 11 Wizard](ie11-ieak/browser-ui-ieak11-wizard.md)
###[Use the Search Providers page in the IEAK 11 Wizard](ie11-ieak/search-providers-ieak11-wizard.md)
###[Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard](ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md)
###[Use the Accelerators page in the IEAK 11 Wizard](ie11-ieak/accelerators-ieak11-wizard.md)
###[Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard](ie11-ieak/favorites-favoritesbar-and-feeds-ieak11-wizard.md)
###[Use the Browsing Options page in the IEAK 11 Wizard](ie11-ieak/browsing-options-ieak11-wizard.md)
###[Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard](ie11-ieak/first-run-and-welcome-page-ieak11-wizard.md)
###[Use the Compatibility View page in the IEAK 11 Wizard](ie11-ieak/compat-view-ieak11-wizard.md)
###[Use the Connection Manager page in the IEAK 11 Wizard](ie11-ieak/connection-mgr-ieak11-wizard.md)
###[Use the Connection Settings page in the IEAK 11 Wizard](ie11-ieak/connection-settings-ieak11-wizard.md)
###[Use the Automatic Configuration page in the IEAK 11 Wizard](ie11-ieak/auto-config-ieak11-wizard.md)
###[Use the Proxy Settings page in the IEAK 11 Wizard](ie11-ieak/proxy-settings-ieak11-wizard.md)
###[Use the Security and Privacy Settings page in the IEAK 11 Wizard](ie11-ieak/security-and-privacy-settings-ieak11-wizard.md)
###[Use the Add a Root Certificate page in the IEAK 11 Wizard](ie11-ieak/add-root-certificate-ieak11-wizard.md)
###[Use the Programs page in the IEAK 11 Wizard](ie11-ieak/programs-ieak11-wizard.md)
###[Use the Additional Settings page in the IEAK 11 Wizard](ie11-ieak/additional-settings-ieak11-wizard.md)
###[Use the Wizard Complete - Next Steps page in the IEAK 11 Wizard](ie11-ieak/wizard-complete-ieak11-wizard.md)
## [Internet Explorer Administration Kit 11 (IEAK 11) Customization Wizard options](ie11-ieak/ieak11-wizard-custom-options.md)
### [Use the File Locations page in the IEAK 11 Wizard](ie11-ieak/file-locations-ieak11-wizard.md)
### [Use the Platform Selection page in the IEAK 11 Wizard](ie11-ieak/platform-selection-ieak11-wizard.md)
### [Use the Language Selection page in the IEAK 11 Wizard](ie11-ieak/language-selection-ieak11-wizard.md)
### [Use the Package Type Selection page in the IEAK 11 Wizard](ie11-ieak/pkg-type-selection-ieak11-wizard.md)
### [Use the Feature Selection page in the IEAK 11 Wizard](ie11-ieak/feature-selection-ieak11-wizard.md)
### [Use the Automatic Version Synchronization page in the IEAK 11 Wizard](ie11-ieak/auto-version-sync-ieak11-wizard.md)
### [Use the Custom Components page in the IEAK 11 Wizard](ie11-ieak/custom-components-ieak11-wizard.md)
### [Use the Internal Install page in the IEAK 11 Wizard](ie11-ieak/internal-install-ieak11-wizard.md)
### [Use the User Experience page in the IEAK 11 Wizard](ie11-ieak/user-experience-ieak11-wizard.md)
### [Use the Browser User Interface page in the IEAK 11 Wizard](ie11-ieak/browser-ui-ieak11-wizard.md)
### [Use the Search Providers page in the IEAK 11 Wizard](ie11-ieak/search-providers-ieak11-wizard.md)
### [Use the Important URLs - Home Page and Support page in the IEAK 11 Wizard](ie11-ieak/important-urls-home-page-and-support-ieak11-wizard.md)
### [Use the Accelerators page in the IEAK 11 Wizard](ie11-ieak/accelerators-ieak11-wizard.md)
### [Use the Favorites, Favorites Bar, and Feeds page in the IEAK 11 Wizard](ie11-ieak/favorites-favoritesbar-and-feeds-ieak11-wizard.md)
### [Use the Browsing Options page in the IEAK 11 Wizard](ie11-ieak/browsing-options-ieak11-wizard.md)
### [Use the First Run Wizard and Welcome Page Options page in the IEAK 11 Wizard](ie11-ieak/first-run-and-welcome-page-ieak11-wizard.md)
### [Use the Compatibility View page in the IEAK 11 Wizard](ie11-ieak/compat-view-ieak11-wizard.md)
### [Use the Connection Manager page in the IEAK 11 Wizard](ie11-ieak/connection-mgr-ieak11-wizard.md)
### [Use the Connection Settings page in the IEAK 11 Wizard](ie11-ieak/connection-settings-ieak11-wizard.md)
### [Use the Automatic Configuration page in the IEAK 11 Wizard](ie11-ieak/auto-config-ieak11-wizard.md)
### [Use the Proxy Settings page in the IEAK 11 Wizard](ie11-ieak/proxy-settings-ieak11-wizard.md)
### [Use the Security and Privacy Settings page in the IEAK 11 Wizard](ie11-ieak/security-and-privacy-settings-ieak11-wizard.md)
### [Use the Add a Root Certificate page in the IEAK 11 Wizard](ie11-ieak/add-root-certificate-ieak11-wizard.md)
### [Use the Programs page in the IEAK 11 Wizard](ie11-ieak/programs-ieak11-wizard.md)
### [Use the Additional Settings page in the IEAK 11 Wizard](ie11-ieak/additional-settings-ieak11-wizard.md)
### [Use the Wizard Complete - Next Steps page in the IEAK 11 Wizard](ie11-ieak/wizard-complete-ieak11-wizard.md)
##[Using Internet Settings (.INS) files with IEAK 11](ie11-ieak/using-internet-settings-ins-files.md)
###[Use the Branding .INS file to create custom branding and setup info](ie11-ieak/branding-ins-file-setting.md)
###[Use the BrowserToolbars .INS file to customize the Internet Explorer toolbar](ie11-ieak/browsertoolbars-ins-file-setting.md)
###[Use the CabSigning .INS file to review the digital signatures for your apps](ie11-ieak/cabsigning-ins-file-setting.md)
###[Use the ConnectionSettings .INS file to review the network connections for install](ie11-ieak/connectionsettings-ins-file-setting.md)
###[Use the CustomBranding .INS file to specify the custom branding location](ie11-ieak/custombranding-ins-file-setting.md)
###[Use the ExtRegInf .INS file to specify installation files and mode](ie11-ieak/extreginf-ins-file-setting.md)
###[Use the FavoritesEx .INS file for your Favorites icon and URLs](ie11-ieak/favoritesex-ins-file-setting.md)
###[Use the HideCustom .INS file to hide GUIDs](ie11-ieak/hidecustom-ins-file-setting.md)
###[Use the ISP_Security .INS file to add your root certificate](ie11-ieak/isp-security-ins-file-setting.md)
###[Use the Media .INS file to specify your install media](ie11-ieak/media-ins-file-setting.md)
###[Use the Proxy .INS file to specify a proxy server](ie11-ieak/proxy-ins-file-setting.md)
###[Use the Security Imports .INS file to import security info](ie11-ieak/security-imports-ins-file-setting.md)
###[Use the URL .INS file to use an auto-configured proxy server](ie11-ieak/url-ins-file-setting.md)
## [Using Internet Settings (.INS) files with IEAK 11](ie11-ieak/using-internet-settings-ins-files.md)
### [Use the Branding .INS file to create custom branding and setup info](ie11-ieak/branding-ins-file-setting.md)
### [Use the BrowserToolbars .INS file to customize the Internet Explorer toolbar](ie11-ieak/browsertoolbars-ins-file-setting.md)
### [Use the CabSigning .INS file to review the digital signatures for your apps](ie11-ieak/cabsigning-ins-file-setting.md)
### [Use the ConnectionSettings .INS file to review the network connections for install](ie11-ieak/connectionsettings-ins-file-setting.md)
### [Use the CustomBranding .INS file to specify the custom branding location](ie11-ieak/custombranding-ins-file-setting.md)
### [Use the ExtRegInf .INS file to specify installation files and mode](ie11-ieak/extreginf-ins-file-setting.md)
### [Use the FavoritesEx .INS file for your Favorites icon and URLs](ie11-ieak/favoritesex-ins-file-setting.md)
### [Use the HideCustom .INS file to hide GUIDs](ie11-ieak/hidecustom-ins-file-setting.md)
### [Use the ISP_Security .INS file to add your root certificate](ie11-ieak/isp-security-ins-file-setting.md)
### [Use the Media .INS file to specify your install media](ie11-ieak/media-ins-file-setting.md)
### [Use the Proxy .INS file to specify a proxy server](ie11-ieak/proxy-ins-file-setting.md)
### [Use the Security Imports .INS file to import security info](ie11-ieak/security-imports-ins-file-setting.md)
### [Use the URL .INS file to use an auto-configured proxy server](ie11-ieak/url-ins-file-setting.md)
##[IExpress Wizard for Windows Server 2008 R2 with SP1](ie11-ieak/iexpress-wizard-for-win-server.md)
###[IExpress Wizard command-line options](ie11-ieak/iexpress-command-line-options.md)
###[Internet Explorer Setup command-line options and return codes](ie11-ieak/ie-setup-command-line-options-and-return-codes.md)
## [IExpress Wizard for Windows Server 2008 R2 with SP1](ie11-ieak/iexpress-wizard-for-win-server.md)
### [IExpress Wizard command-line options](ie11-ieak/iexpress-command-line-options.md)
### [Internet Explorer Setup command-line options and return codes](ie11-ieak/ie-setup-command-line-options-and-return-codes.md)

7
browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md
View File

@ -6,7 +6,8 @@ author: dansimp
ms.prod: ie11
ms.assetid: a145e80f-eb62-4116-82c4-3cc35fd064b6
ms.reviewer:
audience: itpro manager: dansimp
audience: itpro
manager: dansimp
ms.author: dansimp
title: Collect data using Enterprise Site Discovery
ms.sitesec: library
@ -171,13 +172,13 @@ You can determine which zones or domains are used for data collection, using Pow
**To set up data collection using a domain allow list**
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -SiteAllowList sharepoint.com,outlook.com,onedrive.com`.
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -SiteAllowList sharepoint.com,outlook.com,onedrive.com`.
>**Important**<br>Wildcards, like \*.microsoft.com, arent supported.
**To set up data collection using a zone allow list**
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -ZoneAllowList Computer,Intranet,TrustedSites,Internet,RestrictedSites`.
- Start PowerShell in elevated mode (using admin privileges) and run IETelemetrySetUp.ps1, using this command: `.\IETelemetrySetUp.ps1 [other args] -ZoneAllowList Computer,Intranet,TrustedSites,Internet,RestrictedSites`.
>**Important**<br>Only Computer, Intranet, TrustedSites, Internet, and RestrictedSites are supported.

2
browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
View File

@ -6,7 +6,7 @@ author: lomayor
ms.prod: ie11
ms.assetid: b2dfc08c-78af-4c22-8867-7be3b92b1616
ms.reviewer:
audience: itpro manager: dansimp
manager: dansimp
ms.author: lomayor
title: Install Internet Explorer 11 (IE11) using Microsoft Intune (Internet Explorer 11 for IT Pros)
ms.sitesec: library

2
browsers/internet-explorer/ie11-ieak/platform-selection-ieak11-wizard.md
View File

@ -6,7 +6,7 @@ author: lomayor
ms.prod: ie11
ms.assetid: 9cbf5abd-86f7-42b6-9810-0b606bbe8218
ms.reviewer:
audience: itpro manager: dansimp
manager: dansimp
ms.author: lomayor
title: Use the Platform Selection page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
ms.sitesec: library

2
browsers/internet-explorer/ie11-ieak/programs-ieak11-wizard.md
View File

@ -6,7 +6,7 @@ author: lomayor
ms.prod: ie11
ms.assetid: f715668f-a50d-4db0-b578-e6526fbfa1fc
ms.reviewer:
audience: itpro manager: dansimp
manager: dansimp
ms.author: lomayor
title: Use the Programs page in the IEAK 11 Wizard (Internet Explorer Administration Kit 11 for IT Pros)
ms.sitesec: library

6
devices/hololens/hololens-requirements.md
View File

@ -37,9 +37,9 @@ When you develop for HoloLens, there are [system requirements and tools](https:/
- TTLS-TLS
### Device management
- Users have Azure AD accounts with [Intune license assigned](https://docs.microsoft.com/intune/get-started/start-with-a-paid-subscription-to-microsoft-intune-step-4)
- Wi-Fi network
- Intune or a 3rd party mobile device management (MDM) provider that uses Microsoft MDM APIs
- Users have Azure AD accounts with [Intune license assigned](https://docs.microsoft.com/intune/get-started/start-with-a-paid-subscription-to-microsoft-intune-step-4)
- Wi-Fi network
- Intune or a 3rd party mobile device management (MDM) provider that uses Microsoft MDM APIs
### Upgrade to Windows Holographic for Business
- HoloLens Enterprise license XML file

2
devices/surface-hub/General-Data-Privacy-Regulation-and-Surface-Hub.md
View File

@ -2,8 +2,6 @@
title: General Data Privacy Regulation and Surface Hub
description: Informs users who are subject to EU data protection laws of their options regarding how to delete or restrict diagnostic data produced by Surface Hub.
ms.assetid: 087713CF-631D-477B-9CC6-EFF939DE0186
ms.reviewer:
manager:
keywords: GDPR
ms.prod: surface-hub
ms.sitesec: library

2
devices/surface-hub/connect-app-in-surface-hub-unexpectedly-exits.md
View File

@ -2,8 +2,6 @@
title: What to do if the Connect app in Surface Hub exits unexpectedly
description: Describes how to resolve an issue where the Connect app in Surface Hub exits to the Welcome screen after cycling through inputs.
ms.assetid: 9576f4e4-d936-4235-8a03-d8a6fe9e8fec
ms.reviewer:
manager:
keywords: surface, hub, connect, input, displayport
ms.prod: surface-hub
ms.sitesec: library

2
devices/surface-hub/known-issues-and-additional-info-about-surface-hub.md
View File

@ -2,8 +2,6 @@
title: Known issues and additional information about Microsoft Surface Hub
description: Outlines known issues with Microsoft Surface Hub.
ms.assetid: aee90a0c-fb05-466e-a2b1-92de89d0f2b7
ms.reviewer:
manager:
keywords: surface, hub, issues
ms.prod: surface-hub
ms.sitesec: library

2
devices/surface-hub/surface-Hub-installs-updates-and-restarts-outside-maintenance-hours.md
View File

@ -2,8 +2,6 @@
title: Surface Hub may install updates and restart outside maintenance hours
description: troubleshooting information for Surface Hub regarding automatic updates
ms.assetid: 6C09A9F8-F9CF-4491-BBFB-67A1A1DED0AA
ms.reviewer:
manager:
keywords: surface hub, maintenance window, update
ms.prod: surface-hub
ms.sitesec: library

2
devices/surface-hub/surface-hub-update-history.md
View File

@ -2,8 +2,6 @@
title: Surface Hub update history
description: Surface Hub update history
ms.assetid: d66a9392-2b14-4cb2-95c3-92db0ae2de34
ms.reviewer:
manager:
keywords:
ms.prod: surface-hub
ms.sitesec: library

2
devices/surface-hub/surfacehub-miracast-not-supported-europe-japan-israel.md
View File

@ -2,8 +2,6 @@
title: Surface Hub Miracast channels 149-165 not supported in Europe, Japan, Israel
description: Surface Hub Miracast channels 149-165 not supported in Europe, Japan, Israel
ms.assetid: 8af3a832-0537-403b-823b-12eaa7a1af1f
ms.reviewer:
manager:
keywords:
ms.prod: surface-hub
ms.sitesec: library

2
devices/surface-hub/use-cloud-recovery-for-bitlocker-on-surfacehub.md
View File

@ -2,8 +2,6 @@
title: How to use cloud recovery for BitLocker on a Surface Hub
description: How to use cloud recovery for BitLocker on a Surface Hub
ms.assetid: c0bde23a-49de-40f3-a675-701e3576d44d
ms.reviewer:
manager:
keywords: Accessibility settings, Settings app, Ease of Access
ms.prod: surface-hub
ms.sitesec: library

2
devices/surface-hub/use-surface-hub-diagnostic-test-device-account.md
View File

@ -2,8 +2,6 @@
title: Using the Surface Hub Hardware Diagnostic Tool to test a device account
description: Using the Surface Hub Hardware Diagnostic Tool to test a device account
ms.assetid: a87b7d41-d0a7-4acc-bfa6-b9070f99bc9c
ms.reviewer:
manager:
keywords: Accessibility settings, Settings app, Ease of Access
ms.prod: surface-hub
ms.sitesec: library

4
devices/surface/assettag.md
View File

@ -20,9 +20,9 @@ for Surface devices. It works on Surface Pro 3 and all newer Surface devices.
## System requirements
- Surface Pro 3 or later
- Surface Pro 3 or later
- UEFI firmware version 3.9.150.0 or later
- UEFI firmware version 3.9.150.0 or later
## Using Surface Asset Tag

38
devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md
View File

@ -1,5 +1,5 @@
---
title: Download the latest firmware and drivers for Surface devices (Surface)
title: Deploy the latest firmware and drivers for Surface devices (Surface)
description: This article provides a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.
ms.assetid: 7662BF68-8BF7-43F7-81F5-3580A770294A
ms.reviewer:
@ -11,27 +11,43 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.date: 11/15/2018
ms.date: 08/13/2018
ms.author: dansimp
ms.topic: article
---
# Deploying the latest firmware and drivers for Surface devices
# Deploy the latest firmware and drivers for Surface devices
Although Surface devices are typically automatically updated with the latest device drivers and firmware via Windows Update, sometimes it's necessary to download and install updates manually, such as during a Windows deployment.
## Downloading MSI files
## Download MSI files
To download MSI files, refer to the following Microsoft Support page:
- [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface)<br>
Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices.
## Deploying MSI files
Driver and firmware updates for Surface devices containing all required cumulative updates are packaged in separate MSI files for specific versions of Windows 10.
In the name of each of these files you will find a Windows build number, this number indicates the minimum supported build required to install the drivers and firmware contained within. Refer to [Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information) for a list of the build numbers for each version. For example, to install the drivers contained in SurfacePro6_Win10_16299_1900307_0.msi file you must have Windows 10 Fall Creators Update version 1709, or newer installed on your Surface Pro 6.
Driver and firmware updates for Surface devices consisting of all required cumulative updates are packaged in separate MSI files for specific versions of Windows 10.
The MSI file names contain useful information including the minimum supported Windows build number required to install the drivers and firmware. For example, to install the drivers contained in SurfaceBook_Win10_17763_19.080.2031.0.msi requires Windows 10 Fall Creators Update version 1709 or later installed on your Surface Book.
To view build numbers for each version, refer to [Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information).
### Surface MSI naming convention
Each .MSI file is named in accordance with a formula that begins with the product and Windows release information, followed by the Windows build number and version number, and ending with the revision of version number. SurfacePro6_Win10_16299_1900307_0.msi is classified as follows:
Beginning in August 2019, MSI files use the following naming formula:
- Product > Windows release > Windows build number > Version number > Revision of version number (typically zero).
**Example:**
SurfacePro6_Win10_18362_19.073.44195_0.msi :
| Product | Windows release | Build | Version | Revision of version |
| --- | --- | --- | --- | --- |
| SurfacePro6 | Win10 | 18362 | 19.073.44195 | 0 |
| | | | Indicates key date and sequence information. | Indicates release history of the update. |
| | | | **19:** Signifies the year (2019).<br>**073**: Signifies the month (July) and week of the release (3). <br>**44195**: Signifies the minute of the month that the MSI file was created. |**0:** Signifies it's the first release of version 1907344195 and has not been re-released for any reason. |
### Legacy Surface MSI naming convention
Legacy MSI files prior to August 2019 followed the same overall naming formula but used a different method to derive the version number.
**Example:**
SurfacePro6_Win10_16299_1900307_0.msi :
@ -39,8 +55,8 @@ SurfacePro6_Win10_16299_1900307_0.msi :
| Product | Windows release | Build | Version | Revision of version |
| --- | --- | --- | --- | --- |
| SurfacePro6 | Win10 | 16299 | 1900307 | 0 |
| | | | Indicates key date and sequence information | Indicates release history of the MSI file |
| | | | **19:** Signifies the year (2019)<br>**003**: Signifies that its the third release of 2019<br>**07**: Signifies the product version number. (Surface Pro 6 is officially the seventh version of Surface Pro.) | **0:** Signifies it's the first release of version 1900307 and has not been re-released for any reason. |
| | | | Indicates key date and sequence information. | Indicates release history of the MSI file. |
| | | | **19:** Signifies the year (2019)<br>**003**: Signifies that its the third release of 2019.<br>**07**: Signifies the product version number. (Surface Pro 6 is officially the seventh version of Surface Pro.) | **0:** Signifies it's the first release of version 1900307 and has not been re-released for any reason. |
Look to the **version** number to determine the latest files that contain the most recent security updates. For example, you might need to install the newest file from the following list:
@ -60,9 +76,9 @@ There are no downloadable firmware or driver updates available for Surface devic
For more information about deploying Surface drivers and firmware, refer to:
- [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates).
- [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates)
- [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business).
- [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business)
 

10
devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
View File

@ -59,11 +59,11 @@ instant on/instant off functionality typical of smartphones. S0ix, also
known as Deepest Runtime Idle Platform State (DRIPS), is the default
power mode for Surface devices. Modern standby has two modes:
- **Connected standby.** The default mode for up-to-the minute
- **Connected standby.** The default mode for up-to-the minute
delivery of emails, messaging, and cloud-synced data, connected
standby keeps Wi-Fi on and maintains network connectivity.
- **Disconnected standby.** An optional mode for extended battery
- **Disconnected standby.** An optional mode for extended battery
life, disconnected standby delivers the same instant-on experience
and saves power by turning off Wi-Fi, Bluetooth, and related network
connectivity.
@ -76,12 +76,12 @@ Center](https://docs.microsoft.com/windows-hardware/design/device-experiences/mo
Surface integrates the following features designed to help users
optimize the power management experience:
- [Singular power plan](#singular-power-plan)
- [Singular power plan](#singular-power-plan)
- [Simplified power settings user
- [Simplified power settings user
interface](#simplified-power-settings-user-interface)
- [Windows performance power
- [Windows performance power
slider](#windows-performance-power-slider)
### Singular power plan

8
devices/surface/microsoft-surface-brightness-control.md
View File

@ -25,15 +25,15 @@ designed to help reduce thermal load and lower the overall carbon
footprint for deployed Surface devices. The tool automatically dims the screen when not in use and
includes the following configuration options:
- Period of inactivity before dimming the display.
- Period of inactivity before dimming the display.
- Brightness level when dimmed.
- Brightness level when dimmed.
- Maximum brightness level when in use.
- Maximum brightness level when in use.
**To run Surface Brightness Control:**
- Install surfacebrightnesscontrol.msi on the target device and Surface Brightness Control
- Install surfacebrightnesscontrol.msi on the target device and Surface Brightness Control
will begin working immediately.
## Configuring Surface Brightness Control

4
education/windows/set-up-windows-10.md
View File

@ -20,8 +20,8 @@ manager: dansimp
- Windows 10
You have two tools to choose from to set up PCs for your classroom:
* Set up School PCs
* Windows Configuration Designer
* Set up School PCs
* Windows Configuration Designer
Choose the tool that is appropriate for how your students will sign in (Active Directory, Azure Active Directory, or no account).

12
mdop/agpm/step-by-step-guide-for-microsoft-advanced-group-policy-management-40.md
View File

@ -272,15 +272,17 @@ As an AGPM Administrator (Full Control), you designate the e-mail addresses of A
**To configure e-mail notification for AGPM**
1. In the details pane, click the **Domain Delegation** tab.
1. In **Group Policy Management Editor** , navigate to the **Change Control** folder
2. In the **From e-mail address** field, type the e-mail alias for AGPM from which notifications should be sent.
2. In the details pane, click the **Domain Delegation** tab.
3. In the **To e-mail address** field, type the e-mail address for the user account to which you intend to assign the Approver role.
3. In the **From e-mail address** field, type the e-mail alias for AGPM from which notifications should be sent.
4. In the **SMTP server** field, type a valid SMTP mail server.
4. In the **To e-mail address** field, type the e-mail address for the user account to which you intend to assign the Approver role.
5. In the **User name** and **Password** fields, type the credentials of a user who has access to the SMTP service. Click **Apply**.
5. In the **SMTP server** field, type a valid SMTP mail server.
6. In the **User name** and **Password** fields, type the credentials of a user who has access to the SMTP service. Click **Apply**.
### <a href="" id="bkmk-config5"></a>Step 5: Delegate access

4
mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v.md
View File

@ -222,7 +222,7 @@ The XML file that is included in the Office Deployment Tool specifies the produc
2. With the sample configuration.xml file open and ready for editing, you can specify products, languages, and the path to which you save the Office 2016 applications. The following is a basic example of the configuration.xml file:
``` syntax
```xml
<Configuration>
<Add SourcePath= \\Server\Office2016” OfficeClientEdition="32" >
<Product ID="O365ProPlusRetail ">
@ -633,7 +633,7 @@ You may want to disable specific applications in your Office App-V package. For
5. Add the Office 2016 App-V Package with the new Deployment Configuration File.
``` syntax
```xml
<Application Id="[{AppVPackageRoot}]\office16\lync.exe" Enabled="true">
<VisualElements>
<Name>Lync 2016</Name>

4
mdop/appv-v5/how-to-convert-a-package-created-in-a-previous-version-of-app-v.md
View File

@ -43,9 +43,7 @@ You must configure the package converter to always save the package ingredients
Import-Module AppVPkgConverter
```
3.
The following cmdlets are available:
3. The following cmdlets are available:
- Test-AppvLegacyPackage This cmdlet is designed to check packages. It will return information about any failures with the package such as missing **.sft** files, an invalid source, **.osd** file errors, or invalid package version. This cmdlet will not parse the **.sft** file or do any in depth validation. For information about options and basic functionality for this cmdlet, using the PowerShell cmdline, type `Test-AppvLegacyPackage -?`.

1
mdop/docfx.json
View File

@ -27,6 +27,7 @@
"ms.technology": "windows",
"audience": "ITPro",
"manager": "dansimp",
"ms.prod": "w10",
"ms.author": "dansimp",
"author": "dansimp",
"ms.sitesec": "library",

2
mdop/medv-v1/configuring-med-v-for-remote-networks.md
View File

@ -53,7 +53,7 @@ When applying new settings, the service must be restarted.
- You can change the IIS authentication scheme to one of the following: BASIC, DIGEST, NTLM, or NEGOTIATE. The default is NEGOTIATE and uses the following entry:
``` syntax
```xml
<ImageDistribution>
<!-- The authentication used for image download. Basic and digest authentication should be used only under SSL.-->
<!-- The line below can be one of the following: -->

2
mdop/medv-v1/med-v-trim-transfer-technology-medvv2.md
View File

@ -32,7 +32,7 @@ You can configure which folders are indexed on the host as part of the Trim Tran
When applying new settings, the service must be restarted.
``` syntax
```xml
<HostIndexingXP type="System.String[]">
- <ArrayOfString>
<string>%WINDIR%</string>

2
store-for-business/TOC.md
View File

@ -1,7 +1,7 @@
# [Microsoft Store for Business](index.md)
## [What's new in Microsoft Store for Business and Education](whats-new-microsoft-store-business-education.md)
## [Sign up and get started](sign-up-microsoft-store-for-business-overview.md)
###[Microsoft Store for Business and Microsoft Store for Education overview](microsoft-store-for-business-overview.md)
### [Microsoft Store for Business and Microsoft Store for Education overview](microsoft-store-for-business-overview.md)
### [Prerequisites for Microsoft Store for Business and Education](prerequisites-microsoft-store-for-business.md)
### [Sign up for Microsoft Store for Business or Microsoft Store for Education](sign-up-microsoft-store-for-business.md)
### [Roles and permissions in the Microsoft Store for Business and Education](roles-and-permissions-microsoft-store-for-business.md)

2
store-for-business/education/TOC.md
View File

@ -1,7 +1,7 @@
# [Microsoft Store for Education](/microsoft-store/index?toc=/microsoft-store/education/toc.json)
## [What's new in Microsoft Store for Business and Education](/microsoft-store/whats-new-microsoft-store-business-education?toc=/microsoft-store/education/toc.json)
## [Sign up and get started](/microsoft-store/sign-up-microsoft-store-for-business-overview?toc=/microsoft-store/education/toc.json)
###[Microsoft Store for Business and Education overview](/microsoft-store/windows-store-for-business-overview?toc=/microsoft-store/education/toc.json)
### [Microsoft Store for Business and Education overview](/microsoft-store/windows-store-for-business-overview?toc=/microsoft-store/education/toc.json)
### [Prerequisites for Microsoft Store for Business and Education](/microsoft-store/prerequisites-microsoft-store-for-business?toc=/microsoft-store/education/toc.json)
### [Sign up for Microsoft Store for Business or Microsoft Store for Education](/microsoft-store/sign-up-microsoft-store-for-business?toc=/microsoft-store/education/toc.json)
### [Roles and permissions in the Microsoft Store for Business and Education](/microsoft-store/roles-and-permissions-microsoft-store-for-business?toc=/microsoft-store/education/toc.json)

12
store-for-business/manage-orders-microsoft-store-for-business.md
View File

@ -42,14 +42,14 @@ Refunds work a little differently for free apps, and apps that have a price. In
**Refunds for free apps**
For free apps, there isn't really a refund to request -- you're removing the app from your inventory. You must first reclaim any assigned licenses, and then you can remove the app from your organization's inventory.
For free apps, there isn't really a refund to request -- you're removing the app from your inventory. You must first reclaim any assigned licenses, and then you can remove the app from your organization's inventory.
**Refunds for apps that have a price**
**Refunds for apps that have a price**
There are a few requirements for apps that have a price:
- **Timing** - Refunds are available for the first 30 days after you place your order. For example, if your order is placed on June 1, you can self-refund through June 30.
- **Available licenses** - You need to have enough available licenses to cover the number of licenses in the order you are refunding. For example, if you purchased 10 copies of an app and you want to request a refund, you must have at least 10 licenses of the app available in your inventory -- those 10 licenses can't be assigned to people in your organization.
- **Whole order refunds only** - You must refund the complete amount of apps in an order. You can't refund a part of an order. For example, if you purchased 10 copies of an app, but later found you only needed 5 copies, you'll need to request a refund for the 10 apps, and then make a separate order for 5 apps. If you have had multiple orders of the same app, you can refund one order but still keep the rest of the inventory.
There are a few requirements for apps that have a price:
- **Timing** - Refunds are available for the first 30 days after you place your order. For example, if your order is placed on June 1, you can self-refund through June 30.
- **Available licenses** - You need to have enough available licenses to cover the number of licenses in the order you are refunding. For example, if you purchased 10 copies of an app and you want to request a refund, you must have at least 10 licenses of the app available in your inventory -- those 10 licenses can't be assigned to people in your organization.
- **Whole order refunds only** - You must refund the complete amount of apps in an order. You can't refund a part of an order. For example, if you purchased 10 copies of an app, but later found you only needed 5 copies, you'll need to request a refund for the 10 apps, and then make a separate order for 5 apps. If you have had multiple orders of the same app, you can refund one order but still keep the rest of the inventory.
**To refund an order**

6
windows/client-management/mdm/applocker-csp.md
View File

@ -830,7 +830,7 @@ The following list shows the apps that may be included in the inbox.
The following example disables the calendar application.
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Add>
@ -854,7 +854,7 @@ The following example disables the calendar application.
The following example blocks the usage of the map application.
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Add>
@ -1394,7 +1394,7 @@ In this example, **MobileGroup0** is the node name. We recommend using a GUID fo
## Example for Windows 10 Holographic for Business
The following example for Windows 10 Holographic for Business denies all apps and allows the minimum set of [inbox apps](#inboxappsandcomponents) to enable to enable a working device, as well as Settings.
``` syntax
```xml
<RuleCollection Type="Appx" EnforcementMode="Enabled">
<FilePublisherRule Id="96B82A15-F841-499a-B674-963DC647762F"
Name="Whitelist BackgroundTaskHost"

2
windows/client-management/mdm/azure-active-directory-integration-with-mdm.md
View File

@ -653,7 +653,7 @@ An alert is send to the MDM server in DM package\#1.
Here's an example.
``` syntax
```xml
<SyncBody>
<Alert>
<CmdID>1</CmdID>

4
windows/client-management/mdm/clientcertificateinstall-csp.md
View File

@ -372,7 +372,7 @@ Data type is string.
Enroll a client certificate through SCEP.
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Atomic>
@ -571,7 +571,7 @@ Enroll a client certificate through SCEP.
Add a PFX certificate. The PFX certificate password is encrypted with a custom certificate fro "My" store.
``` syntax
```xml
<SyncML>
<SyncBody>
<Delete>

2
windows/client-management/mdm/cm-proxyentries-csp.md
View File

@ -90,7 +90,7 @@ Specifies the username used to connect to the proxy.
To delete both a proxy and its associated connection, you must delete the proxy first, and then delete the connection. The following example shows how to delete the proxy and then the connection.
``` syntax
```xml
<wap-provisioningdoc>
<characteristic type="CM_ProxyEntries">
<nocharacteristic type="GPRS_Proxy"/>

2
windows/client-management/mdm/defender-csp.md
View File

@ -215,7 +215,7 @@ Supported product status values:
Example:
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.1">
<SyncBody>
<Get>

2
windows/client-management/mdm/diagnose-mdm-failures-in-windows-10.md
View File

@ -73,7 +73,7 @@ When the PC is already enrolled in MDM, you can remotely collect logs from the P
Example: Enable the Debug channel logging
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>

2
windows/client-management/mdm/dmacc-csp.md
View File

@ -262,7 +262,7 @@ Stores specifies which certificate stores the DM client will search to find the
Subject specifies the certificate to search for. For example, to specify that you want a certificate with a particular Subject attribute (“CN=Tester,O=Microsoft”), use the following:
``` syntax
```xml
<parm name="SSLCLIENTCERTSEARCHCRITERIA"
value="Subject=CN%3DTester,O%3DMicrosoft&amp;Stores=My%5CUser" />
```

10
windows/client-management/mdm/eap-configuration.md
View File

@ -56,7 +56,7 @@ Here is an easy way to get the EAP configuration from your desktop using the ras
9. Switch over to PowerShell and use the following cmdlets to retrieve the EAP configuration XML.
``` syntax
```powershell
Get-VpnConnection -Name Test
```
@ -80,17 +80,17 @@ Here is an easy way to get the EAP configuration from your desktop using the ras
IdleDisconnectSeconds : 0
```
``` syntax
```powershell
$a = Get-VpnConnection -Name Test
```
``` syntax
```powershell
$a.EapConfigXmlStream.InnerXml
```
Here is an example output
``` syntax
```xml
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig"><EapMethod><Type xmlns="http://www.microsoft.co
m/provisioning/EapCommon">13</Type><VendorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorId><VendorTy
pe xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorType><AuthorId xmlns="http://www.microsoft.com/provisi
@ -158,7 +158,7 @@ The following XML sample explains the properties for the EAP TLS XML including c
 
``` syntax
```xml
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">
<EapMethod>
<Type xmlns="http://www.microsoft.com/provisioning/EapCommon">13</Type>

37
windows/client-management/mdm/healthattestation-csp.md
View File

@ -314,8 +314,8 @@ For DHA-OnPrem & DHA-EMC scenarios, send a SyncML command to the HASEndpoint nod
The following example shows a sample call that instructs a managed device to communicate with an enterprise managed DHA-Service.
``` syntax
<Replace>
```xml
<Replace>
<CmdID>1</CmdID>
<Item>
<Target>
@ -323,7 +323,7 @@ The following example shows a sample call that instructs a managed device to com
</Target>
<Data> www.ContosoDHA-Service</Data>
</Item>
</Replace>
</Replace>
```
@ -334,24 +334,24 @@ Send a SyncML call to start collection of the DHA-Data.
The following example shows a sample call that triggers collection and verification of health attestation data from a managed device.
``` syntax
<Exec>
```xml
<Exec>
<CmdID>1</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/HealthAttestation/VerifyHealth</LocURI>
</Target>
</Item>
</Exec>
</Exec>
<Get>
<Get>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/HealthAttestation/Status</LocURI>
</Target>
</Item>
</Get>
</Get>
```
## <a href="" id="take-action-client-response"></a>**Step 4: Take action based on the clients response**
@ -364,8 +364,8 @@ After the client receives the health attestation request, it sends a response. T
Here is a sample alert that is issued by DHA_CSP:
``` syntax
<Alert>
```xml
<Alert>
<CmdID>1</CmdID>
<Data>1226</Data>
<Item>
@ -378,7 +378,7 @@ Here is a sample alert that is issued by DHA_CSP:
</Meta>
<Data>3</Data>
</Item>
</Alert>
</Alert>
```
- If the response to the status node is not 0, 1 or 3, then troubleshoot the issue. For the complete list of status codes see [Device HealthAttestation CSP status and error codes](#device-healthattestation-csp-status-and-error-codes).
@ -389,7 +389,7 @@ Create a call to the **Nonce**, **Certificate** and **CorrelationId** nodes, and
Here is an example:
``` syntax
```xml
<Replace>
<CmdID>1</CmdID>
<Item>
@ -400,24 +400,23 @@ Here is an example:
</Item>
</Replace>
<Get>
<Get>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/HealthAttestation/Certificate</LocURI>
</Target>
</Item>
</Get>
</Get>
<Get>
<Get>
<CmdID>3</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/HealthAttestation/CorrelationId </LocURI>
</Target>
</Item>
</Get>
</Get>
```
## <a href="" id="forward-data-to-has"></a>**Step 6: Forward device health attestation data to DHA-service**
@ -1019,8 +1018,8 @@ Each of these are described in further detail in the following sections, along w
## DHA-Report V3 schema
``` syntax
<?xml version="1.0" encoding="UTF-8"?>
```xml
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns="http://schemas.microsoft.com/windows/security/healthcertificate/validation/response/v3"
targetNamespace="http://schemas.microsoft.com/windows/security/healthcertificate/validation/response/v3"

6
windows/client-management/mdm/networkqospolicy-csp.md
View File

@ -49,9 +49,9 @@ The following diagram shows the NetworkQoSPolicy configuration service provider
<p style="margin-left: 20px">Valid values are:
- 0 (default) - Both TCP and UDP
- 1 - TCP
- 2 - UDP
- 0 (default) - Both TCP and UDP
- 1 - TCP
- 2 - UDP
<p style="margin-left: 20px">The data type is int.

4
windows/client-management/mdm/policy-csp-taskmanager.md
View File

@ -70,8 +70,8 @@ manager: dansimp
This setting determines whether non-administrators can use Task Manager to end tasks.
Value type is integer. Supported values:
- 0 - Disabled. EndTask functionality is blocked in TaskManager.
- 1 - Enabled (default). Users can perform EndTask in TaskManager.
- 0 - Disabled. EndTask functionality is blocked in TaskManager.
- 1 - Enabled (default). Users can perform EndTask in TaskManager.
<!--/Description-->
<!--SupportedValues-->

6
windows/client-management/mdm/policy-csp-update.md
View File

@ -3874,8 +3874,8 @@ The following list shows the supported values:
<!--Example-->
Example
``` syntax
<Replace>
```xml
<Replace>
<CmdID>$CmdID$</CmdID>
<Item>
<Meta>
@ -3887,7 +3887,7 @@ Example
</Target>
<Data>http://abcd-srv:8530</Data>
</Item>
</Replace>
</Replace>
```
<!--/Example-->

4
windows/client-management/mdm/remotelock-csp.md
View File

@ -117,7 +117,7 @@ A Get operation on this node must follow an Exec operation on the /RemoteLock/Lo
Initiate a remote lock of the device.
``` syntax
```xml
<Exec>
<CmdID>1</CmdID>
<Item>
@ -130,7 +130,7 @@ Initiate a remote lock of the device.
Initiate a remote lock and PIN reset of the device. To successfully retrieve the new device-generated PIN, the commands must be executed together and in the proper sequence as shown below.
``` syntax
```xml
<Sequence>
<CmdID>1</CmdID>
<Exec>

2
windows/client-management/mdm/remotering-csp.md
View File

@ -31,7 +31,7 @@ The supported operation is Exec.
The following sample shows how to initiate a remote ring on the device.
``` syntax
```xml
<Exec>
<CmdID>5</CmdID>
<Item>

4
windows/client-management/mdm/reporting-csp.md
View File

@ -81,7 +81,7 @@ Supported operations are Get and Replace.
Retrieve all available Windows Information Protection (formerly known as Enterprise Data Protection) logs starting from the specified StartTime.
``` syntax
```xml
<SyncML>
<SyncBody>
<Replace>
@ -104,7 +104,7 @@ Retrieve all available Windows Information Protection (formerly known as Enterpr
Retrieve a specified number of security auditing logs starting from the specified StartTime.
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>

8
windows/client-management/mdm/securitypolicy-csp.md
View File

@ -199,7 +199,7 @@ The following security roles are supported.
Setting a security policy:
``` syntax
```xml
<wap-provisioningdoc>
<characteristic type="SecurityPolicy">
<parm name="4141" value="0"/>
@ -209,7 +209,7 @@ Setting a security policy:
Querying a security policy:
``` syntax
```xml
<wap-provisioningdoc>
<characteristic type="SecurityPolicy">
<parm-query name="4141"/>
@ -222,7 +222,7 @@ Querying a security policy:
Setting a security policy:
``` syntax
```xml
<SyncML xmlns='SYNCML:SYNCML1.2'>
<SyncHdr>
@ -245,7 +245,7 @@ Setting a security policy:
Querying a security policy:
``` syntax
```xml
<SyncML xmlns='SYNCML:SYNCML1.2'>
<SyncHdr>

8
windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md
View File

@ -53,7 +53,7 @@ The following table shows the OMA DM versions that are supported.
The following example shows the general structure of the XML document sent by the server using OMA DM version 1.2.1 for demonstration purposes only. The initial XML packages exchanged between client and server could contain additional XML tags. For a detailed description and samples for those packages, see the [OMA Device Management Protocol 1.2.1](https://go.microsoft.com/fwlink/p/?LinkId=526902) specification.
``` syntax
```xml
<SyncML xmlns='SYNCML:SYNCML1.2'>
<SyncHdr>
<VerDTD>1.2</VerDTD>
@ -107,7 +107,7 @@ The following example shows the header component of a DM message. In this case,
 
``` syntax
```xml
<SyncHdr>
<VerDTD>1.2</VerDTD>
<VerProto>DM/1.2</VerProto>
@ -130,7 +130,7 @@ SyncBody contains one or more DM commands. The SyncBody can contain multiple DM
The following example shows the body component of a DM message. In this example, SyncBody contains only one command, Get. This is indicated by the &lt;Final /&gt; tag that occurs immediately after the terminating tag for the Get command.
``` syntax
```xml
<SyncBody>
<!-- query device OS software version -->
<Get>
@ -157,7 +157,7 @@ The Replace command is used to update a device setting.
The following example illustrates how to use the Replace command to update a device setting.
``` syntax
```xml
<SyncHdr>
<VerDTD>1.2</VerDTD>
<VerProto>DM/1.2</VerProto>

2
windows/client-management/mdm/supl-csp.md
View File

@ -481,7 +481,7 @@ Adding a SUPL and a V2 UPL account to the same device. Values in italic must be
Adding a SUPL account to a device. Values in italic must be replaced with correct settings for the mobile operator network. A valid binary blob must be included for the root certificate data value.
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.1">
<SyncBody>
<Add>

6
windows/client-management/mdm/surfacehub-csp.md
View File

@ -39,8 +39,8 @@ The following diagram shows the SurfaceHub CSP management objects in tree format
<p style="margin-left: 20px">Here&#39;s a SyncML example.
``` syntax
<SyncML xmlns="SYNCML:SYNCML1.2">
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Replace>
<CmdID>1</CmdID>
@ -84,7 +84,7 @@ The following diagram shows the SurfaceHub CSP management objects in tree format
</Get>
<Final/>
</SyncBody>
</SyncML>
</SyncML>
```
<p style="margin-left: 20px">To use a device account from Active Directory

6
windows/client-management/mdm/tpmpolicy-csp.md
View File

@ -37,8 +37,8 @@ The following diagram shows the TPMPolicy configuration service provider in tree
Here is an example:
``` syntax
<Replace>
```xml
<Replace>
<CmdID>101</CmdID>
<Item>
<Target>
@ -52,5 +52,5 @@ Here is an example:
</Meta>
<Data>true</Data>
</Item>
</Replace>
</Replace>
```

109
windows/client-management/mdm/vpnv2-csp.md
View File

@ -598,7 +598,7 @@ Value type is bool. Supported operations include Get, Add, Replace, and Delete.
Profile example
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2" xmlns:A="syncml:metinf">
<SyncBody>
<Atomic>
@ -657,9 +657,9 @@ Profile example
AppTriggerList
``` syntax
```xml
<!-- Internet Explorer -->
<Add>
<Add>
<CmdID>10013</CmdID>
<Item>
<Target>
@ -667,8 +667,8 @@ AppTriggerList
</Target>
<Data>%PROGRAMFILES%\Internet Explorer\iexplore.exe</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10014</CmdID>
<Item>
<Target>
@ -676,9 +676,9 @@ AppTriggerList
</Target>
<Data>%PROGRAMFILES% (x86)\Internet Explorer\iexplore.exe</Data>
</Item>
</Add>
<!-- Edge -->
<Add>
</Add>
<!-- Edge -->
<Add>
<CmdID>10015</CmdID>
<Item>
<Target>
@ -686,14 +686,13 @@ AppTriggerList
</Target>
<Data>Microsoft.MicrosoftEdge_8wekyb3d8bbwe</Data>
</Item>
</Add>
</Add>
```
RouteList and ExclusionRoute
``` syntax
<Add>
```xml
<Add>
<CmdID>10008</CmdID>
<Item>
<Target>
@ -701,8 +700,8 @@ RouteList and ExclusionRoute
</Target>
<Data>192.168.0.0</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10009</CmdID>
<Item>
<Target>
@ -713,8 +712,8 @@ RouteList and ExclusionRoute
</Meta>
<Data>24</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10010</CmdID>
<Item>
<Target>
@ -725,16 +724,14 @@ RouteList and ExclusionRoute
</Meta>
<Data>true</Data>
</Item>
</Add>
</Add>
```
DomainNameInformationList
``` syntax
<!-- Domain Name rule with Suffix Match with DNS Servers -->
<Add>
```xml
<!-- Domain Name rule with Suffix Match with DNS Servers -->
<Add>
<CmdID>10013</CmdID>
<Item>
<Target>
@ -742,8 +739,8 @@ DomainNameInformationList
</Target>
<Data>.contoso.com</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10014</CmdID>
<Item>
<Target>
@ -751,10 +748,10 @@ DomainNameInformationList
</Target>
<Data>192.168.0.11,192.168.0.12</Data>
</Item>
</Add>
</Add>
<!-- Domain Name rule with Suffix Match with Web Proxy -->
<Add>
<Add>
<CmdID>10013</CmdID>
<Item>
<Target>
@ -762,21 +759,21 @@ DomainNameInformationList
</Target>
<Data>.contoso.com</Data>
</Item>
</Add>
</Add>
<Add>
<Add>
<CmdID>10015</CmdID>
<Item>
<Target>
<LocURI>./Vendor/MSFT/VPNv2/VPNProfileName/DomainNameInformationList/1/WebProxyServers</LocURI>
<LocURI>./Vendor/MSFT/VPNv2/VPNProfileName/DomainNameInformationList/1/WebProxyServers</LocURI>
</Target>
<Data>192.168.0.100:8888</Data>
</Item>
</Add>
</Add>
<!-- Domain Name rule with FQDN Match with DNS Servers -->
<Add>
<Add>
<CmdID>10016</CmdID>
<Item>
<Target>
@ -784,8 +781,8 @@ DomainNameInformationList
</Target>
<Data>finance.contoso.com</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10017</CmdID>
<Item>
<Target>
@ -793,11 +790,11 @@ DomainNameInformationList
</Target>
<Data>192.168.0.11,192.168.0.12</Data>
</Item>
</Add>
</Add>
<!-- Domain Name rule with FQDN Match with Proxy Server -->
<Add>
<Add>
<CmdID>10016</CmdID>
<Item>
<Target>
@ -805,8 +802,8 @@ DomainNameInformationList
</Target>
<Data>finance.contoso.com</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10017</CmdID>
<Item>
<Target>
@ -814,10 +811,10 @@ DomainNameInformationList
</Target>
<Data>192.168.0.11:8080</Data>
</Item>
</Add>
</Add>
<!-- Domain Name rule for all other (any) traffic through DNS Servers -->
<Add>
<Add>
<CmdID>10016</CmdID>
<Item>
<Target>
@ -825,8 +822,8 @@ DomainNameInformationList
</Target>
<Data>.</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10017</CmdID>
<Item>
<Target>
@ -834,11 +831,11 @@ DomainNameInformationList
</Target>
<Data>192.168.0.11,192.168.0.12</Data>
</Item>
</Add>
</Add>
<!-- Domain Name rule for all other (any) traffic through Proxy -->
<Add>
<Add>
<CmdID>10016</CmdID>
<Item>
<Target>
@ -846,8 +843,8 @@ DomainNameInformationList
</Target>
<Data>.</Data>
</Item>
</Add>
<Add>
</Add>
<Add>
<CmdID>10017</CmdID>
<Item>
<Target>
@ -855,12 +852,12 @@ DomainNameInformationList
</Target>
<Data>192.168.0.11</Data>
</Item>
</Add>
</Add>
```
AutoTrigger
``` syntax
```xml
<Add>
<CmdID>10010</CmdID>
<Item>
@ -872,12 +869,12 @@ AutoTrigger
</Meta>
<Data>true</Data>
</Item>
</Add>
</Add>
```
Persistent
``` syntax
```xml
<Add>
<CmdID>10010</CmdID>
<Item>
@ -889,12 +886,12 @@ Persistent
</Meta>
<Data>true</Data>
</Item>
</Add>
</Add>
```
TrafficFilterLIst App
``` syntax
```xml
Desktop App
<Add>
<CmdID>10013</CmdID>
@ -929,7 +926,7 @@ TrafficFilterLIst App
Protocol, LocalPortRanges, RemotePortRanges, LocalAddressRanges, RemoteAddressRanges, RoutingPolicyType, EDPModeId, RememberCredentials, AlwaysOn, Lockdown, DnsSuffix, TrustedNetworkDetection
``` syntax
```xml
Protocol
<Add>
<CmdID>$CmdID$</CmdID>
@ -1077,7 +1074,7 @@ Protocol
Proxy - Manual or AutoConfigUrl
``` syntax
```xml
Manual
<Add>
<CmdID>$CmdID$</CmdID>
@ -1103,7 +1100,7 @@ Manual
Device Compliance - Sso
``` syntax
```xml
Enabled
<Add>
<CmdID>10011</CmdID>
@ -1143,7 +1140,7 @@ Device Compliance - Sso
PluginProfile
``` syntax
```xml
PluginPackageFamilyName
<!-- Configure VPN Server Name or Address (PhoneNumber=) [Comma Separated]-->
<Add>
@ -1181,7 +1178,7 @@ PluginPackageFamilyName
NativeProfile
``` syntax
```xml
Servers
<Add>
<CmdID>10001</CmdID>

2
windows/client-management/mdm/vpnv2-profile-xsd.md
View File

@ -344,7 +344,7 @@ Here's the XSD for the ProfileXML node in VPNv2 CSP for Windows 10 and some pro
## Plug-in profile example
``` syntax
```xml
<VPNProfile>
<PluginProfile>
<ServerUrlList>testserver1.contoso.com;testserver2.contoso..com</ServerUrlList>

2
windows/client-management/mdm/w7-application-csp.md
View File

@ -160,7 +160,7 @@ Stores specifies which certificate stores the DM client will search to find the
Subject specifies the certificate to search for. For example, to specify that you want a certificate with a particular Subject attribute (“CN=Tester,O=Microsoft”), use the following:
``` syntax
```xml
<parm name="SSLCLIENTCERTSEARCHCRITERIA"
value="Subject=CN%3DTester,O%3DMicrosoft&amp;Stores=My%5CUser" />
```

10
windows/client-management/mdm/wifi-csp.md
View File

@ -121,7 +121,7 @@ These XML examples show how to perform various tasks using OMA DM.
The following example shows how to add PEAP-MSCHAPv2 network with SSID 'MyNetwork,' a proxy URL 'testproxy,' and port 80.
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Atomic>
@ -160,7 +160,7 @@ The following example shows how to add PEAP-MSCHAPv2 network with SSID 'MyNetwor
The following example shows how to query Wi-Fi profiles installed on an MDM server.
``` syntax
```xml
<Get>
<CmdID>301</CmdID>
<Item>
@ -173,7 +173,7 @@ The following example shows how to query Wi-Fi profiles installed on an MDM serv
The following example shows the response.
``` syntax
```xml
<Results>
<CmdID>3</CmdID>
<MsgRef>1</MsgRef>
@ -190,7 +190,7 @@ The following example shows the response.
The following example shows how to remove a network with SSID MyNetwork and no proxy. Removing all network authentication types is done in this same manner.
``` syntax
```xml
<Atomic>
<CmdID>300</CmdID>
<Delete>
@ -208,7 +208,7 @@ The following example shows how to remove a network with SSID MyNetwork an
The following example shows how to add PEAP-MSCHAPv2 network with SSID MyNetwork and root CA validation for server certificate.
``` syntax
```xml
<Atomic>
<CmdID>300</CmdID>
<Add>

2
windows/client-management/mdm/windowsadvancedthreatprotection-csp.md
View File

@ -120,7 +120,7 @@ The following list describes the characteristics and parameters.
## Examples
``` syntax
```xml
<SyncML xmlns="SYNCML:SYNCML1.2">
<SyncBody>
<Get>

4
windows/client-management/mdm/windowsdefenderapplicationguard-csp.md
View File

@ -31,8 +31,8 @@ Interior node. Supported operation is Get.
<a href="" id="allowwindowsdefenderapplicationguard"></a>**Settings/AllowWindowsDefenderApplicationGuard**
Turn on Windows Defender Application Guard in Enterprise Mode. Value type is integer. Supported operations are Add, Get, Replace, and Delete.
- 0 - Stops Application Guard in Enterprise Mode. Trying to access non-enterprise domains on the host will not automatically get transferred into the insolated environment.
- 1 - Enables Application Guard in Enterprise Mode. Trying to access non-enterprise websites on the host will automatically get transferred into the container.
- 0 - Stops Application Guard in Enterprise Mode. Trying to access non-enterprise domains on the host will not automatically get transferred into the insolated environment.
- 1 - Enables Application Guard in Enterprise Mode. Trying to access non-enterprise websites on the host will automatically get transferred into the container.
<a href="" id="clipboardfiletype"></a>**Settings/ClipboardFileType**
Determines the type of content that can be copied from the host to Application Guard environment and vice versa. Value type is integer. Supported operations are Add, Get, Replace, and Delete.

4
windows/client-management/mdm/wmi-providers-supported-in-windows.md
View File

@ -27,7 +27,7 @@ The child node names of the result from a WMI query are separated by a forward s
Get the list of network adapters from the device.
``` syntax
```xml
<Get>
<Target>
<LocURI>./cimV2/Win32_NetworkAdapter</LocURI>
@ -37,7 +37,7 @@ Get the list of network adapters from the device.
Result
``` syntax
```xml
<Item>
<Source>
<LocURI>./cimV2/Win32_NetworkAdapter</LocURI>

23
windows/configuration/lock-down-windows-10-to-specific-apps.md
View File

@ -172,18 +172,19 @@ Here are the predefined assigned access AppLocker rules for **desktop apps**:
The following example allows Groove Music, Movies & TV, Photos, Weather, Calculator, Paint, and Notepad apps to run on the device, with Notepad configured to automatically launch and create a file called `123.text` when the user signs in.
<span id="apps-sample" />
```xml
&lt;AllAppsList&gt;
&lt;AllowedApps&gt;
&lt;App AppUserModelId=&quot;Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic&quot; /&gt;
&lt;App AppUserModelId=&quot;Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo&quot; /&gt;
&lt;App AppUserModelId=&quot;Microsoft.Windows.Photos_8wekyb3d8bbwe!App&quot; /&gt;
&lt;App AppUserModelId=&quot;Microsoft.BingWeather_8wekyb3d8bbwe!App&quot; /&gt;
&lt;App AppUserModelId=&quot;Microsoft.WindowsCalculator_8wekyb3d8bbwe!App&quot; /&gt;
&lt;App DesktopAppPath=&quot;%windir%\system32\mspaint.exe&quot; /&gt;
&lt;App DesktopAppPath=&quot;C:\Windows\System32\notepad.exe&quot; rs5:AutoLaunch=&quot;true&quot; rs5:AutoLaunchArguments=&quot;123.txt&quot;/&gt;
&lt;/AllowedApps&gt;
&lt;/AllAppsList&gt;</code>
<AllAppsList>
<AllowedApps>
<App AppUserModelId="Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic" />
<App AppUserModelId="Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo" />
<App AppUserModelId="Microsoft.Windows.Photos_8wekyb3d8bbwe!App" />
<App AppUserModelId="Microsoft.BingWeather_8wekyb3d8bbwe!App" />
<App AppUserModelId="Microsoft.WindowsCalculator_8wekyb3d8bbwe!App" />
<App DesktopAppPath="%windir%\system32\mspaint.exe" />
<App DesktopAppPath="C:\Windows\System32\notepad.exe" rs5:AutoLaunch="true" rs5:AutoLaunchArguments="123.txt">
</AllowedApps>
</AllAppsList>
```
##### FileExplorerNamespaceRestrictions

8
windows/configuration/start-layout-troubleshoot.md
View File

@ -233,10 +233,10 @@ XML files can and should be tested locally on a Hyper-V or other virtual machine
- User-initiated changes to the start layout are not roamed.
Specifically, behaviors include
- Applications (apps or icons) pinned to the start menu are missing.
- Entire tile window disappears.
- The start button fails to respond.
- If a new roaming user is created, the first logon appears normal, but on subsequent logons, tiles are missing.
- Applications (apps or icons) pinned to the start menu are missing.
- Entire tile window disappears.
- The start button fails to respond.
- If a new roaming user is created, the first logon appears normal, but on subsequent logons, tiles are missing.
![Example of a working layout](images/start-ts-3.png)

2
windows/configuration/wcd/wcd-messaging.md
View File

@ -357,4 +357,4 @@ For networks that require non-standard handling of single-segment incoming MMS W
## Related topics
- [Customizations for SMS and MMS](https://docs.microsoft.com/windows-hardware/customize/mobile/mcsf/customizations-for-sms-and-mms)
- [Customizations for SMS and MMS](https://docs.microsoft.com/windows-hardware/customize/mobile/mcsf/customizations-for-sms-and-mms)

58
windows/deployment/upgrade/setupdiag.md
View File

@ -319,54 +319,54 @@ Each rule name and its associated unique rule identifier are listed with a descr
## Release notes
06/19/2019 - SetupDiag v1.5.0.0 is released with 60 rules, as a standalone tool available from the Download Center.
- All date and time outputs are updated to localized format per user request.
- Added setup Operation and Phase information to /verbose log.
- Added last Setup Operation and last Setup Phase information to most rules where it make sense (see new output below).
- Performance improvement in searching setupact.logs to determine correct log to parse.
- Added SetupDiag version number to text report (xml and json always had it).
- Added "no match" reports for xml and json per user request.
- Formatted Json output for easy readability.
- Performance improvements when searching for setup logs; this should be much faster now.
- Added 7 new rules: PlugInComplianceBlock, PreReleaseWimMountDriverFound, WinSetupBootFilterFailure, WimMountDriverIssue, DISMImageSessionFailure, FindEarlyDownlevelError, and FindSPFatalError. See the [Rules](#rules) section above for more information.
- Diagnostic information is now output to the registry at **HKLM\SYSTEM\Setup\MoSetup\Volatile\SetupDiag**
- All date and time outputs are updated to localized format per user request.
- Added setup Operation and Phase information to /verbose log.
- Added last Setup Operation and last Setup Phase information to most rules where it make sense (see new output below).
- Performance improvement in searching setupact.logs to determine correct log to parse.
- Added SetupDiag version number to text report (xml and json always had it).
- Added "no match" reports for xml and json per user request.
- Formatted Json output for easy readability.
- Performance improvements when searching for setup logs; this should be much faster now.
- Added 7 new rules: PlugInComplianceBlock, PreReleaseWimMountDriverFound, WinSetupBootFilterFailure, WimMountDriverIssue, DISMImageSessionFailure, FindEarlyDownlevelError, and FindSPFatalError. See the [Rules](#rules) section above for more information.
- Diagnostic information is now output to the registry at **HKLM\SYSTEM\Setup\MoSetup\Volatile\SetupDiag**
- The **/AddReg** command was added to toggle registry output. This setting is off by default for offline mode, and on by default for online mode. The command has no effect for online mode and enables registry output for offline mode.
- This registry key is deleted as soon as SetupDiag is run a second time, and replaced with current data, so its always up to date.
- This registry key also gets deleted when a new update instance is invoked.
- For an example, see [Sample registry key](#sample-registry-key).
05/17/2019 - SetupDiag v1.4.1.0 is released with 53 rules, as a standalone tool available from the Download Center.
- This release adds the ability to find and diagnose reset and recovery failures (Push Button Reset).
- This release adds the ability to find and diagnose reset and recovery failures (Push Button Reset).
12/18/2018 - SetupDiag v1.4.0.0 is released with 53 rules, as a standalone tool available from the Download Center.
- This release includes major improvements in rule processing performance: ~3x faster rule processing performance!
- This release includes major improvements in rule processing performance: ~3x faster rule processing performance!
- The FindDownlevelFailure rule is up to 10x faster.
- New rules have been added to analyze failures upgrading to Windows 10 version 1809.
- A new help link is available for resolving servicing stack failures on the down-level OS when the rule match indicates this type of failure.
- Removed the need to specify /Mode parameter. Now if you specify /LogsPath, it automatically assumes offline mode.
- Some functional and output improvements were made for several rules.
- New rules have been added to analyze failures upgrading to Windows 10 version 1809.
- A new help link is available for resolving servicing stack failures on the down-level OS when the rule match indicates this type of failure.
- Removed the need to specify /Mode parameter. Now if you specify /LogsPath, it automatically assumes offline mode.
- Some functional and output improvements were made for several rules.
07/16/2018 - SetupDiag v1.3.1 is released with 44 rules, as a standalone tool available from the Download Center.
- This release fixes a problem that can occur when running SetupDiag in online mode on a computer that produces a setupmem.dmp file, but does not have debugger binaries installed.
- This release fixes a problem that can occur when running SetupDiag in online mode on a computer that produces a setupmem.dmp file, but does not have debugger binaries installed.
07/10/2018 - SetupDiag v1.30 is released with 44 rules, as a standalone tool available from the Download Center.
- Bug fix for an over-matched plug-in rule. The rule will now correctly match only critical (setup failure) plug-in issues.
- New feature: Ability to output logs in JSON and XML format.
- Bug fix for an over-matched plug-in rule. The rule will now correctly match only critical (setup failure) plug-in issues.
- New feature: Ability to output logs in JSON and XML format.
- Use "/Format:xml" or "/Format:json" command line parameters to specify the new output format. See [sample logs](#sample-logs) at the bottom of this topic.
- If the “/Format:xml” or “/Format:json” parameter is omitted, the log output format will default to text.
- New Feature: Where possible, specific instructions are now provided in rule output to repair the identified error. For example, instructions are provided to remediate known blocking issues such as uninstalling an incompatible app or freeing up space on the system drive.
- 3 new rules added: AdvancedInstallerFailed, MigrationAbortedDueToPluginFailure, DISMAddPackageFailed.
- New Feature: Where possible, specific instructions are now provided in rule output to repair the identified error. For example, instructions are provided to remediate known blocking issues such as uninstalling an incompatible app or freeing up space on the system drive.
- 3 new rules added: AdvancedInstallerFailed, MigrationAbortedDueToPluginFailure, DISMAddPackageFailed.
05/30/2018 - SetupDiag v1.20 is released with 41 rules, as a standalone tool available from the Download Center.
- Fixed a bug in device install failure detection in online mode.
- Changed SetupDiag to work without an instance of setupact.log. Previously, SetupDiag required at least one setupact.log to operate. This change enables the tool to analyze update failures that occur prior to calling SetupHost.
- Telemetry is refactored to only send the rule name and GUID (or “NoRuleMatched” if no rule is matched) and the Setup360 ReportId. This change assures data privacy during rule processing.
- Fixed a bug in device install failure detection in online mode.
- Changed SetupDiag to work without an instance of setupact.log. Previously, SetupDiag required at least one setupact.log to operate. This change enables the tool to analyze update failures that occur prior to calling SetupHost.
- Telemetry is refactored to only send the rule name and GUID (or “NoRuleMatched” if no rule is matched) and the Setup360 ReportId. This change assures data privacy during rule processing.
05/02/2018 - SetupDiag v1.10 is released with 34 rules, as a standalone tool available from the Download Center.
- A performance enhancment has been added to result in faster rule processing.
- Rules output now includes links to support articles, if applicable.
- SetupDiag now provides the path and name of files that it is processing.
- You can now run SetupDiag by simply clicking on it and then examining the output log file.
- An output log file is now always created, whether or not a rule was matched.
- A performance enhancment has been added to result in faster rule processing.
- Rules output now includes links to support articles, if applicable.
- SetupDiag now provides the path and name of files that it is processing.
- You can now run SetupDiag by simply clicking on it and then examining the output log file.
- An output log file is now always created, whether or not a rule was matched.
03/30/2018 - SetupDiag v1.00 is released with 26 rules, as a standalone tool available from the Download Center.

38
windows/deployment/upgrade/upgrade-readiness-additional-insights.md
View File

@ -5,7 +5,8 @@ manager: laurawi
ms.author: greglin
description: Explains additional features of Upgrade Readiness.
ms.prod: w10
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.topic: article
ms.collection: M365-analytics
---
@ -14,44 +15,9 @@ ms.collection: M365-analytics
This topic provides information on additional features that are available in Upgrade Readiness to provide insights into your environment. These include:
- [Spectre and Meltdown protections](#spectre-and-meltdown-protection-status): Status of devices with respect to their anti-virus, security update, and firmware updates related to protection from the "Spectre" and "Meltdown" vulnerabilities.
- [Site discovery](#site-discovery): An inventory of web sites that are accessed by client computers running Windows 7, Windows 8.1, or Windows 10 using Internet Explorer.
- [Office add-ins](#office-add-ins): A list of the Microsoft Office add-ins that are installed on client computers.
## Spectre and Meltdown protection status
Microsoft has published guidance for IT Pros that outlines the steps you can take to improve protection against the hardware vulnerabilities known as "Spectre" and "Meltdown." See [Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities](https://go.microsoft.com/fwlink/?linkid=867468) for details about the vulnerabilities and steps you can take.
Microsoft recommends three steps to help protect against the Spectre and Meltdown vulnerabilities:
- Verify that you are running a supported antivirus application.
- Apply all available Windows operating system updates, including the January 2018 and later Windows security updates.
- Apply any applicable processor firmware (microcode) updates provided by your device manufacturer(s).
Upgrade Readiness reports on status of your devices in these three areas.
![Spectre-Meltdown protection blades](../images/spectre-meltdown-prod-closeup.png)
>[!IMPORTANT]
>To provide these blades with data, ensure that your devices can reach the endpoint **http://adl.windows.com**. (See [Enrolling devices in Windows Analytics](https://docs.microsoft.com/windows/deployment/update/windows-analytics-get-started) for more about necessary endpoints and how to whitelist them.)
### Anti-virus status blade
This blade helps you determine if your devices' anti-virus solution is compatible with the latest Windows operating system updates. It shows the number of devices that have an anti-virus solution with no known issues, issues reported, or an unknown status for a particular Windows security update. In the following example, an anti-virus solution that has no known issues with the January 3, 2018 Windows update is installed on about 2,800 devices.
![Spectre-Meltdown antivirus blade](../images/AV-status-by-computer.png)
### Security update status blade
This blade indicates whether a Windows security update that includes Spectre- or Meltdown-related fixes (January 3, 2018 or later) has been installed, as well as whether specific fixes have been disabled. Though protections are enabled by default on devices running Windows (but not Windows Server) operating systems, some IT administrators might choose to disable specific protections. In the following example, about 4,300 devices have a Windows security update that includes Spectre or Meltdown protections installed, and those protections are enabled.
![Spectre-Meltdown antivirus blade](../images/win-security-update-status-by-computer.png)
>[!IMPORTANT]
>If you are seeing computers with statuses of either “Unknown action may be required” or “Installed, but mitigation status unknown,” it is likely that you need to whitelist the **http://adl.windows.com** endpoint.
### Firmware update status blade
This blade reports the number of devices that have installed a firmware update that includes Spectre or Meltdown protections. The blade might report a large number of blank, “unknown”, or “to be determined” statuses at first. As CPU information is provided by partners, the blade will automatically update with no further action required on your part.
## Site discovery
The IE site discovery feature in Upgrade Readiness provides an inventory of web sites that are accessed by client computers using Internet Explorer on Windows 7, Windows 8.1, and Windows 10. Site discovery does not include sites that are accessed using other Web browsers, such as Microsoft Edge. Site inventory information is provided as optional data related to upgrading to Windows 10 and Internet Explorer 11, and is meant to help prioritize compatibility testing for web applications. You can make more informed decisions about testing based on usage data.

2
windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
View File

@ -9,7 +9,7 @@ ms.mktglfcycl: deploy
ms.localizationpriority: medium
ms.sitesec: library
ms.pagetype: deploy
audience: itpro author: greg-lindsay
author: greg-lindsay
ms.author: greglin
ms.collection: M365-modern-desktop
ms.topic: article

14
windows/deployment/windows-autopilot/windows-autopilot-requirements.md
View File

@ -84,13 +84,13 @@ If the Microsoft Store is not accessible, the AutoPilot process will still conti
Windows Autopilot depends on specific capabilities available in Windows 10 and Azure Active Directory. It also requires an MDM service such as Microsoft Intune. These capabilities can be obtained through various editions and subscription programs:
To provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality, one of the following is required:
- [Microsoft 365 Business subscriptions](https://www.microsoft.com/en-us/microsoft-365/business)
- [Microsoft 365 F1 subscriptions](https://www.microsoft.com/en-us/microsoft-365/enterprise/firstline)
- [Microsoft 365 Academic A1, A3, or A5 subscriptions](https://www.microsoft.com/en-us/education/buy-license/microsoft365/default.aspx)
- [Microsoft 365 Enterprise E3 or E5 subscriptions](https://www.microsoft.com/en-us/microsoft-365/enterprise), which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune).
- [Enterprise Mobility + Security E3 or E5 subscriptions](https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security), which include all needed Azure AD and Intune features.
- [Intune for Education subscriptions](https://docs.microsoft.com/intune-education/what-is-intune-for-education), which include all needed Azure AD and Intune features.
- [Azure Active Directory Premium P1 or P2](https://azure.microsoft.com/services/active-directory/) and [Microsoft Intune subscriptions](https://www.microsoft.com/en-us/cloud-platform/microsoft-intune) (or an alternative MDM service).
- [Microsoft 365 Business subscriptions](https://www.microsoft.com/en-us/microsoft-365/business)
- [Microsoft 365 F1 subscriptions](https://www.microsoft.com/en-us/microsoft-365/enterprise/firstline)
- [Microsoft 365 Academic A1, A3, or A5 subscriptions](https://www.microsoft.com/en-us/education/buy-license/microsoft365/default.aspx)
- [Microsoft 365 Enterprise E3 or E5 subscriptions](https://www.microsoft.com/en-us/microsoft-365/enterprise), which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune).
- [Enterprise Mobility + Security E3 or E5 subscriptions](https://www.microsoft.com/en-us/cloud-platform/enterprise-mobility-security), which include all needed Azure AD and Intune features.
- [Intune for Education subscriptions](https://docs.microsoft.com/intune-education/what-is-intune-for-education), which include all needed Azure AD and Intune features.
- [Azure Active Directory Premium P1 or P2](https://azure.microsoft.com/services/active-directory/) and [Microsoft Intune subscriptions](https://www.microsoft.com/en-us/cloud-platform/microsoft-intune) (or an alternative MDM service).
Additionally, the following are also recommended (but not required):
- [Office 365 ProPlus](https://www.microsoft.com/en-us/p/office-365-proplus/CFQ7TTC0K8R0), which can be deployed easily via Intune (or other MDM services).

30
windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
View File

@ -1049,11 +1049,11 @@ To turn off dictation of your voice, speaking to Cortana and other apps, and to
If you're running at Windows 10, version 1703 up to and including Windows 10, version 1803, you can turn off updates to the speech recognition and speech synthesis models:
- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data**
- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data**
-or-
- Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)**
- Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)**
@ -1415,11 +1415,11 @@ In the **Inking & Typing** area you can configure the functionality as such:
To turn off Inking & Typing data collection (note: there is no Group Policy for this setting):
- In the UI go to **Settings -> Privacy -> Diagnostics & Feedback -> Inking and typing** and turn **Improve inking & typing** to **Off**
- In the UI go to **Settings -> Privacy -> Diagnostics & Feedback -> Inking and typing** and turn **Improve inking & typing** to **Off**
-or-
- Set **RestrictImplicitTextCollection** registry REG_DWORD setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** to a **value of 1 (one)**
- Set **RestrictImplicitTextCollection** registry REG_DWORD setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** to a **value of 1 (one)**
### <a href="" id="bkmk-act-history"></a>18.22 Activity History
@ -1484,29 +1484,29 @@ To turn this Off in the UI:
Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following:
**For Windows 10:**
**For Windows 10:**
- **Enable** the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Software Protection Platform** &gt; **Turn off KMS Client Online AVS Validation**
- **Enable** the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Software Protection Platform** &gt; **Turn off KMS Client Online AVS Validation**
-or-
- Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a **value of 1 (one)**.
- Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a **value of 1 (one)**.
**For Windows Server 2019 or later:**
- **Enable** the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Software Protection Platform** &gt; **Turn off KMS Client Online AVS Validation**
- **Enable** the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Software Protection Platform** &gt; **Turn off KMS Client Online AVS Validation**
-or-
- Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
- Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
**For Windows Server 2016:**
- Create a REG_DWORD registry setting named **NoAcquireGT** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
- Create a REG_DWORD registry setting named **NoAcquireGT** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a value of 1 (one).
>[!NOTE]
>Due to a known issue the **Turn off KMS Client Online AVS Validation** group policy does not work as intended on Windows Server 2016, the **NoAcquireGT** value needs to be set instead.
>The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS.
>[!NOTE]
>Due to a known issue the **Turn off KMS Client Online AVS Validation** group policy does not work as intended on Windows Server 2016, the **NoAcquireGT** value needs to be set instead.
>The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS.
### <a href="" id="bkmk-storage-health"></a>20. Storage health
@ -1730,7 +1730,7 @@ If you're running Windows 10, version 1607 or later, you need to:
> The Group Policy for the **LockScreenOverlaysDisabled** regkey is **Force a specific default lock screen and logon image** that is under **Control Panel** **Personalization**.
-AND-
\-AND-
- Set the Group Policy **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Cloud Content** &gt; **Do not show Windows tips** to **Enabled**
@ -1740,7 +1740,7 @@ If you're running Windows 10, version 1607 or later, you need to:
- Create a new REG_DWORD registry setting named **DisableSoftLanding** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a **value of 1 (one)**
-AND-
\-AND-
- Set the Group Policy **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Cloud Content** &gt; **Turn off Microsoft consumer experiences** to **Enabled**

2
windows/release-information/TOC.md
View File

@ -24,7 +24,7 @@
# Previous versions
## Windows 8.1 and Windows Server 2012 R2
### [Known issues and notifications](status-windows-8.1-and-windows-server-2012-r2.yml)
###[Resolved issues](resolved-issues-windows-8.1-and-windows-server-2012-r2.yml)
### [Resolved issues](resolved-issues-windows-8.1-and-windows-server-2012-r2.yml)
## Windows Server 2012
### [Known issues and notifications](status-windows-server-2012.yml)
### [Resolved issues](resolved-issues-windows-server-2012.yml)

4
windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md
View File

@ -85,8 +85,8 @@ Sign-in to a certificate authority or management workstations with _Enterprise A
3. In the **Certificate Templates Console**, right-click the **Domain Controller Authentication (Kerberos)** (or the name of the certificate template you created in the previous section) template in the details pane and click **Properties**.
4. Click the **Superseded Templates** tab. Click **Add**.
5. From the **Add Superseded Template** dialog, select the **Domain Controller** certificate template and click **OK**. Click **Add**.
6. From the **Add Superseded Template** dialog, select the **Domain Controller Authentication** certificate template and click **Add**.
7. From the **Add Superseded Template** dialog, select the **Kerberos Authentication** certificate template and click **Add**.
6. From the **Add Superseded Template** dialog, select the **Domain Controller Authentication** certificate template and click **OK**. Click **Add**.
7. From the **Add Superseded Template** dialog, select the **Kerberos Authentication** certificate template and click **OK**. Click **Add**.
8. Add any other enterprise certificate templates that were previously configured for domain controllers to the **Superseded Templates** tab.
9. Click **OK** and close the **Certificate Templates** console.

2
windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md
View File

@ -71,7 +71,7 @@ Azure AD Join is intended for organizations that desire to be cloud-first or clo
[Join Type](#join-type), [Hybrid Azure AD Joined](#hybrid-azure-ad-joined)
### More information
- [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction).
- [Introduction to device management in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/device-management-introduction).
[Return to Top](hello-how-it-works-technology.md)
## Azure AD Registered

6
windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md
View File

@ -535,7 +535,7 @@ Sign-in a workstation with access equivalent to a _domain user_.
1. Sign-in to the [Azure Portal](https://portal.azure.com/).
2. Select **All Services**. Type **Intune** to filter the list of services. Click **Microsoft Intune**.
![Microsoft Intune Console](images/aadjcert/microsoftintuneconsole.png)
3. Select **Device Configuration**, and then select **Certificate Authority**.
3. Select **Device Configuration**, and then select **Certificate Connectors**.
![Intune Certificate Authority](images/aadjcert/intunedeviceconfigurationcertauthority.png)
4. Click **Add**, and then click **Download the certificate connector software** under the **Steps to install connector for SCEP** section.
![Intune Download Certificate connector](images/aadjcert/intunedownloadcertconnector.png)
@ -610,7 +610,7 @@ Sign-in the NDES server with access equivalent to _domain admin_.
1. Open a command prompt.
2. Type the following command to confirm the NDES Connector's last connection time is current.</br>
```reg query hklm\software\Micosoft\MicrosoftIntune\NDESConnector\ConnectionStatus```</br>
```reg query hklm\software\Microsoft\MicrosoftIntune\NDESConnector\ConnectionStatus```</br>
3. Close the command prompt.
4. Open **Internet Explorer**.
5. In the navigation bar, type</br>
@ -636,7 +636,7 @@ Sign-in a workstation with access equivalent to a _domain user_.
8. Click **Members**. Use the **Select members** pane to add members to this group. When finished click **Select**.
9. Click **Create**.
### Create a SCEP Certificte Profile
### Create a SCEP Certificate Profile
Sign-in a workstation with access equivalent to a _domain user_.
1. Sign-in to the [Azure Portal](https://portal.azure.com/).

2
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md
View File

@ -114,7 +114,7 @@ Sign-in a certificate authority or management workstations with *Domain Admin* e
1. Open the **Certificate Authority** management console.
2. Right-click **Certificate Templates** and click **Manage**.
3. In the **Certificate Template** console, right-click the **Exchange Enrollment Agent** template in the details pane and click **Duplicate Template**.
3. In the **Certificate Template** console, right-click the **Exchange Enrollment Agent (Offline request)** template in the details pane and click **Duplicate Template**.
4. On the **Compatibility** tab, clear the **Show resulting changes** check box. Select **Windows Server 2012** or **Windows Server 2012 R2** from the **Certification Authority** list. Select **Windows Server 2012** or **Windows Server 2012 R2** from the **Certification Recipient** list.
5. On the **General** tab, type **WHFB Enrollment Agent** in **Template display name**. Adjust the validity and renewal period to meet your enterprise's needs.
6. On the **Subject** tab, select the **Build from this Active Directory information** button if it is not already selected. Select **Fully distinguished name** from the **Subject name format** list if **Fully distinguished name** is not already selected. Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**.

6
windows/security/identity-protection/hello-for-business/passwordless-strategy.md
View File

@ -34,9 +34,9 @@ With Windows Hello for Business and passwords coexisting in your environment, th
### 3. Transition into a passwordless deployment
Once the user-visible password surface has been eliminated, your organization can begin to transition those users into a passwordless world. A world where:
- the users never type their password
- the users never change their password
- the users do not know their password
- the users never type their password
- the users never change their password
- the users do not know their password
In this world, the user signs in to Windows 10 using Windows Hello for Business and enjoys single sign-on to Azure and Active Directory resources. If the user is forced to authenticate, their authentication uses Windows Hello for Business.

2
windows/security/identity-protection/hello-for-business/toc.md
View File

@ -1,6 +1,6 @@
# [Windows Hello for Business](hello-identity-verification.md)
##[Password-less Strategy](passwordless-strategy.md)
## [Password-less Strategy](passwordless-strategy.md)
## [Windows Hello for Business Overview](hello-overview.md)
## [Why a PIN is better than a password](hello-why-pin-is-better-than-password.md)

2
windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
View File

@ -59,7 +59,7 @@ Always On is a feature in Windows 10 which enables the active VPN profile to con
When the trigger occurs, VPN tries to connect. If an error occurs or any user input is needed, the user is shown a toast notification for additional interaction.
When a device has multiple profiles with Always On triggers, the user can specify the active profile in **Settings** > **Network & Internet** > **VPN** > *VPN profile* by selecting the **Let apps automatically use this VPN connection** checkbox. By default, the first MDM-configured profile is marked as **Active**.
When a device has multiple profiles with Always On triggers, the user can specify the active profile in **Settings** > **Network & Internet** > **VPN** > *VPN profile* by selecting the **Let apps automatically use this VPN connection** checkbox. By default, the first MDM-configured profile is marked as **Active**. Devices with multiple users have the same restriction: only one profile and therefore only one user will be able to use the Always On triggers.
Preserving user Always On preference

6
windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
View File

@ -24,11 +24,11 @@ The Windows 10 operating system improves most existing security features in the
**See also:**
- [Windows 10 Specifications](https://www.microsoft.com/windows/windows-10-specifications)
- [Windows 10 Specifications](https://www.microsoft.com/windows/windows-10-specifications)
- [TPM Fundamentals](tpm-fundamentals.md)
- [TPM Fundamentals](tpm-fundamentals.md)
- [TPM Recommendations](tpm-recommendations.md)
- [TPM Recommendations](tpm-recommendations.md)
## TPM Overview

4
windows/security/threat-protection/TOC.md
View File

@ -92,12 +92,12 @@
##### [Investigate entities using Live response]()
###### [Investigate entities on machines](microsoft-defender-atp/live-response.md)
######[Live response command examples](microsoft-defender-atp/live-response-command-examples.md)
###### [Live response command examples](microsoft-defender-atp/live-response-command-examples.md)
### [Automated investigation and remediation]()
#### [Automated investigation and remediation overview](microsoft-defender-atp/automated-investigations.md)
#### [Learn about the automated investigation and remediation dashboard](microsoft-defender-atp/manage-auto-investigation.md)
#####[Manage actions related to automated investigation and remediation](microsoft-defender-atp/auto-investigation-action-center.md)
##### [Manage actions related to automated investigation and remediation](microsoft-defender-atp/auto-investigation-action-center.md)
### [Secure score](microsoft-defender-atp/overview-secure-score.md)
### [Threat analytics](microsoft-defender-atp/threat-analytics.md)

40
windows/security/threat-protection/fips-140-validation.md
View File

@ -18,14 +18,14 @@ ms.reviewer:
On this page
- [Introduction](https://technet.microsoft.com/library/cc750357.aspx#id0eo)
- [FIPS 140 Overview](https://technet.microsoft.com/library/cc750357.aspx#id0ebd)
- [Microsoft Product Validation (Information for Procurement Officers and Auditors)](https://technet.microsoft.com/library/cc750357.aspx#id0ezd)
- [Information for System Integrators](https://technet.microsoft.com/library/cc750357.aspx#id0eve)
- [Information for Software Developers](https://technet.microsoft.com/library/cc750357.aspx#id0eibac)
- [FIPS 140 FAQ](https://technet.microsoft.com/library/cc750357.aspx#id0eqcac)
- [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#id0ewfac)
- [Cryptographic Algorithms](https://technet.microsoft.com/library/cc750357.aspx#id0erobg)
- [Introduction](https://technet.microsoft.com/library/cc750357.aspx#id0eo)
- [FIPS 140 Overview](https://technet.microsoft.com/library/cc750357.aspx#id0ebd)
- [Microsoft Product Validation (Information for Procurement Officers and Auditors)](https://technet.microsoft.com/library/cc750357.aspx#id0ezd)
- [Information for System Integrators](https://technet.microsoft.com/library/cc750357.aspx#id0eve)
- [Information for Software Developers](https://technet.microsoft.com/library/cc750357.aspx#id0eibac)
- [FIPS 140 FAQ](https://technet.microsoft.com/library/cc750357.aspx#id0eqcac)
- [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#id0ewfac)
- [Cryptographic Algorithms](https://technet.microsoft.com/library/cc750357.aspx#id0erobg)
Updated: March 2018
@ -103,12 +103,12 @@ Rather than validate individual components and products, Microsoft chooses to va
The following list contains some of the Windows components and Microsoft products that rely on FIPS 140 validated cryptographic modules:
- Schannel Security Package
- Remote Desktop Protocol (RDP) Client
- Encrypting File System (EFS)
- Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
- BitLocker® Drive Full-volume Encryption
- IPsec Settings of Windows Firewall
- Schannel Security Package
- Remote Desktop Protocol (RDP) Client
- Encrypting File System (EFS)
- Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
- BitLocker® Drive Full-volume Encryption
- IPsec Settings of Windows Firewall
## Information for System Integrators
@ -145,12 +145,12 @@ While there are alternative methods for setting the FIPS local/group security po
The following list details some of the Microsoft components that use the cryptographic functionality implemented by either CNG or legacy CAPI. When the FIPS Local/Group Security Policy is set, the following components will enforce the validated module Security Policy.
- Schannel Security Package
- Remote Desktop Protocol (RDP) Client
- Encrypting File System (EFS)
- Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
- BitLocker® Drive Full-volume Encryption
- IPsec Settings of Windows Firewall
- Schannel Security Package
- Remote Desktop Protocol (RDP) Client
- Encrypting File System (EFS)
- Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
- BitLocker® Drive Full-volume Encryption
- IPsec Settings of Windows Firewall
#### Effects of Setting FIPS Local/Group Security Policy Flag

4
windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
View File

@ -143,8 +143,8 @@ For more information, see [Create rules for alert notifications](configure-email
These check boxes must be checked:
- **Include organization name** - The customer name will be added to email notifications
- **Include tenant-specific portal link** - Alert link URL will have tenant specific parameter (tid=target_tenant_id) that allows direct access to target tenant portal
- **Include organization name** - The customer name will be added to email notifications
- **Include tenant-specific portal link** - Alert link URL will have tenant specific parameter (tid=target_tenant_id) that allows direct access to target tenant portal
## Fetch alerts from MSSP customer's tenant into the SIEM system

4
windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
View File

@ -36,7 +36,7 @@ The embedded Microsoft Defender ATP sensor runs in system context using the Loca
The WinHTTP configuration setting is independent of the Windows Internet (WinINet) Internet browsing proxy settings and can only discover a proxy server by using the following discovery methods:
- Auto-discovery methods:
- Auto-discovery methods:
- Transparent proxy
- Web Proxy Auto-discovery Protocol (WPAD)
@ -44,7 +44,7 @@ The WinHTTP configuration setting is independent of the Windows Internet (WinINe
> If you're using Transparent proxy or WPAD in your network topology, you don't need special configuration settings. For more information on Microsoft Defender ATP URL exclusions in the proxy, see [Enable access to Microsoft Defender ATP service URLs in the proxy server](#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server).
- Manual static proxy configuration:
- Manual static proxy configuration:
- Registry based configuration
- WinHTTP configured using netsh command Suitable only for desktops in a stable topology (for example: a desktop in a corporate network behind the same proxy)

20
windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
View File

@ -51,17 +51,17 @@ The machine will automatically be onboarded to your tenant with the recommended
The following security components are pre-configured in the test machines:
- [Attack Surface Reduction](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)
- [Block at first sight](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus)
- [Controlled Folder Access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)
- [Exploit Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection)
- [Network Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard)
- [Potentially unwanted application detection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus)
- [Cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus)
- [Windows Defender SmartScreen](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview)
- [Attack Surface Reduction](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)
- [Block at first sight](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus)
- [Controlled Folder Access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)
- [Exploit Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection)
- [Network Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard)
- [Potentially unwanted application detection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus)
- [Cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus)
- [Windows Defender SmartScreen](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview)
>[!NOTE]
> Windows Defender Antivirus will be on (not in audit). If Windows Defender Antivirus blocks you from running your simulation, you may turn off real-time protection on the machine through Windows Security. For more information, see [Configure always-on protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus).
>[!NOTE]
> Windows Defender Antivirus will be on (not in audit). If Windows Defender Antivirus blocks you from running your simulation, you may turn off real-time protection on the machine through Windows Security. For more information, see [Configure always-on protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus).
Automated investigation settings will be dependent on tenant settings. It will be configured to be semi-automated by default. For more information, see [Overview of Automated investigations](automated-investigations.md).

6
windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md
View File

@ -26,9 +26,9 @@ ms.date: 09/24/2018
Full scenario using multiple APIs from Microsoft Defender ATP.
In this section we share PowerShell samples to
- Retrieve a token
- Use token to retrieve the latest alerts in Microsoft Defender ATP
- For each alert, if the alert has medium or high priority and is still in progress, check how many times the machine has connected to suspicious URL.
- Retrieve a token
- Use token to retrieve the latest alerts in Microsoft Defender ATP
- For each alert, if the alert has medium or high priority and is still in progress, check how many times the machine has connected to suspicious URL.
>**Prerequisite**: You first need to [create an app](apis-intro.md).

4
windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
View File

@ -53,8 +53,8 @@ Do you expect a machine to be in Active status? [Open a support ticket](ht
## Misconfigured machines
Misconfigured machines can further be classified to:
- Impaired communications
- No sensor data
- Impaired communications
- No sensor data
### Impaired communications
This status indicates that there's limited communication between the machine and the service.

2
windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
View File

@ -36,7 +36,7 @@ Selecting an alert in either of those places brings up the **Alert management pa
You can create a new incident from the alert or link to an existing incident.
## Assign alerts
If an alert is no yet assigned, you can select **Assign to me** to assign the alert to yourself.
If an alert is not yet assigned, you can select **Assign to me** to assign the alert to yourself.
## Suppress alerts

12
windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
View File

@ -32,13 +32,13 @@ ms.topic: conceptual
Follow the corresponding instructions depending on your preferred deployment method.
## Offboard Windows 10 machines
- [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script)
- [Offboard machines using Group Policy](configure-endpoints-gp.md#offboard-machines-using-group-policy)
- [Offboard machines using System Center Configuration Manager](configure-endpoints-sccm.md#offboard-machines-using-system-center-configuration-manager)
- [Offboard machines using Mobile Device Management tools](configure-endpoints-mdm.md#offboard-and-monitor-machines-using-mobile-device-management-tools)
- [Offboard machines using a local script](configure-endpoints-script.md#offboard-machines-using-a-local-script)
- [Offboard machines using Group Policy](configure-endpoints-gp.md#offboard-machines-using-group-policy)
- [Offboard machines using System Center Configuration Manager](configure-endpoints-sccm.md#offboard-machines-using-system-center-configuration-manager)
- [Offboard machines using Mobile Device Management tools](configure-endpoints-mdm.md#offboard-and-monitor-machines-using-mobile-device-management-tools)
## Offboard Servers
- [Offboard servers](configure-server-endpoints.md#offboard-servers)
- [Offboard servers](configure-server-endpoints.md#offboard-servers)
## Offboard non-Windows machines
- [Offboard non-Windows machines](configure-endpoints-non-windows.md#offboard-non-windows-machines)
- [Offboard non-Windows machines](configure-endpoints-non-windows.md#offboard-non-windows-machines)

6
windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
View File

@ -44,9 +44,9 @@ In the context of Microsoft Defender ATP, alert definitions are containers for I
Each IOC defines the concrete detection logic based on its type and value as well as its action, which determines how it is matched. It is bound to a specific alert definition that defines how a detection is displayed as an alert on the Microsoft Defender ATP console.
Here is an example of an IOC:
- Type: Sha1
- Value: 92cfceb39d57d914ed8b14d0e37643de0797ae56
- Action: Equals
- Type: Sha1
- Value: 92cfceb39d57d914ed8b14d0e37643de0797ae56
- Action: Equals
IOCs have a many-to-one relationship with alert definitions such that an alert definition can have many IOCs that correspond to it.

6
windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
View File

@ -296,9 +296,9 @@ You might also need to check the following:
## Licensing requirements
Microsoft Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers:
- Windows 10 Enterprise E5
- Windows 10 Education E5
- Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5
- Windows 10 Enterprise E5
- Windows 10 Education E5
- Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5
For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2).

2
windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
View File

@ -191,7 +191,7 @@ This setting will prevent a scan from occurring after receiving an update. You c
### Enable headless UI mode
- Double-click **Enable headless UI mode** and set the option to **Enabled**. Click **OK**. This hides the entire Windows Defender AV user interface from users.
- Double-click **Enable headless UI mode** and set the option to **Enabled**. Click **OK**. This hides the entire Windows Defender AV user interface from users.

2
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
View File

@ -151,7 +151,7 @@ realTimeProtectionEnabled : true
2. Install the configuration file on a client machine:
```bash
python WindowsDefenderATPOnboarding.py
/usr/bin/python WindowsDefenderATPOnboarding.py
Generating /Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist ... (You may be required to enter sudos password)
```

3
windows/security/threat-protection/windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md
View File

@ -29,6 +29,9 @@ If Windows Defender Antivirus is configured to detect and remediate threats on y
3. Under **Quarantined threats**, click **See full history**.
4. Click an item you want to keep, then click **Restore**. (If you prefer to remove the item, you can click **Remove**.)
> [!NOTE]
> You can also use the dedicated command-line tool [mpcmdrun.exe](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus) to restore quarantined files in Windows Defender AV.
## Related topics
- [Configure remediation for scans](configure-remediation-windows-defender-antivirus.md)

1
windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
View File

@ -47,7 +47,6 @@ You can configure and manage Windows Defender Antivirus with:
> [!NOTE]
> For more information regarding what's new in each Windows version, please refer to [What's new in Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp).
=======
<a id="sysreq"></a>
## Minimum system requirements

2
windows/security/threat-protection/windows-defender-application-control/TOC.md
View File

@ -11,7 +11,7 @@
## [Windows Defender Application Control deployment guide](windows-defender-application-control-deployment-guide.md)
### [Types of devices](types-of-devices.md)
###Use WDAC with custom policies
### Use WDAC with custom policies
#### [Create an initial default policy](create-initial-default-policy.md)
#### [Create path-based rules](create-path-based-rules.md)
#### [Microsoft recommended block rules](microsoft-recommended-block-rules.md)

4
windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# Add rules for packaged apps to existing AppLocker rule-set
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for IT professionals describes how to update your existing AppLocker policies for packaged apps using the Remote Server Administration Toolkit (RSAT).

4
windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md
View File

@ -20,8 +20,8 @@ ms.date: 02/28/2019
# Administer AppLocker
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for IT professionals provides links to specific procedures to use when administering AppLocker policies.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# AppLocker architecture and components
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for IT professional describes AppLockers basic architecture and its major components.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# AppLocker functions
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for the IT professional lists the functions and security levels for the Software Restriction Policies (SRP) and AppLocker features.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
View File

@ -20,8 +20,8 @@ ms.date: 10/16/2017
# AppLocker
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic provides a description of AppLocker and can help you decide if your organization can benefit from deploying AppLocker application control policies. AppLocker helps you control which apps and files users can run. These include executable files, scripts, Windows Installer files, dynamic-link libraries (DLLs), packaged apps, and packaged app installers.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md
View File

@ -21,8 +21,8 @@ ms.date: 09/21/2017
# AppLocker deployment guide
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for IT professionals introduces the concepts and describes the steps required to deploy AppLocker policies.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# AppLocker design guide
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for the IT professional introduces the design and planning steps required to deploy application control policies by using AppLocker.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# AppLocker policy use scenarios
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for the IT professional lists the various application control scenarios in which AppLocker policies can be effectively implemented.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# AppLocker processes and interactions
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for the IT professional describes the process dependencies and interactions when AppLocker evaluates and enforces rules.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# AppLocker settings
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This topic for the IT professional lists the settings used by AppLocker.

4
windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md
View File

@ -20,8 +20,8 @@ ms.date: 09/21/2017
# AppLocker technical reference
**Applies to**
- Windows 10
- Windows Server
- Windows 10
- Windows Server
This overview topic for IT professionals provides links to the topics in the technical reference.
AppLocker advances the application control features and functionality of Software Restriction Policies. AppLocker contains new capabilities and extensions that allow you to create rules to allow or deny apps from running based on unique identities of files and to specify which users or groups can run those apps.

Some files were not shown because too many files have changed in this diff Show More