deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-19 16:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merged PR 6166: Merge master to rs4

Browse Source
This commit is contained in:
Justin Hall 2018-03-05 22:43:25 +00:00
commit a3d11e2994
10 changed files with 399 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/client-management/mdm/TOC.md
View File

@ -155,6 +155,8 @@
#### [Maps DDF](maps-ddf-file.md)
### [Messaging CSP](messaging-csp.md)
#### [Messaging DDF file](messaging-ddf.md)
### [MultiSIM CSP](multisim-csp.md)
#### [MultiSIM DDF file](multisim-ddf.md)
### [NAP CSP](nap-csp.md)
### [NAPDEF CSP](napdef-csp.md)
### [NetworkProxy CSP](networkproxy-csp.md)

8
windows/client-management/mdm/assignedaccess-csp.md
View File

@ -7,7 +7,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 02/22/2018
ms.date: 03/01/2018
---
# AssignedAccess CSP
@ -62,7 +62,8 @@ The supported operations are Add, Delete, Get and Replace. When there's no confi
Added in Windows 10, version 1709. Specifies the settings that you can configure in the kiosk or device. This node accepts an AssignedAccessConfiguration xml as input to configure the device experience. For details about the configuration settings in the XML, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/en-us/windows/configuration/lock-down-windows-10-to-specific-apps).Here is the schema for the [AssignedAccessConfiguration](#assignedaccessconfiguration-xsd).
> [!Note]
> You cannot set both KioskModeApp and Configuration at the same time in the device in Windows 10, version 1709.
> You cannot set both KioskModeApp and Configuration at the same time on the device in Windows 10, version 1709.
> You cannot set both ShellLauncher and Configuration at the same time on the device.
Enterprises can use this to easily configure and manage the curated lockdown experience.
@ -98,6 +99,9 @@ Supported operation is Get.
<a href="" id="assignedaccess-shelllauncher"></a>**./Device/Vendor/MSFT/AssignedAccess/ShellLauncher**
Added in Windows 10,version 1803. This node accepts a ShellLauncherConfiguration xml as input. Click [link](#shelllauncherconfiguration-xsd) to see the schema.
> [!Note]
> You cannot set both ShellLauncher and Configuration at the same time on the device.
<a href="" id="assignedaccess-statusconfiguration"></a>**./Device/Vendor/MSFT/AssignedAccess/StatusConfiguration**
Added in Windows 10, version 1803. This node accepts a StatusConfiguration xml as input to configure the Kiosk App Health monitoring. There are three possible values for StatusEnabled node inside StatusConfiguration xml: On, OnWithAlerts, and Off. Click [link](#statusconfiguration-xsd) to see the StatusConfiguration schema.

28
windows/client-management/mdm/configuration-service-provider-reference.md
View File

@ -1295,6 +1295,34 @@ Footnotes:
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[MultiSIM CSP](multisim-csp.md)
<!--StartSKU-->
<table>
<tr>
<th>Home</th>
<th>Pro</th>
<th>Business</th>
<th>Enterprise</th>
<th>Education</th>
<th>Mobile</th>
<th>Mobile Enterprise</th>
</tr>
<tr>
<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>4</sup></td>
</tr>
</table>
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[NAP CSP](nap-csp.md)

BIN
windows/client-management/mdm/images/provisioning-csp-multisim.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

58
windows/client-management/mdm/multisim-csp.md Normal file
View File

@ -0,0 +1,58 @@
---
title: MultiSIM CSP
description: MultiSIM CSP allows the enterprise to manage devices with dual SIM single active configuration.
ms.author: maricia
ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 02/27/2018
---
# MultiSIM CSP
> [!WARNING]
> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
The MultiSIM configuration service provider (CSP) is used by the enterprise to manage devices with dual SIM single active configuration. An enterprise can set policies on whether that user can switch between SIM slots, specify which slot is the default, and whether the slot is embedded. This CSP was added in Windows 10, version 1803.
The following diagram shows the MultiSIM configuration service provider in tree format.
![MultiSIM CSP diagram](images/provisioning-csp-multisim.png)
<a href="" id="multisim"></a>**./Device/Vendor/MSFT/MultiSIM**
Root node.
<a href="" id="tbd"></a>**_ModemID_**
Node representing a Mobile Broadband Modem. The node name is the modem ID. Modem ID is a GUID without curly braces, with exception of "Embedded" which represents the embedded modem.
<a href="" id="modemid"></a>**_ModemID_/Identifier**
Modem ID.
<a href="" id="tbd"></a>**_ModemID_/IsEmbedded**
Indicates whether this modem is embedded or external.
<a href="" id="tbd"></a>**_ModemID_/Slots**
Represents all SIM slots in the Modem.
<a href="" id="tbd"></a>**_ModemID_/Slots/_SlotID_**
Node representing a SIM Slot. The node name is the Slot ID. SIM Slot ID format is "0", "1", etc., with exception of "Embedded" which represents the embedded Slot.
<a href="" id="tbd"></a>**_ModemID_/Slots/_SlotID_/Identifier**
Slot ID.
<a href="" id="tbd"></a>**_ModemID_/Slots/_SlotID_/IsEmbedded**
Indicates whether this Slot is embedded or a physical SIM slot.
<a href="" id="tbd"></a>**_ModemID_/Slots/_SlotID_/IsSelected**
Indicates whether this Slot is selected or not.
<a href="" id="tbd"></a>**_ModemID_/Slots/_SlotID_/State**
Slot state (Unknown = 0, OffEmpty = 1, Off = 2, Empty = 3, NotReady = 4, Active = 5, Error = 6, ActiveEsim = 7, ActiveEsimNoProfile = 8)
<a href="" id="tbd"></a>**_ModemID_/Policies**
Policies associated with the Modem.
<a href="" id="tbd"></a>**_ModemID_/Policies/SlotSelectionEnabled**
Determines whether the user is allowed to change slots in the Cellular settings UI. Default is true.

291
windows/client-management/mdm/multisim-ddf.md Normal file
View File

@ -0,0 +1,291 @@
---
title: MultiSIM DDF file
description: XML file containing the device description framework
ms.author: maricia
ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 02/27/2018
---
# MultiSIM CSP
> [!WARNING]
> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
This topic shows the OMA DM device description framework (DDF) for the **MultiSIM** configuration service provider.
The XML below is for Windows 10, version 1803.
``` syntax
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE MgmtTree PUBLIC " -//OMA//DTD-DM-DDF 1.2//EN"
"http://www.openmobilealliance.org/tech/DTD/DM_DDF-V1_2.dtd"
[<?oma-dm-ddf-ver supported-versions="1.2"?>]>
<MgmtTree xmlns:MSFT="http://schemas.microsoft.com/MobileDevice/DM">
<VerDTD>1.2</VerDTD>
<Node>
<NodeName>MultiSIM</NodeName>
<Path>./Device/Vendor/MSFT</Path>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Subtree for multi-SIM management.</Description>
<DFFormat>
<node />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Permanent />
</Scope>
<DFType>
<MIME>com.microsoft/1.0/MDM/MultiSIM</MIME>
<DDFName></DDFName>
</DFType>
</DFProperties>
<Node>
<NodeName></NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Node representing a Mobile Broadband Modem. The node name is the Modem ID. Modem ID is a GUID without curly braces, with exception of "Embedded" which represents the embedded Modem.</Description>
<DFFormat>
<node />
</DFFormat>
<Occurrence>
<ZeroOrMore />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFTitle>ModemID</DFTitle>
<DFType>
<DDFName></DDFName>
</DFType>
</DFProperties>
<Node>
<NodeName>Identifier</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Modem ID.</Description>
<DFFormat>
<chr />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<CaseSense>
<CIS />
</CaseSense>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
<Node>
<NodeName>IsEmbedded</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Indicates whether this Modem is embedded or external.</Description>
<DFFormat>
<bool />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
<Node>
<NodeName>Slots</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Represents all SIM slots in the Modem.</Description>
<DFFormat>
<node />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<DDFName></DDFName>
</DFType>
</DFProperties>
<Node>
<NodeName></NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Node representing a SIM Slot. The node name is the Slot ID. SIM Slot ID format is "0", "1", etc., with exception of "Embedded" which represents the embedded Slot.</Description>
<DFFormat>
<node />
</DFFormat>
<Occurrence>
<ZeroOrMore />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFTitle>SlotID</DFTitle>
<DFType>
<DDFName></DDFName>
</DFType>
</DFProperties>
<Node>
<NodeName>Identifier</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Slot ID.</Description>
<DFFormat>
<int />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
<Node>
<NodeName>IsEmbedded</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Indicates whether this Slot is embedded or a physical SIM slot.</Description>
<DFFormat>
<bool />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
<Node>
<NodeName>IsSelected</NodeName>
<DFProperties>
<AccessType>
<Get />
<Replace />
</AccessType>
<Description>Indicates whether this Slot is selected or not.</Description>
<DFFormat>
<bool />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
<Node>
<NodeName>State</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Slot state (Unknown = 0, OffEmpty = 1, Off = 2, Empty = 3, NotReady = 4, Active = 5, Error = 6, ActiveEsim = 7, ActiveEsimNoProfile = 8)</Description>
<DFFormat>
<int />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
</Node>
</Node>
<Node>
<NodeName>Policies</NodeName>
<DFProperties>
<AccessType>
<Get />
</AccessType>
<Description>Policies associated with the Modem.</Description>
<DFFormat>
<node />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<DDFName></DDFName>
</DFType>
</DFProperties>
<Node>
<NodeName>SlotSelectionEnabled</NodeName>
<DFProperties>
<AccessType>
<Get />
<Replace />
</AccessType>
<DefaultValue>true</DefaultValue>
<Description>Determines whether the user is allowed to change slots in the Cellular settings UI. Default is true.</Description>
<DFFormat>
<bool />
</DFFormat>
<Occurrence>
<One />
</Occurrence>
<Scope>
<Dynamic />
</Scope>
<DFType>
<MIME>text/plain</MIME>
</DFType>
</DFProperties>
</Node>
</Node>
</Node>
</Node>
</MgmtTree>
```

4
windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
View File

@ -1436,6 +1436,10 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
</ul>
<p>Updated the AssigneAccessConfiguration schema.</p>
</td></tr>
<tr class="odd">
<td style="vertical-align:top">[MultiSIM CSP](multisim-csp.md)</td>
<td style="vertical-align:top"><p>Added a new CSP in Windows 10, version 1803.</p>
</td></tr>
</tbody>
</table>

4
windows/configuration/wcd/wcd-accounts.md
View File

@ -42,7 +42,7 @@ Specifies the settings you can configure when joining a device to a domain, incl
| --- | --- | --- |
| Account | string | Account to use to join computer to domain |
| AccountOU | string | Name of organizational unit for the computer account |
| ComputerName | Specify a unique name for the domain-joined computers using %RAND:x%, where x is an integer less than 15 digits long, or using %SERIALNUMBER% characters in the name.</br></br>ComputerName is a string with a maximum length of 15 bytes of content:</br></br>- ComputerName can use ASCII characters (1 byte each) and/or multi-byte characters such as Kanji, so long as you do not exceed 15 bytes of content.</br></br>- ComputerName cannot use spaces or any of the following characters: \{ &#124; \} ~ \[ \\ \] ^ ' : ; < = > ? @ ! " \# $ % ` \( \) + / . , \* &, or contain any spaces.</br></br>- ComputerName cannot use some non-standard characters, such as emoji.</br></br>Computer names that cannot be validated through the DnsValidateName function cannot be used, for example, computer names that only contain numbers (0-9). For more information, see the [DnsValidateName function](http://go.microsoft.com/fwlink/?LinkId=257040). | Specifies the name of the Windows device (computer name on PCs) |
| ComputerName | Specify a unique name for the domain-joined computers using %RAND:x%, where x is an integer less than 15 digits long, or using %SERIAL% characters in the name.</br></br>ComputerName is a string with a maximum length of 15 bytes of content:</br></br>- ComputerName can use ASCII characters (1 byte each) and/or multi-byte characters such as Kanji, so long as you do not exceed 15 bytes of content.</br></br>- ComputerName cannot use spaces or any of the following characters: \{ &#124; \} ~ \[ \\ \] ^ ' : ; < = > ? @ ! " \# $ % ` \( \) + / . , \* &, or contain any spaces.</br></br>- ComputerName cannot use some non-standard characters, such as emoji.</br></br>Computer names that cannot be validated through the DnsValidateName function cannot be used, for example, computer names that only contain numbers (0-9). For more information, see the [DnsValidateName function](http://go.microsoft.com/fwlink/?LinkId=257040). | Specifies the name of the Windows device (computer name on PCs) |
| DomainName | string (cannot be empty) | Specify the name of the domain that the device will join |
| Password | string (cannot be empty) | Corresponds to the password of the user account that's authorized to join the computer account to the domain. |
@ -55,4 +55,4 @@ Use these settings to add local user accounts to the device.
| UserName | string (cannot be empty) | Specify a name for the local user account |
| HomeDir | string (cannot be ampty) | Specify the path of the home directory for the user |
| Password | string (cannot be empty) | Specify the password for the user account |
| UserGroup | string (cannot be empty) | Specify the local user group for the user |
| UserGroup | string (cannot be empty) | Specify the local user group for the user |

2
windows/security/threat-protection/TOC.md
View File

@ -245,7 +245,7 @@
### [Reference topics for management and configuration tools](windows-defender-antivirus\configuration-management-reference-windows-defender-antivirus.md)
### [Manage Windows Defender AV in your business](windows-defender-antivirus\configuration-management-reference-windows-defender-antivirus.md)
#### [Use Group Policy settings to configure and manage Windows Defender AV](windows-defender-antivirus\use-group-policy-windows-defender-antivirus.md)
#### [Use System Center Configuration Manager and Microsoft Intune to configure and manage Windows Defender AV](windows-defender-antivirus\use-intune-config-manager-windows-defender-antivirus.md)
#### [Use PowerShell cmdlets to configure and manage Windows Defender AV](windows-defender-antivirus\use-powershell-cmdlets-windows-defender-antivirus.md)

14
windows/security/threat-protection/windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md
View File

@ -1,6 +1,6 @@
---
title: Windows Defender AV reference for management tools
description: Learn how Group Policy, Configuration Manager, PowerShell, WMI, Intune, and the comman line can be used to manage Windows Defender AV
title: Manage Windows Defender AV in your business
description: Learn how to use Group Policy, Configuration Manager, PowerShell, WMI, Intune, and the comman line to manage Windows Defender AV
keywords: group policy, gpo, config manager, sccm, scep, powershell, wmi, intune, defender, antivirus, antimalware, security, protection
search.product: eADQiWindows 10XVcnh
ms.pagetype: security
@ -9,12 +9,12 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: iaanw
ms.author: iawilt
ms.date: 08/26/2017
author: andreabichsel
ms.author: v-anbic
ms.date: 03/01/2018
---
# Reference topics for management and configuration tools
# Manage Windows Defender AV in your business
**Applies to:**
@ -24,7 +24,7 @@ ms.date: 08/26/2017
- Enterprise security administrators
Windows Defender Antivirus can be managed and configured with the following tools:
You can manage and configure Windows Defender Antivirus with the following tools:
- Group Policy
- System Center Configuration Manager and Microsoft Intune