deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-28 05:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into microsoft-edge

Browse Source
This commit is contained in:
Patti Short 2018-10-23 11:36:59 -07:00
commit b13cf5b1c4
207 changed files with 855 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.gitattributes vendored Normal file
View File

@ -0,0 +1,14 @@
# Set the default behavior, in case people don't have core.autocrlf set.
* text=auto
# Explicitly declare text files you want to always be normalized and converted
# to native line endings on checkout.
*.c text
*.h text
# Declare files that will always have CRLF line endings on checkout.
*.sln text eol=crlf
# Denote all files that are truly binary and should not be modified.
*.png binary
*.jpg binary

24
.openpublishing.publish.config.json
View File

@ -101,6 +101,22 @@
"moniker_groups": [],
"version": 0
},
{
"docset_name": "license",
"build_source_folder": "windows/license",
"build_output_subfolder": "license",
"locale": "en-us",
"monikers": [],
"moniker_ranges": [],
"open_to_public_contributors": false,
"type_mapping": {
"Conceptual": "Content",
"ManagedReference": "Content",
"RestApi": "Content"
},
"build_entry_point": "docs",
"template_folder": "_themes"
},
{
"docset_name": "mdop-VSTS",
"build_source_folder": "mdop",
@ -511,11 +527,11 @@
]
},
"need_generate_pdf_url_template": true,
"need_generate_pdf": false,
"need_generate_intellisense": false,
"Targets": {
"targets": {
"Pdf": {
"template_folder": "_themes.pdf"
}
}
},
"need_generate_pdf": false,
"need_generate_intellisense": false
}

3
README.md Normal file
View File

@ -0,0 +1,3 @@
## Microsoft Open Source Code of Conduct
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.

4
browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
View File

@ -159,7 +159,7 @@ This table includes the attributes used by the Enterprise Mode schema.
</tr>
<tr>
<td>&lt;exclude&gt;</td>
<td>Specifies the domain or path that is excluded from getting the behavior applied. This attribute is supported on the &lt;domain&gt; and &lt;path&gt; elements.
<td>Specifies the domain or path excluded from applying the behavior and is supported on the &lt;domain&gt; and &lt;path&gt; elements.
<p><b>Example</b>
<pre class="syntax">
&lt;emie&gt;
@ -230,4 +230,4 @@ If you want to target specific sites in your organization.
|You can specify subdomains in the domain tag. |<code>&lt;docMode&gt;<br>&lt;domain docMode="5"&gt;contoso.com&lt;/domain&gt;<br>&lt;domain docMode="9"&gt;info.contoso.com&lt;/domain&gt;<br>&lt;docMode&gt;</code> |<ul><li>contoso.com uses document mode 5.</li><li>info.contoso.com uses document mode 9.</li><li>test.contoso.com also uses document mode 5.</li></ul>|
|You can specify exact URLs by listing the full path. |<code>&lt;emie&gt;<br>&lt;domain exclude="false"&gt;bing.com&lt;/domain&gt;<br>&lt;domain exclude="false" forceCompatView="true"&gt;contoso.com&lt;/domain&gt;<br>&lt;emie&gt;</code>|<ul><li>bing.com uses IE8 Enterprise Mode.</li><li>contoso.com uses IE7 Enterprise Mode.</li></ul>|
|You can nest paths underneath domains. |<code>&lt;emie&gt;<br>&lt;domain exclude="true"&gt;contoso.com<br>&lt;path exclude="false"&gt;/about&lt;/path&gt;<br>&lt;path exclude="true"&gt;<br>/about/business&lt;/path&gt;<br>&lt;/domain&gt;<br>&lt;/emie&gt;</code> |<ul><li>contoso.com will use the default version of IE.</li><li>contoso.com/about and everything underneath that node will load in Enterprise Mode, except contoso.com/about/business, which will load in the default version of IE.</li></ul> |
|You cant add a path underneath a path. The file will still be parsed, but the sub-path will be ignored. |<code>&lt;emie&gt;<br>&lt;domain exclude="true"&gt;contoso.com<br>&lt;path&gt;/about<br>&lt;path exclude="true"&gt;/business&lt;/path&gt;<br>&lt;/path&gt;<br>&lt;/domain&gt;<br>&lt;/emie&gt;</code> |<ul><li>contoso.com will use the default version of IE.</li><li>contoso.com/about and everything underneath that node will load in Enterprise Mode, including contoso.com/about/business because the last rule is ignored.</li></ul> |
|You cant add a path underneath a path. The file will still be parsed, but the sub-path will be ignored. |<code>&lt;emie&gt;<br>&lt;domain exclude="true"&gt;contoso.com<br>&lt;path&gt;/about<br>&lt;path exclude="true"&gt;/business&lt;/path&gt;<br>&lt;/path&gt;<br>&lt;/domain&gt;<br>&lt;/emie&gt;</code> |<ul><li>contoso.com will use the default version of IE.</li><li>contoso.com/about and everything underneath that node will load in Enterprise Mode, including contoso.com/about/business because the last rule is ignored.</li></ul> |

7
browsers/internet-explorer/ie11-ieak/ieak-information-and-downloads.md
View File

@ -2,10 +2,10 @@
ms.localizationpriority: medium
ms.mktglfcycl: support
ms.pagetype: security
description: The Internet Explorer Administration Kit (IEAK) simplifies the creation, deployment, and management of customized Internet Explorer packages. You can use the IEAK to configure the out-of-box Internet Explorer experience or to manage user settings after Internet Explorer deployment.
description: The Internet Explorer Administration Kit (IEAK) simplifies the creation, deployment, and management of customized Internet Explorer packages. Use the IEAK to configure the out-of-box Internet Explorer experience or to manage user settings after Internet Explorer deployment.
author: shortpatti
ms.author: pashort
ms.manager: elizapo
ms.manager: dougkim
ms.prod: ie11
ms.assetid:
title: Internet Explorer Administration Kit (IEAK) information and downloads
@ -15,8 +15,11 @@ ms.date: 05/10/2018
# Internet Explorer Administration Kit (IEAK) information and downloads
>Applies to: Windows 10
The Internet Explorer Administration Kit (IEAK) simplifies the creation, deployment, and management of customized Internet Explorer packages. You can use the IEAK to configure the out-of-box Internet Explorer experience or to manage user settings after Internet Explorer deployment. To find more information on the IEAK, see [What IEAK can do for you](what-ieak-can-do-for-you.md).
## Internet Explorer Administration Kit 11 (IEAK 11)
[IEAK 11 documentation](index.md)

3
devices/hololens/change-history-hololens.md
View File

@ -9,7 +9,7 @@ author: jdeckerms
ms.author: jdecker
ms.topic: article
ms.localizationpriority: medium
ms.date: 10/08/2018
ms.date: 10/23/2018
---
# Change history for Microsoft HoloLens documentation
@ -23,6 +23,7 @@ New or changed topic | Description
[Preview new mixed reality apps for HoloLens](hololens-public-preview-apps.md) | Removed, and redirected to [Mixed reality apps](https://docs.microsoft.com/dynamics365/#pivot=mixed-reality-apps)
[Microsoft Remote Assist app](hololens-microsoft-remote-assist-app.md) | Removed, and redirected to [Overview of Dynamics 365 Remote Assist](https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/)
[Microsoft Dynamics 365 Layout app](hololens-microsoft-dynamics-365-layout-app.md) | Removed, and redirected to [Overview of Dynamics 365 Layout](https://docs.microsoft.com/dynamics365/mixed-reality/layout/)
[Insider preview for Microsoft HoloLens](hololens-insider.md) | Added instructions for opting out of Insider builds.
## July 2018

14
devices/hololens/hololens-insider.md
View File

@ -7,7 +7,7 @@ author: jdeckerms
ms.author: jdecker
ms.topic: article
ms.localizationpriority: medium
ms.date: 07/27/2018
ms.date: 10/23/2018
---
# Insider preview for Microsoft HoloLens
@ -86,6 +86,18 @@ In order to switch to the Chinese or Japanese version of HoloLens, youll need
10. After you complete setup, go to **Settings -> Update & Security -> Windows Insider Program** and select **Get started**. Link the account you used to register as a Windows Insider. Then, select **Active development of Windows**, choose whether youd like to receive **Fast** or **Slow** builds, and review the program terms. Select **Confirm -> Restart Now** to finish up. After your device has rebooted, go to **Settings -> Update & Security -> Check for updates** to get the latest build.
## How do I stop receiving Insider builds?
If you no longer want to receive Insider builds of Windows Holographic, you can opt out when your HoloLens is running a production build, or you can [recover your device](https://docs.microsoft.com/windows/mixed-reality/reset-or-recover-your-hololens#perform-a-full-device-recovery) using the Windows Device Recovery Tool to recover your device to a non-Insider version of Windows Holographic.
To verify that your HoloLens is running a production build:
- Go to **Settings > System > About**, and find the build number.
- If the build number is 10.0.17763.1, your HoloLens is running a production build. [See the list of production build numbers.](https://www.microsoft.com/itpro/windows-10/release-information)
To opt out of Insider builds:
- On a HoloLens running a production build, go to **Settings > Update & Security > Windows Insider Program**, and select **Stop Insider builds**.
- Follow the instructions to opt out your device.
## Note for language support
- You cant change the system language between English, Japanese, and Chinese using the Settings app. Flashing a new build is the only supported way to change the device system language.

4
devices/hololens/hololens-install-apps.md
View File

@ -8,7 +8,7 @@ author: jdeckerms
ms.author: jdecker
ms.topic: article
ms.localizationpriority: medium
ms.date: 12/20/2017
ms.date: 10/23/2018
---
# Install apps on HoloLens
@ -83,7 +83,7 @@ Using Intune, you can also [monitor your app deployment](https://docs.microsoft.
![App Manager](images/apps.png)
5. In **Install app**, select an **app package** from a folder on your computer or network. If the app package requires additional software, click **Add dependency**.
5. In **Install app**, select an **app package** from a folder on your computer or network. If the app package requires additional software, such as dependency frameworks, select **I want to specify framework packages**.
6. In **Deploy**, click **Go** to deploy the app package and added dependencies to the connected HoloLens.

2
education/windows/set-up-school-pcs-provisioning-package.md
View File

@ -111,7 +111,7 @@ Set up School PCs uses the Universal app install policy to install school-releva
The time it takes to install a package on a device depends on the:
* Strength of network connection
* Number of policies and apps withim the package
* Number of policies and apps within the package
* Additional configurations made to the device
Review the table below to estimate your expected provisioning time. A package that only applies Set Up School PC's default configurations will provision the fastest. A package that removes pre-installed apps, through CleanPC, will take much longer to provision.

6
mdop/mbam-v25/evaluating-mbam-25-in-a-test-environment.md
View File

@ -232,10 +232,12 @@ To evaluate MBAM by using the Configuration Manager Integration topology, use th
4. Restart the **BitLocker Management Client Service**.
5. In Control Panel, open **Configuration Manager**, and then click the **Actions** tab.
6. Select **Hardware Inventory Cycle**, and then click **Run Now**. This step runs the hardware inventory by using the new classes that you imported to your .mof files, and then sends the data to the Configuration Manager server.
7. Select **Machine Policy Retrieval & Evaluation Cycle**, and then click **Run Now** to apply the Group Policy Objects that are relevant to that client computer.
6. Select **Machine Policy Retrieval & Evaluation Cycle**, and then click **Run Now** to apply the Group Policy Objects that are relevant to that client computer.
7. Select **Hardware Inventory Cycle**, and then click **Run Now**. This step runs the hardware inventory by using the new classes that you imported to your .mof files, and then sends the data to the Configuration Manager server.
4. In the Configuration Manager console, do the following:

2
mdop/mbam-v25/planning-for-mbam-25-groups-and-accounts.md
View File

@ -88,7 +88,7 @@ Create the following accounts for the Reports feature.
<td align="left"><p>Reports read-only domain access group</p></td>
<td align="left"><p>Group</p></td>
<td align="left"><p>Reporting role domain group</p></td>
<td align="left"><p>Name of the domain group whose members have read-only access to the reports in the Administration and Monitoring Website.</p></td>
<td align="left"><p>Specifies the domain user group that has read-only access to the reports in the Administration and Monitoring Website. The group you specify must be the same group you specified for the Reports Read Only Access Group parameter when the web apps are enabled.</p></td>
</tr>
<tr class="even">
<td align="left"><p>Compliance and Audit Database domain user account</p></td>

1
windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md
View File

@ -17,6 +17,7 @@ Requirements:
- AD-joined PC running Windows 10, version 1709
- Enterprise has MDM service already configured
- Enterprise AD must be registered with Azure AD
- Device should not already be enrolled in Intune using the classic agents (devices manged using agents will fail enrollment with error 0x80180026)
> [!Tip]
> [How to configure automatic registration of Windows domain-joined devices with Azure Active Directory](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-automatic-device-registration-setup)

2
windows/client-management/mdm/vpn-ddf-file.md
View File

@ -1384,7 +1384,7 @@ This topic shows the OMA DM device description framework (DDF) for the **VPN** c
## Related topics
[VPN configurtion service provider](vpn-csp.md)
[VPN configuration service provider](vpn-csp.md)
 

2
windows/configuration/manage-tips-and-suggestions.md
View File

@ -36,7 +36,7 @@ Since its inception, Windows 10 has included a number of user experience feature
>[!TIP]
> On all Windows desktop editions, users can directly enable and disable Windows 10 tips, "fun facts", and suggestions and Microsoft Store suggestions. For example, users are able to select personal photos for the lock screen as opposed to the images provided by Microsoft, or turn off tips, "fun facts", or suggestions as they use Windows.
Windows 10, version 1607 (also known as the Anniversary Update), provides organizations the ability to centrally manage the type of content provided by these features through Group Policy or mobile device management (MDM). The following table describes how administrators can manage suggestions and tips in Windows 10 commercial and education editions.
Windows 10 provides organizations the ability to centrally manage the type of content provided by these features through Group Policy or mobile device management (MDM). The following table describes how administrators can manage suggestions and tips in Windows 10 commercial and education editions.
## Options available to manage Windows 10 tips and "fun facts" and Microsoft Store suggestions

2
windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md
View File

@ -27,7 +27,7 @@ The CSPs are documented on the [Hardware Dev Center](https://go.microsoft.com/fw
>[!NOTE]  
>The explanation of CSPs and CSP documentation also apply to Windows Mobile 5, Windows Mobile 6, Windows Phone 7, and Windows Phone 8, but links to current CSPs are for Windows 10 and Windows 10 Mobile.
 [See what's new for CSPs in Windows 10, version 1607.](https://msdn.microsoft.com/library/windows/hardware/mt299056.aspx#whatsnew_1607)
 [See what's new for CSPs in Windows 10, version 1809.](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1809)
## What is a CSP?

2
windows/deployment/s-mode.md
View File

@ -27,7 +27,7 @@ Start-ups are quick, and S mode is built to keep them that way. With Microsoft E
**Choice and flexibility**
Save your files to your favorite cloud, like OneDrive or Dropbox, and access them from any device you choose. Browse the Microsoft Store for thousands of apps, and if you dont find exactly what you want, you can easily [switch out of S mode](https://docs.microsoft.com/en-us/windows/deployment/windows-10-pro-in-s-mode) at any time and search the web for more choices.
Save your files to your favorite cloud, like OneDrive or Dropbox, and access them from any device you choose. Browse the Microsoft Store for thousands of apps, and if you dont find exactly what you want, you can easily [switch out of S mode](https://docs.microsoft.com/en-us/windows/deployment/windows-10-pro-in-s-mode) to Home, Pro, or Enterprise at any time and search the web for more choices, as shown below.
![Switching out of S mode flow chart](images/s-mode-flow-chart.png)

4
windows/deployment/windows-autopilot/enrollment-status.md
View File

@ -6,7 +6,7 @@ ms.prod: w10
ms.technology: Windows
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype:
ms.pagetype: deploy
ms.localizationpriority: medium
author: greg-lindsay
ms.author: greg-lindsay
@ -31,7 +31,7 @@ The Windows Autopilot Enrollment Status page displaying the status of the comple
- Show custom error message when an error occurs.
- Allow users to collect logs about installation errors.
## Installation progresss tracked
## Installation progress tracked
The Enrollment Status page tracks a subset of the available MDM CSP policies that are delivered to the device as part of the complete device configuration process. The specific types of policies that are tracked include:

291
windows/deployment/windows-autopilot/existing-devices.md
View File

@ -1,5 +1,5 @@
---
title: Autopilot for existing devices
title: Windows Autopilot for existind devices
description: Listing of Autopilot scenarios
keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
ms.prod: w10
@ -8,12 +8,293 @@ ms.localizationpriority: low
ms.sitesec: library
ms.pagetype: deploy
author: greg-lindsay
ms.author: greglin
ms.date: 10/11/2018
ms.author: greg-lindsay
ms.date: 10/22/2018
---
# Autopilot for existing devices
# Windows Autopilot for existing devices
**Applies to: Windows 10**
Placeholder. Content coming.
Modern desktop management with Windows Autopilot enables you to easily deploy the latest version of Windows 10 to your existing devices. The apps you need for work can be automatically installed. Your work profile is synchronized, so you can resume working right away.
This topic describes how to convert Windows 7 domain-joined computers to Azure Active Directory-joined computers running Windows 10 by using Windows Autopilot.
## Prerequisites
- System Center Configuration Manager Current Branch (1806) OR System Center Configuration Manager Technical Preview (1808)
- The [Windows ADK](https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit) 1803 or later
- Note: Config Mgr 1806 or later is required to [support](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10#windows-10-adk) the Windows ADK 1809.
- Assigned Microsoft Intune Licenses
- Azure Active Directory Premium
- Windows 10 version 1809 or later imported into Config Mgr as an Operating System Image
## Procedures
### Configure the Enrollment Status Page (optional)
If desired, you can set up an [enrollment status page](https://docs.microsoft.com/windows/deployment/windows-autopilot/enrollment-status) for Autopilot using Intune.
To enable and configure the enrollment and status page:
1. Open [Intune in the Azure portal](https://aka.ms/intuneportal).
2. Access **Intune > Device enrollment > Windows enrollment** and [Set up an enrollment status page](https://docs.microsoft.com/intune/windows-enrollment-status).
3. Access **Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune** and [Configure automatic MDM enrollment](https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/enroll-hybrid-windows#enable-windows-10-automatic-enrollment) and configure the MDM user scope for some or all users.
See the following examples.
![enrollment status page](images/esp-config.png)<br><br>
![mdm](images/mdm-config.png)
### Create the JSON file
>[!TIP]
>To run the following commands on a computer running Windows Server 2012/2012 R2 or Windows 7/8.1, you must first download and install the [Windows Management Framework](https://www.microsoft.com/en-us/download/details.aspx?id=54616).
1. On an Internet connected Windows PC or Server open an elevated Windows PowerShell command window
2. Enter the following lines to install the necessary modules
#### Install required modules
```
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module AzureAD -Force
Install-Module WindowsAutopilotIntune -Force
```
3. Enter the following lines and provide Intune administrative credentials
- In the following command, replace the example user principal name for Azure authentication (admin@M365x373186.onmicrosoft.com) with your user account. Be sure that the user account you specify has sufficient administrative rights.
```
Connect-AutopilotIntune -user admin@M365x373186.onmicrosoft.com
```
The password for your account will be requested using a standard Azure AD form. Type your password and then click **Sign in**.
<br>See the following example:
![Azure AD authentication](images/pwd.png)
If this is the first time youve used the Intune Graph APIs, youll also be prompted to enable read and write permissions for Microsoft Intune PowerShell. To enable these permissions:
- Select **Consent on behalf or your organization**
- Click **Accept**
4. Next, retrieve and display all the Autopilot profiles available in the specified Intune tenant in JSON format:
#### Retrieve profiles in Autopilot for existing devices JSON format
```
Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON
```
See the following sample output:
<pre style="overflow-y: visible">
PS C:\> Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON
{
"CloudAssignedTenantId": "1537de22-988c-4e93-b8a5-83890f34a69b",
"CloudAssignedForcedEnrollment": 1,
"Version": 2049,
"Comment_File": "Profile Autopilot Profile",
"CloudAssignedAadServerData": "{\"ZeroTouchConfig\":{\"CloudAssignedTenantUpn\":\"\",\"ForcedEnrollment\":1,\"CloudAssignedTenantDomain\":\"M365x373186.onmicrosoft.com\"}}",
"CloudAssignedTenantDomain": "M365x373186.onmicrosoft.com",
"CloudAssignedDomainJoinMethod": 0,
"CloudAssignedOobeConfig": 28,
"ZtdCorrelationId": "7F9E6025-1E13-45F3-BF82-A3E8C5B59EAC"
}</pre>
Each profile is encapsulated within braces **{ }**. In the previous example, a single profile is displayed.
See the following table for a description of properties used in the JSON file.
| Property | Description |
| --- | --- |
| Version (number, optional) | The version number that identifies the format of the JSON file. For Windows 10 1809, the version specified must be 2049. |
| CloudAssignedTenantId (guid, required) | The Azure Active Directory tenant ID that should be used. This is the GUID for the tenant, and can be found in properties of the tenant. The value should not include braces. |
| CloudAssignedTenantDomain (string, required) | The Azure Active Directory tenant name that should be used, e.g. tenant.onmicrosoft.com. |
| CloudAssignedOobeConfig (number, required) | This is a bitmap that shows which Autopilot settings were configured. Values include: SkipCortanaOptIn = 1, OobeUserNotLocalAdmin = 2, SkipExpressSettings = 4, SkipOemRegistration = 8, SkipEula = 16 |
| CloudAssignedDomainJoinMethod (number, required) | This property should be set to 0 and specifies that the device should join Azure AD. |
| CloudAssignedForcedEnrollment (number, required) | Specifies that the device should require AAD Join and MDM enrollment. <br>0 = not required, 1 = required. |
| ZtdCorrelationId (guid, required) | A unique GUID (without braces) that will be provided to Intune as part of the registration process. ZtdCorrelationId will be included in enrollment message as “OfflineAutoPilotEnrollmentCorrelator”. This attribute will be present only if the enrollment is taking place on a device registered with Zero Touch Provisioning via offline registration.|
| CloudAssignedAadServerData (encoded JSON string, required) | An embedded JSON string used for branding. It requires AAD corp branding enabled. <br> Example value: "CloudAssignedAadServerData": "{\"ZeroTouchConfig\":{\"CloudAssignedTenantUpn\":\"\",\"CloudAssignedTenantDomain\":\"tenant.onmicrosoft.com\"}}"|
| CloudAssignedDeviceName (string, optional) | The name automatically assigned to the computer. This follows the naming pattern convention that can be configured in Intune as part of the Autopilot profile, or can specify an explicit name to use. |
5. The Autopilot profile must be saved as a JSON file in ASCII or ANSI format. Windows PowerShell defaults to Unicode format, so if you attempt to redirect output of the commands to a file, you must also specify the file format. For example, to save the file in ASCII format using Windows PowerShell, you can create a directory (ex: c:\Autopilot) and save the profile as shown below:
```
Get-AutopilotProfile | ConvertTo-AutopilotConfigurationJSON | Out-File c:\Autopilot\AutopilotConfigurationFile.json -Encoding ASCII
```
**IMPORTANT**: The file name must be named **AutopilotConfigurationFile.json** in addition to being encoded as ASCII/ANSI.
If preferred, you can save the profile to a text file and edit in Notepad. In Notepad, when you choose **Save as** you must select Save as type: **All Files** and choose ANSI from the drop-down list next to **Encoding**. See the following example.
![Notepad JSON](images/notepad.png)
After saving the file, move the file to a location suitable as an SCCM package source.
>[!IMPORTANT]
>Multiple JSON profile files can be used, but each must be named **AutopilotConfigurationFile.json** in order for OOBE to follow the Autopilot experience. The file also must be encoded as ANSI. <br><br>**Saving the file with Unicode or UTF-8 encoding or saving it with a different file name will cause Windows 10 OOBE to not follow the Autopilot experience**.<br>
### Create a package containing the JSON file
1. In Configuration Manager, navigate to **\Software Library\Overview\Application Management\Packages**
2. On the ribbon, click **Create Package**
3. In the **Create Package and Program Wizard** enter the following **Package** and **Program Type** details:<br>
- <u>Name</u>: **Autopilot for existing devices config**
- Select the **This package contains source files** checkbox
- <u>Source folder</u>: Click **Browse** and specify a UNC path containing the AutopilotConfigurationFile.json file.
- Click **OK** and then click **Next**.
- <u>Program Type</u>: **Do not create a program**
4. Click **Next** twice and then click **Close**.
**NOTE**: If you change user-driven Autopilot profile settings in Intune at a later date, you must also update the JSON file and redistribute the associated Config Mgr package.
### Create a target collection
>[!NOTE]
>You can also choose to reuse an existing collection
1. Navigate to **\Assets and Compliance\Overview\Device Collections**
2. On the ribbon, click **Create** and then click **Create Device Collection**
3. In the **Create Device Collection Wizard** enter the following **General** details:
- <u>Name</u>: **Autopilot for existing devices collection**
- Comment: (optional)
- <u>Limiting collection</u>: Click **Browse** and select **All Systems**
>[!NOTE]
>You can optionally choose to use an alternative collection for the limiting collection. The device to be upgraded must be running the ConfigMgr agent in the collection that you select.
4. Click **Next**, then enter the following **Membership Rules** details:
- Click **Add Rule** and specify either a direct or query based collection rule to add the target test Windows 7 devices to the new collection.
- For example, if the hostname of the computer to be wiped and reloaded is PC-01 and you wish to use Name as the attribute, click **Add Rule > Direct Rule > (wizard opens) > Next** and then enter **PC-01** next to **Value**. Click **Next** and then choose **PC-01** under **Resources**. See the following examples.
![Named resource1](images/pc-01a.png)
![Named resource2](images/pc-01b.png)
5. Continue creating the device collection with the default settings:
- Use incremental updates for this collection: not selected
- Schedule a full update on this collection: default
- Click **Next** twice and then click **Close**
### Create an Autopilot for existing devices Task Sequence
>[!TIP]
>The next procedure requires a boot image for Windows 10 1803 or later. Review your available boot images in the Configuration Manager conole under **Software Library\Overview\Operating Systems\Boot images** and verify that the **OS Version** is 10.0.17134.1 (Windows 10 version 1803) or later.
1. In the Configuration Manager console, navigate to **\Software Library\Overview\Operating Systems\Task Sequences**
2. On the Home ribbon, click **Create Task Sequence**
3. Select **Install an existing image package** and then click **Next**
4. In the Create Task Sequence Wizard enter the following details:
- <u>Task sequence name</u>: **Autopilot for existing devices**
- <u>Boot Image</u>: Click **Browse** and select a Windows 10 boot image (1803 or later)
- Click **Next**, and then on the Install Windows page click **Browse** and select a Windows 10 **Image package** and **Image Index**, version 1803 or later.
- Select the **Partition and format the target computer before installing the operating system** checkbox.
- Select or clear **Configure task sequence for use with Bitlocker** checkbox. This is optional.
- <u>Product Key</u> and <u>Server licensing mode</u>: Optionally enter a product key and server licencing mode.
- <u>Randomly generate the local administrator password and disable the account on all support platforms (recommended)</u>: Optional.
- <u>Enable the account and specify the local administrator password</u>: Optional.
- Click **Next**, and then on the Configure Network page choose **Join a workgroup** and specify a name (ex: workgroup) next to **Workgroup**.
>[!IMPORTANT]
>The Autopilot for existing devices task sequence will run the **Prepare Windows for capture** action which calls the System Preparation Tool (syeprep). This action will fail if the target machine is joined to a domain.
5. Click **Next** and then click **Next** again to accept the default settings on the Install Configuration Manager page.
6. On the State Migration page, enter the following details:
- Clear the **Capture user settings and files** checkbox.
- Clear the **Capture network settings** checkbox.
- Clear the **Capture Microsoft Windows settings** checkbox.
- Click **Next**.
>[!NOTE]
>The Autopilot for existing devices task sequence will result in an Azure Active Directory Domain (AAD) joined device. The User State Migration Toolkit (USMT) does not support AAD joined devices.
7. On the Include Updates page, choose one of the three available options. This selection is optional.
8. On the Install applications page, add applications if desired. This is optional.
9. Click **Next**, confirm settings, click **Next** and then click **Close**.
10. Right click on the Autopilot for existing devices task sequence and click **Edit**.
11. In the Task Sequence Editor under the **Install Operating System** group, click the **Apply Windows Settings** action.
12. Click **Add** then click **New Group**.
13. Change the group **Name** from **New Group** to **Autopilot for existing devices config**.
14. Click **Add**, point to **General**, then click **Run Command Line**.
15. Verify that the **Run Command Line** step is nested under the **Autopilot for existing devices config** group.
16. Change the **Name** to **Apply Autopilot for existing devices config file** and paste the following into the **Command line** text box, and then click **Apply**:
```
cmd.exe /c xcopy AutopilotConfigurationFile.json %OSDTargetSystemDrive%\windows\provisioning\Autopilot\ /c
```
- **AutopilotConfigurationFile.json** must be the name of the JSON file present in the Autopilot for existing devices package created earlier.
17. In the **Apply Autopilot for existing devices config file** step, select the **Package** checkbox and then click **Browse**.
18. Select the **Autopilot for existing devices config** package created earlier and click **OK**. An example is displayed at the end of this section.
19. Under the **Setup Operating System** group, click the **Setup Windows and Configuration Manager** task.
20. Click **Add** and then click **New Group**.
21. Change **Name** from **New Group** to **Prepare Device for Autopilot**
22. Verify that the **Prepare Device for Autopilot** group is the very last step in the task sequence. Use the **Move Down** button if necessary.
23. With the **Prepare device for Autopilot** group selected, click **Add**, point to **Images** and then click **Prepare ConfigMgr Client for Capture**.
24. Add a second step by clicking **Add**, pointing to **Images**, and clicking **Prepare Windows for Capture**. Use the following settings in this step:
- <u>Automatically build mass storage driver list</u>: **Not selected**
- <u>Do not reset activation flag</u>: **Not selected**
- <u>Shutdown the computer after running this action</u>: **Optional**
![Autopilot task sequence](images/ap-ts-1.png)
25. Click **OK** to close the Task Sequence Editor.
### Deploy Content to Distribution Points
Next, ensure that all content required for the task sequence is deployed to distribution points.
1. Right click on the **Autopilot for existing devices** task sequence and click **Distribute Content**.
2. Click **Next**, **Review the content to distribute** and then click **Next**.
3. On the Specify the content distribution page click **Add** to specify either a **Distribution Point** or **Distribution Point Group**.
4. On the a Add Distribution Points or Add Distribution Point Groups wizard specify content destinations that will allow the JSON file to be retrieved when the task sequence is run.
5. When you are finished specifying content distribution, click **Next** twice then click **Close**.
### Deploy the OS with Autopilot Task Sequence
1. Right click on the **Autopilot for existing devices** task sequence and then click **Deploy**.
2. In the Deploy Software Wizard enter the following **General** and **Deployment Settings** details:
- <u>Task Sequence</u>: **Autopilot for existing devices**.
- <u>Collection</u>: Click **Browse** and then select **Autopilot for existing devices collection** (or another collection you prefer).
- Click **Next** to specify **Deployment Settings**.
- <u>Action</u>: **Install**.
- <u>Purpose</u>: **Available**. You can optionally select **Required** instead of **Available**. This is not recommended during the test owing to the potential impact of inadvertent configurations.
- <u>Make available to the following</u>: **Only Configuration Manager Clients**. Note: Choose the option here that is relevant for the context of your test. If the target client does not have the Configuration Manager agent or Windows installed, you will need to select an option that includes PXE or Boot Media.
- Click **Next** to specify **Scheduling** details.
- <u>Schedule when this deployment will become available</u>: Optional
- <u>Schedule when this deployment will expire</u>: Optional
- Click **Next** to specify **User Experience** details.
- <u>Show Task Sequence progress</u>: Selected.
- <u>Software Installation</u>: Not selected.
- <u>System restart (if required to complete the installation)</u>: Not selected.
- <u>Commit changed at deadline or during a maintenance windows (requires restart)</u>: Optional.
- <u>Allow task sequence to be run for client on the Internet</u>: Optional
- Click **Next** to specify **Alerts** details.
- <u>Create a deployment alert when the threshold is higher than the following</u>: Optional.
- Click **Next** to specify **Distribution Points** details.
- <u>Deployment options</u>: **Download content locally when needed by the running task sequence**.
- <u>When no local distribution point is available use a remote distribution point</u>: Optional.
- <u>Allow clients to use distribution points from the default site boundary group</u>: Optional.
- Click **Next**, confirm settings, click **Next**, and then click **Close**.
### Complete the client installation process
1. Open the Software Center on the target Windows 7 client computer. You can do this by clicking Start and then typing **software** in the search box, or by typing the following at a Windows PowerShell or command prompt:
```
C:\Windows\CCM\SCClient.exe
```
2. In the software library, select **Autopilot for existing devices** and click **Install**. See the following example:
![Named resource2](images/sc.png)
![Named resource2](images/sc1.png)
The Task Sequence will download content, reboot, format the drives and install Windows 10. The device will then proceed to be prepared for Autopilot. Once the task sequence has completed the device will boot into OOBE and provide an Autopilot experience.
![refresh-1](images/up-1.png)
![refresh-2](images/up-2.png)
![refresh-3](images/up-3.png)
### Register the device for Windows Autopilot
Devices provisioned through Autopilot will only receive the guided OOBE Autopilot experience on first boot. There is currently no automatic registration into Windows Autopilot. Therefore, once updated to Windows 10, the device should be registered to ensure a continued Autopilot experience in the event of PC reset.
For more information, see [Adding devices to Windows Autopilot](https://docs.microsoft.com/windows/deployment/windows-autopilot/add-devices).

BIN
windows/deployment/windows-autopilot/images/esp-config.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
windows/deployment/windows-autopilot/images/mdm-config.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 39 KiB

BIN
windows/deployment/windows-autopilot/images/up-1.PNG Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 47 KiB

BIN
windows/deployment/windows-autopilot/images/up-2.PNG Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

BIN
windows/deployment/windows-autopilot/images/up-3.PNG Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

5
windows/deployment/windows-autopilot/self-deploying.md
View File

@ -9,13 +9,8 @@ ms.sitesec: library
ms.pagetype:
ms.localizationpriority: medium
author: greg-lindsay
<<<<<<< HEAD
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
# Windows Autopilot Self-Deploying mode (Preview)

4
windows/deployment/windows-autopilot/user-driven-aad.md
View File

@ -16,8 +16,4 @@ ms.date: 10/02/2018
**Applies to: Windows 10**
<<<<<<< HEAD
PLACEHOLDER. This topic is a placeholder for the AAD-specific instuctions currently in user-driven.md.
=======
Placeholder. Content coming.
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6

10
windows/deployment/windows-autopilot/user-driven.md
View File

@ -8,19 +8,11 @@ ms.localizationpriority: medium
ms.sitesec: library
ms.pagetype: deploy
author: greg-lindsay
<<<<<<< HEAD
ms.date: 10/02/2018
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
# Windows Autopilot User-Driven Mode
**Applies to: Windows 10 version 1703 and above**
Windows Autopilot user-driven mode is designed to enable new Windows 10 devices to be transformed from their initial state, directly from the factory, into a ready-to-use state without requiring that IT personnel ever touch the device. The process is designed to be simple so that anyone can complete it, enabling devices to be shipped or distributed to the end user directly with simple instructions:
- Unbox the device, plug it in, and turn it on.

8
windows/deployment/windows-autopilot/windows-autopilot-requirements-licensing.md
View File

@ -8,14 +8,10 @@ ms.localizationpriority: high
ms.sitesec: library
ms.pagetype: deploy
author: greg-lindsay
<<<<<<< HEAD
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
ms.author: greg-lindsay
ms.date: 10/02/2018
# Windows Autopilot licensing requirements

5
windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md
View File

@ -8,13 +8,8 @@ ms.localizationpriority: high
ms.sitesec: library
ms.pagetype: deploy
author: greg-lindsay
<<<<<<< HEAD
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
# Windows Autopilot networking requirements

5
windows/deployment/windows-autopilot/windows-autopilot-reset-local.md
View File

@ -9,13 +9,8 @@ ms.sitesec: library
ms.pagetype:
ms.localizationpriority: medium
author: greg-lindsay
<<<<<<< HEAD
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
# Reset devices with local Windows Autopilot Reset

5
windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md
View File

@ -9,13 +9,8 @@ ms.sitesec: library
ms.pagetype:
ms.localizationpriority: medium
author: greg-lindsay
<<<<<<< HEAD
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
# Reset devices with remote Windows Autopilot Reset (Preview)

5
windows/deployment/windows-autopilot/windows-autopilot-reset.md
View File

@ -9,13 +9,8 @@ ms.sitesec: library
ms.pagetype:
ms.localizationpriority: medium
author: greg-lindsay
<<<<<<< HEAD
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
# Windows Autopilot Reset

5
windows/deployment/windows-autopilot/windows-autopilot-scenarios.md
View File

@ -8,13 +8,8 @@ ms.localizationpriority: medium
ms.sitesec: library
ms.pagetype: deploy
author: greg-lindsay
<<<<<<< HEAD
ms.author: greg-lindsay
ms.date: 10/02/2018
=======
ms.author: greglin
ms.date: 06/01/2018
>>>>>>> 01422d156afc7ab2286b8769aee1c4c39351a5f6
---
# Windows Autopilot scenarios

2
windows/license/TOC.yml Normal file
View File

@ -0,0 +1,2 @@
- name: Index
href: index.md

3
windows/license/breadcrumb/toc.yml Normal file
View File

@ -0,0 +1,3 @@
- name: Docs
tocHref: /
topicHref: /

47
windows/license/docfx.json Normal file
View File

@ -0,0 +1,47 @@
{
"build": {
"content": [
{
"files": [
"**/*.md",
"**/*.yml"
],
"exclude": [
"**/obj/**",
"**/includes/**",
"_themes/**",
"_themes.pdf/**",
"README.md",
"LICENSE",
"LICENSE-CODE",
"ThirdPartyNotices"
]
}
],
"resource": [
{
"files": [
"**/*.png",
"**/*.jpg"
],
"exclude": [
"**/obj/**",
"**/includes/**",
"_themes/**",
"_themes.pdf/**"
]
}
],
"overwrite": [],
"externalReference": [],
"globalMetadata": {
"breadcrumb_path": "/license/breadcrumb/toc.json",
"extendBreadcrumb": true,
"feedback_system": "None"
},
"fileMetadata": {},
"template": [],
"dest": "license",
"markdownEngineName": "markdig"
}
}

1
windows/license/index.md Normal file
View File

@ -0,0 +1 @@
# Welcome to license!

2
windows/privacy/windows-personal-data-services-configuration.md
View File

@ -193,7 +193,7 @@ The following settings determine whether fixed and removable drives are protecte
>| | |
>|:-|:-|
>| **MDM CSP** | BitLocker |
>| **Policy** | RemovableDrivesRequireEncryption |
>| **Policy** | FixedDrivesRequireEncryption |
>| **Default setting** | Disabled |
>| **Recommended** | Enabled (see [instructions](/windows/client-management/mdm/bitlocker-csp#fixeddrivesrequireencryption)) |

5
windows/security/threat-protection/TOC.md
View File

@ -17,7 +17,10 @@
#### [Endpoint detection and response](windows-defender-atp/overview-endpoint-detection-response.md)
##### [Security operations dashboard](windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md)
##### [Incidents queue](windows-defender-atp/incidents-queue.md)
###### [View and organize the Incidents queue](windows-defender-atp/view-incidents-queue.md)
###### [Manage incidents](windows-defender-atp/manage-incidents-windows-defender-advanced-threat-protection.md)
###### [Investigate incidents](windows-defender-atp/investigate-incidents-windows-defender-advanced-threat-protection.md)
##### Alerts queue

12
windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md
View File

@ -7,7 +7,7 @@ ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: tedhardyMSFT
ms.date: 10/18/2018
ms.date: 10/22/2018
---
# How to get a list of XML data name elements in EventData
@ -85,9 +85,9 @@ PS C:\WINDOWS\system32> $SecEvents.events[100].Template
## Mapping data name elements to the names in an event description
You can use the <Template> and <Description> to map the data name elements that appear in XML view to the names that appear in the event description.
You can use the &lt;Template&gt; and &lt;Description&gt; to map the data name elements that appear in XML view to the names that appear in the event description.
The <Description> is just the format string (if youre used to Console.Writeline or sprintf statements) and the <Template> is the source of the input parameters for the <Description>.
The &lt;Description&gt; is just the format string (if youre used to Console.Writeline or sprintf statements) and the &lt;Template&gt; is the source of the input parameters for the &lt;Description&gt;.
Using Security event 4734 as an example:
@ -121,9 +121,9 @@ Description : A security-enabled local group was deleted.
```
For the "Subject: Security Id:" text element, it will use the fourth element in the Template, "SubjectUserSid".
For the **Subject: Security Id:** text element, it will use the fourth element in the Template, **SubjectUserSid**.
For "Additional Information Privileges:", it would use the eighth element "PrivelegeList".
For **Additional Information Privileges:**, it would use the eighth element **PrivilegeList**.
A caveat to this is an oft-overlooked property of events called Version (in the <SYSTEM> element) that indicates the revision of the event schema and description. Most events have 1 version (all events have Version =0 like the Security/4734 example) but a few events like Security/4624 or Security/4688 have at least 3 versions (versions 0, 1, 2) depending on the OS version where the event is generated. Only the latest version is used for generating events in the Security log. In any case, the Event Version where the Template is taken from should use the same Event Version for the Description.
A caveat to this is an oft-overlooked property of events called Version (in the &lt;SYSTEM&gt; element) that indicates the revision of the event schema and description. Most events have 1 version (all events have Version =0 like the Security/4734 example) but a few events like Security/4624 or Security/4688 have at least 3 versions (versions 0, 1, 2) depending on the OS version where the event is generated. Only the latest version is used for generating events in the Security log. In any case, the Event Version where the Template is taken from should use the same Event Version for the Description.

4
windows/security/threat-protection/windows-defender-atp/TOC.md
View File

@ -17,6 +17,10 @@
#### [Incidents queue](incidents-queue.md)
##### [View and organize the Incidents queue](view-incidents-queue.md)
##### [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md)
##### [Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md)
#### Alerts queue

1
windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Configure advanced features in Windows Defender ATP
description: Turn on advanced features such as block file in Windows Defender Advanced Threat Protection.
keywords: advanced features, settings, block file, automated investigation, auto-resolve, skype, azure atp, office 365, azure information protection, intune
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Advanced hunting best practices in Windows Defender ATP
description: Learn about Advanced hunting best practices such as what filters and keywords to use to effectively query data.
keywords: advanced hunting, best practices, keyword, filters, atp query, query atp data, intellisense, atp telemetry, events, events telemetry, azure log analytics
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Advanced hunting reference in Windows Defender ATP
description: Learn about Advanced hunting table reference such as column name, data type, and description
keywords: advanced hunting, atp query, query atp data, intellisense, atp telemetry, events, events telemetry, azure log analytics, column name, data type, description
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Query data using Advanced hunting in Windows Defender ATP
description: Learn about Advanced hunting in Windows Defender ATP and how to query ATP data.
keywords: advanced hunting, atp query, query atp data, intellisense, atp telemetry, events, events telemetry, azure log analytics
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/alerts-queue-endpoint-detection-response.md
View File

@ -3,6 +3,7 @@ title: Alerts queue in Windows Defender Security Center
description: View and manage the alerts surfaced in Windows Defender Security Center
keywords:
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: View and organize the Windows Defender ATP Alerts queue
description: Learn about how the Windows Defender ATP alerts queues work, and how to sort and filter lists of alerts.
keywords: alerts, queues, alerts queue, sort, order, filter, manage alerts, new, in progress, resolved, newest, time in queue, severity, time period
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Windows Defender ATP alert API fields
description: Understand how the alert API fields map to the values in Windows Defender Security Center
keywords: alerts, alert fields, fields, api, fields, pull alerts, rest api, request, response
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/assign-portal-access-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Assign user access to Windows Defender Security Center
description: Assign read and write or read only access to the Windows Defender Advanced Threat Protection portal.
keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/attack-simulations-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Experience Windows Defender ATP through simulated attacks
description: Run the provided attack scenario simulations to experience how Windows Defender ATP can detect, investigate, and respond to breaches.
keywords: wdatp, test, scenario, attack, simulation, simulated, diy, windows defender advanced threat protection
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Use Automated investigations to investigate and remediate threats
description: View the list of automated investigations, its status, detection source and other details.
keywords: automated, investigation, detection, source, threat types, id, tags, machines, duration, filter export
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/basic-permissions-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Use basic permissions to access Windows Defender Security Center
description: Assign read and write or read only access to the Windows Defender Advanced Threat Protection portal.
keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Block file API
description: Use this API to blocking files from being running in the organization.
keywords: apis, graph api, supported apis, block file
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Check the health state of the sensor in Windows Defender ATP
description: Check the sensor health on machines to identify which ones are misconfigured, inactive, or are not reporting sensor data.
keywords: sensor, sensor health, misconfigured, inactive, no sensor data, sensor data, impaired communications, communication
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Collect investigation package API
description: Use this API to create calls related to the collecting an investigation package from a machine.
keywords: apis, graph api, supported apis, collect investigation package
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Access the Windows Defender ATP Community Center
description: Access the Windows Defender ATP Community Center to share experiences, engange, and learn about the product.
keywords: community, community center, tech community, conversation, announcements
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Enable conditional access to better protect users, devices, and data
description: Enable conditional access to prevent applications from running if a device is considered at risk and an application is determined to be non-compliant.
keywords: conditional access, block applications, security level, intune,
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-arcsight-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Configure HP ArcSight to pull Windows Defender ATP alerts
description: Configure HP ArcSight to receive and pull alerts from Windows Defender Security Center
keywords: configure hp arcsight, security information and events management tools, arcsight
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-attack-surface-reduction.md
View File

@ -3,6 +3,7 @@ title:
description:
keywords:
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-conditional-access-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Configure conditional access in Windows Defender ATP
description:
keywords:
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Configure alert notifications in Windows Defender ATP
description: Send email notifications to specified recipients to receive new alerts based on severity with Windows Defender ATP on Windows 10 Enterprise, Pro, and Education editions.
keywords: email notifications, configure alert notifications, windows defender atp notifications, windows defender atp alerts, windows 10 enterprise, windows 10 education
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard Windows 10 machines using Group Policy to Windows Defender ATP
description: Use Group Policy to deploy the configuration package on Windows 10 machines so that they are onboarded to the service.
keywords: configure machines using group policy, machine management, configure Windows ATP machines, onboard Windows Defender Advanced Threat Protection machines, group policy
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard Windows 10 machines using Mobile Device Management tools
description: Use Mobile Device Management tools to deploy the configuration package on machines so that they are onboarded to the service.
keywords: onboard machines using mdm, machine management, onboard Windows ATP machines, onboard Windows Defender Advanced Threat Protection machines, mdm
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard non-Windows machines to the Windows Defender ATP service
description: Configure non-Winodws machines so that they can send sensor data to the Windows Defender ATP service.
keywords: onboard non-Windows machines, macos, linux, machine management, configure Windows ATP machines, configure Windows Defender Advanced Threat Protection machines
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard Windows 10 machines using System Center Configuration Manager
description: Use System Center Configuration Manager to deploy the configuration package on machines so that they are onboarded to the service.
keywords: onboard machines using sccm, machine management, configure Windows ATP machines, configure Windows Defender Advanced Threat Protection machines, sccm
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard Windows 10 machines using a local script
description: Use a local script to deploy the configuration package on machines so that they are onboarded to the service.
keywords: configure machines using a local script, machine management, configure Windows ATP machines, configure Windows Defender Advanced Threat Protection machines
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard non-persistent virtual desktop infrastructure (VDI) machines
description: Deploy the configuration package on virtual desktop infrastructure (VDI) machine so that they are onboarded to Windows Defender ATP the service.
keywords: configure virtual desktop infrastructure (VDI) machine, vdi, machine management, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard Windows 10 machines on Windows Defender ATP
description: Onboard Windows 10 machines so that they can send sensor data to the Windows Defender ATP sensor
keywords: Onboard Windows 10 machines, group policy, system center configuration manager, mobile device management, local script, gp, sccm, mdm, intune
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-mssp-support-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Configure managed security service provider support
description: Take the necessary steps to configure the MSSP integration with Windows Defender ATP
keywords: managed security service provider, mssp, configure, integration
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Configure machine proxy and Internet connection settings
description: Configure the Windows Defender ATP proxy and internet settings to enable communication with the cloud service.
keywords: configure, proxy, internet, internet connectivity, settings, proxy settings, netsh, winhttp, proxy server
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Onboard servers to the Windows Defender ATP service
description: Onboard servers so that they can send sensor data to the Windows Defender ATP sensor.
keywords: onboard server, server, 2012r2, 2016, 2019, server onboarding, machine management, configure Windows ATP servers, onboard Windows Defender Advanced Threat Protection servers
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Pull alerts to your SIEM tools from Windows Defender Advanced Threat Prot
description: Learn how to use REST API and configure supported security information and events management tools to receive and pull alerts.
keywords: configure siem, security information and events management tools, splunk, arcsight, custom indicators, rest api, alert definitions, indicators of compromise
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Configure Splunk to pull Windows Defender ATP alerts
description: Configure Splunk to receive and pull alerts from Windows Defender Security Center.
keywords: configure splunk, security information and events management tools, splunk
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md
View File

@ -3,6 +3,7 @@ title: Create custom detection rules in Windows Defender ATP
description: Learn how to create custom detections rules based on advanced hunting queries
keywords: create custom detections, detections, advanced hunting, hunt, detect, query
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Create custom alerts using the threat intelligence API
description: Create your custom alert definitions and indicators of compromise in Windows Defender ATP using the available APIs in Windows Enterprise, Education, and Pro editions.
keywords: alert definitions, indicators of compromise, threat intelligence, custom threat intelligence, rest api, api
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Update data retention settings for Windows Defender Advanced Threat Prote
description: Update data retention settings by selecting between 30 days to 180 days.
keywords: data, storage, settings, retention, update
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/data-storage-privacy-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Windows Defender ATP data storage and privacy
description: Learn about how Windows Defender ATP handles privacy and data that it collects.
keywords: Windows Defender ATP data storage and privacy, storage, privacy, licensing, geolocation, data retention, data
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Windows Defender Antivirus compatibility with Windows Defender ATP
description: Learn about how Windows Defender works with Windows Defender ATP and how it functions when a third-party antimalware client is used.
keywords: windows defender compatibility, defender, windows defender atp
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/enable-custom-ti-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Enable the custom threat intelligence API in Windows Defender ATP
description: Learn how to setup the custom threat intelligence application in Windows Defender ATP to create custom threat intelligence (TI).
keywords: enable custom threat intelligence application, custom ti application, application name, client id, authorization url, resource, client secret, access tokens
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/enable-secure-score-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Enable Secure Score in Windows Defender ATP
description: Set the baselines for calculating the score of Windows Defender security controls on the Secure Score dashboard.
keywords: enable secure score, baseline, calculation, analytics, score, secure score dashboard, dashboard
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Enable SIEM integration in Windows Defender ATP
description: Enable SIEM integration to receive alerts in your security information and event management (SIEM) solution.
keywords: enable siem connector, siem, connector, security information and events
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/evaluate-atp.md
View File

@ -3,6 +3,7 @@ title: Evaluate Windows Defender Advanced Threat Protection
description:
keywords:
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Review events and errors using Event Viewer
description: Get descriptions and further troubleshooting steps (if required) for all events reported by the Windows Defender ATP service.
keywords: troubleshoot, event viewer, log summary, failure code, failed, Windows Defender Advanced Threat Protection service, cannot start, broken, can't start
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/experiment-custom-ti-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Experiment with custom threat intelligence alerts
description: Use this end-to-end guide to start using the Windows Defender ATP threat intelligence API.
keywords: alert definitions, indicators of compromise, threat intelligence, custom threat intelligence, rest api, api
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/exposed-apis-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Use the Windows Defender Advanced Threat Protection exposed APIs
description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph.
keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Find machine information by internal IP API
description: Use this API to create calls related to finding a machine entry around a specific timestamp by internal IP.
keywords: ip, apis, graph api, supported apis, find machine, machine information
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Fix unhealthy sensors in Windows Defender ATP
description: Fix machine sensors that are reporting as misconfigured or inactive so that the service receives data from the machine.
keywords: misconfigured, inactive, fix sensor, sensor health, no sensor data, sensor data, impaired communications, communication
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get actor information API
description: Retrieves an actor information report.
keywords: apis, graph api, supported apis, get, actor, information
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get actor related alerts API
description: Retrieves all alerts related to a given actor.
keywords: apis, graph api, supported apis, get, actor, related, alerts
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alert information by ID API
description: Retrieves an alert by its ID.
keywords: apis, graph api, supported apis, get, alert, information, id
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alert related actor information API
description: Retrieves the actor information related to the specific alert.
keywords: apis, graph api, supported apis, get, alert, actor, information, related
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alert related domain information
description: Retrieves all domains related to a specific alert.
keywords: apis, graph api, supported apis, get alert information, alert information, related domain
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alert related files information
description: Retrieves all files related to a specific alert.
keywords: apis, graph api, supported apis, get alert information, alert information, related files
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alert related IP information
description: Retrieves all IPs related to a specific alert.
keywords: apis, graph api, supported apis, get alert information, alert information, related ip
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alert related machine information
description: Retrieves all machines related to a specific alert.
keywords: apis, graph api, supported apis, get alert information, alert information, related machine
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alert related user information
description: Retrieves the user associated to a specific alert.
keywords: apis, graph api, supported apis, get, alert, information, related, user
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get alerts API
description: Retrieves top recent alerts.
keywords: apis, graph api, supported apis, get, alerts, recent
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-cvekbmap-collection-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get CVE-KB map API
description: Retrieves a map of CVE's to KB's.
keywords: apis, graph api, supported apis, get, cve, kb
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get domain related alerts API
description: Retrieves a collection of alerts related to a given domain address.
keywords: apis, graph api, supported apis, get, domain, related, alerts
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get domain related machines API
description: Retrieves a collection of machines related to a given domain address.
keywords: apis, graph api, supported apis, get, domain, related, machines
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

1
windows/security/threat-protection/windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection.md
View File

@ -3,6 +3,7 @@ title: Get domain statistics API
description: Retrieves the prevalence for the given domain.
keywords: apis, graph api, supported apis, get, domain, domain related machines
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library

Some files were not shown because too many files have changed in this diff Show More