diff --git a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md index e2ed065b74..55dcc71e05 100644 --- a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md +++ b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md @@ -1,5 +1,5 @@ --- -title: How to Allow Only Administrators to Enable Connection Groups (Windows 10) +title: Only Allow Admins to Enable Connection Groups (Windows 10) description: How to Allow Only Administrators to Enable Connection Groups author: dansimp ms.pagetype: mdop, appcompat, virtualization diff --git a/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md b/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md index b6d62b3219..5ba6786e15 100644 --- a/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md +++ b/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md @@ -1,5 +1,5 @@ --- -title: How to apply the deployment configuration file by using Windows PowerShell (Windows 10) +title: Apply deployment config file via Windows PowerShell (Windows 10) description: How to apply the deployment configuration file by using Windows PowerShell for Windows 10. author: dansimp ms.pagetype: mdop, appcompat, virtualization diff --git a/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md b/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md index 6e88aa4a89..3acd5f85db 100644 --- a/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md +++ b/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md @@ -1,5 +1,5 @@ --- -title: Automatically clean up unpublished packages on the App-V client (Windows 10) +title: Auto-remove unpublished packages on App-V client (Windows 10) description: How to automatically clean up any unpublished packages on your App-V client devices. author: dansimp ms.pagetype: mdop, appcompat, virtualization diff --git a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md index 87ee2f267a..7209027bb8 100644 --- a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md +++ b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md @@ -1,5 +1,5 @@ --- -title: How to Install the Publishing Server on a Remote Computer (Windows 10) +title: Install the Publishing Server on a Remote Computer (Windows 10) description: How to Install the App-V Publishing Server on a Remote Computer author: lomayor ms.pagetype: mdop, appcompat, virtualization diff --git a/windows/client-management/mdm/implement-server-side-mobile-application-management.md b/windows/client-management/mdm/implement-server-side-mobile-application-management.md index a3dc006fc8..bc80bbff44 100644 --- a/windows/client-management/mdm/implement-server-side-mobile-application-management.md +++ b/windows/client-management/mdm/implement-server-side-mobile-application-management.md @@ -1,5 +1,5 @@ --- -title: Implement server-side support for mobile application management on Windows +title: Provide server-side support for mobile app management on Windows description: The Windows version of mobile application management (MAM) is a lightweight solution for managing company data access and security on personal devices. MAM support is built into Windows on top of Windows Information Protection (WIP). ms.author: dansimp ms.topic: article diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md index 27b46491dc..3acffc551f 100644 --- a/windows/client-management/troubleshoot-inaccessible-boot-device.md +++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md @@ -1,5 +1,5 @@ --- -title: Advanced troubleshooting for Stop error 7B or Inaccessible_Boot_Device +title: Advanced advice for Stop error 7B, Inaccessible_Boot_Device description: Learn how to troubleshoot Stop error 7B or Inaccessible_Boot_Device ms.prod: w10 ms.mktglfcycl: diff --git a/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md b/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md index 8c6f2186a3..0122fb2eb7 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md @@ -1,5 +1,5 @@ --- -title: Use Group Policy and mobile device management (MDM) settings to configure Cortana in your organization (Windows 10) +title: Configure Cortana with Group Policy and MDM settings (Windows 10) description: The list of Group Policy and mobile device management (MDM) policy settings that apply to Cortana at work. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md index a1dfe7d5c0..a7b6e72c12 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md @@ -1,5 +1,5 @@ --- -title: Test scenario 1 - Sign-in to Azure AD and use Cortana to manage the notebook (Windows 10) +title: Sign-in to Azure AD and manage notebook with Cortana (Windows 10) description: A test scenario walking you through signing in and managing the notebook. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md index 70a280cb22..c58d165771 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md @@ -1,5 +1,5 @@ --- -title: Test scenario 2 - Perform a quick search with Cortana at work (Windows 10) +title: Perform a quick search with Cortana at work (Windows 10) description: A test scenario about how to perform a quick search with Cortana at work. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md index e82abbd92a..d072cdb5fa 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md @@ -1,5 +1,5 @@ --- -title: Test scenario 3 - Set a reminder for a specific location using Cortana at work (Windows 10) +title: Set a reminder for a location with Cortana at work (Windows 10) description: A test scenario about how to set a location-based reminder using Cortana at work. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md index 3283f2d1ad..4ea208fcfd 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md @@ -1,5 +1,5 @@ --- -title: Test scenario 4 - Use Cortana at work to find your upcoming meetings (Windows 10) +title: Use Cortana at work to find your upcoming meetings (Windows 10) description: A test scenario about how to use Cortana at work to find your upcoming meetings. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md index 7fe284c023..f5efc05577 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md @@ -1,5 +1,5 @@ --- -title: Test scenario 5 - Use Cortana to send email to a co-worker (Windows 10) +title: Use Cortana to send email to a co-worker (Windows 10) description: A test scenario about how to use Cortana at work to send email to a co-worker. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md index 7d96f06030..f5ffb003b7 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md @@ -1,5 +1,5 @@ --- -title: Test scenario 6 - Review a reminder suggested by Cortana based on what you’ve promised in email (Windows 10) +title: Review a reminder suggested by Cortana (Windows 10) description: A test scenario about how to use Cortana with the Suggested reminders feature. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md index 01f326616c..a00867e25b 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md @@ -1,5 +1,5 @@ --- -title: Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organization’s data on a device (Windows 10) +title: Help protect data with Cortana and WIP (Windows 10) description: An optional test scenario about how to use Cortana at work with Windows Information Protection (WIP). ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/customize-windows-10-start-screens-by-using-mobile-device-management.md b/windows/configuration/customize-windows-10-start-screens-by-using-mobile-device-management.md index bda947c233..047006fce2 100644 --- a/windows/configuration/customize-windows-10-start-screens-by-using-mobile-device-management.md +++ b/windows/configuration/customize-windows-10-start-screens-by-using-mobile-device-management.md @@ -1,5 +1,5 @@ --- -title: Customize Windows 10 Start and taskbar with mobile device management (MDM) (Windows 10) +title: Alter Windows 10 Start and taskbar via mobile device management description: In Windows 10, you can use a mobile device management (MDM) policy to deploy a customized Start and tasbkar layout to users. ms.assetid: F487850D-8950-41FB-9B06-64240127C1E4 ms.reviewer: diff --git a/windows/configuration/mobile-devices/provisioning-configure-mobile.md b/windows/configuration/mobile-devices/provisioning-configure-mobile.md index dabf9951dc..afb1fa0310 100644 --- a/windows/configuration/mobile-devices/provisioning-configure-mobile.md +++ b/windows/configuration/mobile-devices/provisioning-configure-mobile.md @@ -1,6 +1,6 @@ --- -title: Use Windows Configuration Designer to configure Windows 10 Mobile devices (Windows 10) -description: +title: Configure Windows 10 Mobile devices with Configuration Designer +description: Use Windows Configuration Designer to configure Windows 10 Mobile devices keywords: phone, handheld, lockdown, customize ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/mobile-devices/settings-that-can-be-locked-down.md b/windows/configuration/mobile-devices/settings-that-can-be-locked-down.md index 4ea4c7f814..f1d9a178fc 100644 --- a/windows/configuration/mobile-devices/settings-that-can-be-locked-down.md +++ b/windows/configuration/mobile-devices/settings-that-can-be-locked-down.md @@ -1,5 +1,5 @@ --- -title: Settings and quick actions that can be locked down in Windows 10 Mobile (Windows 10) +title: Lock down settings and quick actions in Windows 10 Mobile description: This topic lists the settings and quick actions that can be locked down in Windows 10 Mobile. ms.assetid: 69E2F202-D32B-4FAC-A83D-C3051DF02185 ms.reviewer: diff --git a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md index 107e1b4b1c..be16f1f393 100644 --- a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md +++ b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md @@ -1,5 +1,5 @@ --- -title: Introduction to configuration service providers (CSPs) for IT pros (Windows 10) +title: Intro to configuration service providers for IT pros (Windows 10) description: Configuration service providers (CSPs) expose device configuration settings in Windows 10. ms.assetid: 25C1FDCA-0E10-42A1-A368-984FFDB2B7B6 ms.reviewer: diff --git a/windows/configuration/provisioning-packages/provisioning-uninstall-package.md b/windows/configuration/provisioning-packages/provisioning-uninstall-package.md index e8ebc96787..8e974645d5 100644 --- a/windows/configuration/provisioning-packages/provisioning-uninstall-package.md +++ b/windows/configuration/provisioning-packages/provisioning-uninstall-package.md @@ -1,5 +1,5 @@ --- -title: Settings changed when you uninstall a provisioning package (Windows 10) +title: Uninstall a provisioning package - reverted settings (Windows 10) description: This topic lists the settings that are reverted when you uninstall a provisioning package. ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md b/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md index 191b74f140..3fe4ab887a 100644 --- a/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md +++ b/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md @@ -1,5 +1,5 @@ --- -title: Managing the UE-V Service and Packages with Windows PowerShell and WMI +title: Manage UE-V Service and Packages with Windows PowerShell and WMI description: Managing the UE-V service and packages with Windows PowerShell and WMI author: dansimp ms.pagetype: mdop, virtualization diff --git a/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md b/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md index a89f01eda9..692b7306a7 100644 --- a/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md +++ b/windows/deployment/deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md @@ -1,190 +1,191 @@ ---- -title: Create a task sequence with Configuration Manager and MDT (Windows 10) -description: In this topic, you will learn how to create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard. -ms.assetid: 0b069bec-5be8-47c6-bf64-7a630f41ac98 -ms.reviewer: -manager: laurawi -ms.author: greglin -keywords: deploy, upgrade, task sequence, install -ms.prod: w10 -ms.mktglfcycl: deploy -ms.localizationpriority: medium -ms.pagetype: mdt -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# Create a task sequence with Configuration Manager and MDT - - -**Applies to** - -- Windows 10 - -In this topic, you will learn how to create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard. Creating task sequences in System Center 2012 R2 Configuration Manager requires many more steps than creating task sequences for MDT Lite Touch installation. Luckily, the MDT wizard helps you through the process and also guides you through creating the needed packages. - -For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard, both of which are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md). - -## Create a task sequence using the MDT Integration Wizard - - -This section walks you through the process of creating a System Center 2012 R2 Configuration Manager task sequence for production use. - -1. On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**. - -2. On the **Choose Template** page, select the **Client Task Sequence** template and click **Next**. - -3. On the **General** page, assign the following settings and then click **Next**: - - * Task sequence name: Windows 10 Enterprise x64 RTM - - * Task sequence comments: Production image with Office 2013 - -4. On the **Details** page, assign the following settings and then click **Next**: - - * Join a Domain - - * Domain: contoso.com - - * Account: CONTOSO\\CM\_JD - - * Password: Passw0rd! - - * Windows Settings - - * User name: Contoso - - * Organization name: Contoso - - * Product key: <blank> - -5. On the **Capture Settings** page, accept the default settings, and click **Next**. - -6. On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then click **Next**. - -7. On the **MDT Package** page, select **Create a new Microsoft Deployment Toolkit Files package**, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\MDT\\MDT**. Then click **Next**. - -8. On the **MDT Details** page, assign the name **MDT** and click **Next**. - -9. On the **OS Image** page, browse and select the **Windows 10 Enterprise x64 RTM** package. Then click **Next**. - -10. On the **Deployment Method** page, accept the default settings and click **Next**. - -11. On the **Client Package** page, browse and select the **OSD / Configuration Manager Client** package. Then click **Next**. - -12. On the **USMT Package** page, browse and select **the OSD / Microsoft Corporation User State Migration Tool for Windows 8 10.0.10240.16384** package. Then click **Next**. - -13. On the **Settings Package** page, select the **Create a new settings package** option, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Settings\\Windows 10 x64 Settings**. Then click **Next**. - -14. On the **Settings Details** page, assign the name **Windows 10 x64 Settings** and click **Next**. - -15. On the **Sysprep Package** page, click **Next** twice. - -16. On the **Confirmation** page, click **Finish**. - -## Edit the task sequence - - -After you create the task sequence, we recommend that you configure the task sequence for an optimal deployment experience. The configurations include enabling support for Unified Extensible Firmware Interface (UEFI), dynamic organizational unit (OU) allocation, computer replace scenarios, and more. - -1. On CM01, using the Configuration Manager Console, select **Task Sequences**, right-click **Windows 10 Enterprise x64 RTM** task sequence, and select **Edit**. - -2. In the **Install** group, select the **Set Variable for Drive Letter** action and configure the following: - - * OSDPreserveDriveLetter: True - - >[!NOTE] - >If you don't change this value, your Windows installation will end up in E:\\Windows. - -3. In the **Post Install** group, select **Apply Network Settings**, and configure the Domain OU value to use the **Contoso / Workstations** OU (browse for values). - -4. In the **Post Install** group, disable the **Auto Apply Drivers** action. (Disabling is done by selecting the action and, in the **Options** tab, selecting the **Disable this step** check box.) - -5. After the disabled **Post Install / Auto Apply Drivers** action, add a new group name: **Drivers**. - -6. After the **Post Install / Drivers** group, add an **Apply Driver Package** action with the following settings: - - * Name: HP EliteBook 8560w - - * Driver Package: Windows 10 x64 - HP EliteBook 8560w - - * Options: Task Sequence Variable: Model equals HP EliteBook 8560w - - >[!NOTE] - >You also can add a Query WMI condition with the following query: SELECT \* FROM Win32\_ComputerSystem WHERE Model LIKE '%HP EliteBook 8560w%' - - ![Driver package options](../images/fig27-driverpackage.png "Driver package options") - - *Figure 24. The driver package options* - -7. In the **State Restore / Install Applications** group, select the **Install Application** action. - -8. Select the **Install the following applications** option, and add the OSD / Adobe Reader XI - OSD Install application to the list. - - ![Add an application to the task sequence](../images/fig28-addapp.png "Add an application to the task sequence") - - *Figure 25. Add an application to the Configuration Manager task sequence* - -9. In the **State Restore** group, after the **Set Status 5** action, add a **Request State Store** action with the following settings: - - * Restore state from another computer - - * If computer account fails to connect to state store, use the Network Access account - - * Options: Continue on error - - * Options / Condition: - - * Task Sequence Variable - - * USMTLOCAL not equals True - -10. In the **State Restore** group, after the **Restore User State** action, add a **Release State Store** action with the following settings: - - * Options: Continue on error - - * Options / Condition: - - * Task Sequence Variable - - * USMTLOCAL not equals True - -11. Click **OK**. - ->[!NOTE] ->The Request State Store and Release State Store actions need to be added for common computer replace scenarios. - - - -## Move the packages - - -While creating the task sequence with the MDT wizard, a few operating system deployment packages were created. To move these packages to the OSD folder, take the following steps. - -1. On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Application Management**, and then select **Packages**. - -2. Select the **MDT** and **Windows 10 x64 Settings** packages, right-click and select **Move**. - -3. In the **Move Selected Items** dialog box, select the **OSD** folder, and click **OK**. - -## Related topics - - -[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md) - -[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](../deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) - -[Create a custom Windows PE boot image with Configuration Manager](../deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md) - -[Add a Windows 10 operating system image using Configuration Manager](../deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md) - -[Create an application to deploy with Windows 10 using Configuration Manager](../deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md) - -[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](../deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md) - -[Deploy Windows 10 using PXE and Configuration Manager](../deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md) - -[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](../deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md) - -[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](../deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) +--- +title: Create a task sequence with Configuration Manager (Windows 10) +description: In this topic, you will learn how to create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard. +ms.assetid: 0b069bec-5be8-47c6-bf64-7a630f41ac98 +ms.reviewer: +manager: laurawi +ms.author: greglin +keywords: deploy, upgrade, task sequence, install +ms.prod: w10 +ms.mktglfcycl: deploy +ms.localizationpriority: medium +ms.pagetype: mdt +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Create a task sequence with Configuration Manager and MDT + + +**Applies to** + +- Windows 10 + +In this topic, you will learn how to create a Microsoft System Center 2012 R2 Configuration Manager task sequence with Microsoft Deployment Toolkit (MDT) integration using the MDT wizard. Creating task sequences in System Center 2012 R2 Configuration Manager requires many more steps than creating task sequences for MDT Lite Touch installation. Luckily, the MDT wizard helps you through the process and also guides you through creating the needed packages. + +For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard, both of which are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md). + +## Create a task sequence using the MDT Integration Wizard + + +This section walks you through the process of creating a System Center 2012 R2 Configuration Manager task sequence for production use. + +1. On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create MDT Task Sequence**. + +2. On the **Choose Template** page, select the **Client Task Sequence** template and click **Next**. + +3. On the **General** page, assign the following settings and then click **Next**: + + * Task sequence name: Windows 10 Enterprise x64 RTM + + * Task sequence comments: Production image with Office 2013 + +4. On the **Details** page, assign the following settings and then click **Next**: + + * Join a Domain + + * Domain: contoso.com + + * Account: CONTOSO\\CM\_JD + + * Password: Passw0rd! + + * Windows Settings + + * User name: Contoso + + * Organization name: Contoso + + * Product key: <blank> + +5. On the **Capture Settings** page, accept the default settings, and click **Next**. + +6. On the **Boot Image** page, browse and select the **Zero Touch WinPE x64** boot image package. Then click **Next**. + +7. On the **MDT Package** page, select **Create a new Microsoft Deployment Toolkit Files package**, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\MDT\\MDT**. Then click **Next**. + +8. On the **MDT Details** page, assign the name **MDT** and click **Next**. + +9. On the **OS Image** page, browse and select the **Windows 10 Enterprise x64 RTM** package. Then click **Next**. + +10. On the **Deployment Method** page, accept the default settings and click **Next**. + +11. On the **Client Package** page, browse and select the **OSD / Configuration Manager Client** package. Then click **Next**. + +12. On the **USMT Package** page, browse and select **the OSD / Microsoft Corporation User State Migration Tool for Windows 8 10.0.10240.16384** package. Then click **Next**. + +13. On the **Settings Package** page, select the **Create a new settings package** option, and in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Settings\\Windows 10 x64 Settings**. Then click **Next**. + +14. On the **Settings Details** page, assign the name **Windows 10 x64 Settings** and click **Next**. + +15. On the **Sysprep Package** page, click **Next** twice. + +16. On the **Confirmation** page, click **Finish**. + +## Edit the task sequence + + +After you create the task sequence, we recommend that you configure the task sequence for an optimal deployment experience. The configurations include enabling support for Unified Extensible Firmware Interface (UEFI), dynamic organizational unit (OU) allocation, computer replace scenarios, and more. + +1. On CM01, using the Configuration Manager Console, select **Task Sequences**, right-click **Windows 10 Enterprise x64 RTM** task sequence, and select **Edit**. + +2. In the **Install** group, select the **Set Variable for Drive Letter** action and configure the following: + + * OSDPreserveDriveLetter: True + + >[!NOTE] + >If you don't change this value, your Windows installation will end up in E:\\Windows. + +3. In the **Post Install** group, select **Apply Network Settings**, and configure the Domain OU value to use the **Contoso / Workstations** OU (browse for values). + +4. In the **Post Install** group, disable the **Auto Apply Drivers** action. (Disabling is done by selecting the action and, in the **Options** tab, selecting the **Disable this step** check box.) + +5. After the disabled **Post Install / Auto Apply Drivers** action, add a new group name: **Drivers**. + +6. After the **Post Install / Drivers** group, add an **Apply Driver Package** action with the following settings: + + * Name: HP EliteBook 8560w + + * Driver Package: Windows 10 x64 - HP EliteBook 8560w + + * Options: Task Sequence Variable: Model equals HP EliteBook 8560w + + >[!NOTE] + >You also can add a Query WMI condition with the following query: SELECT \* FROM Win32\_ComputerSystem WHERE Model LIKE '%HP EliteBook 8560w%' + + ![Driver package options](../images/fig27-driverpackage.png "Driver package options") + + *Figure 24. The driver package options* + +7. In the **State Restore / Install Applications** group, select the **Install Application** action. + +8. Select the **Install the following applications** option, and add the OSD / Adobe Reader XI - OSD Install application to the list. + + ![Add an application to the task sequence](../images/fig28-addapp.png "Add an application to the task sequence") + + *Figure 25. Add an application to the Configuration Manager task sequence* + +9. In the **State Restore** group, after the **Set Status 5** action, add a **Request State Store** action with the following settings: + + * Restore state from another computer + + * If computer account fails to connect to state store, use the Network Access account + + * Options: Continue on error + + * Options / Condition: + + * Task Sequence Variable + + * USMTLOCAL not equals True + +10. In the **State Restore** group, after the **Restore User State** action, add a **Release State Store** action with the following settings: + + * Options: Continue on error + + * Options / Condition: + + * Task Sequence Variable + + * USMTLOCAL not equals True + +11. Click **OK**. + +>[!NOTE] +>The Request State Store and Release State Store actions need to be added for common computer replace scenarios. + + + +## Move the packages + + +While creating the task sequence with the MDT wizard, a few operating system deployment packages were created. To move these packages to the OSD folder, take the following steps. + +1. On CM01, using the Configuration Manager Console, in the Software Library workspace, expand **Application Management**, and then select **Packages**. + +2. Select the **MDT** and **Windows 10 x64 Settings** packages, right-click and select **Move**. + +3. In the **Move Selected Items** dialog box, select the **OSD** folder, and click **OK**. + +## Related topics + + +[Integrate Configuration Manager with MDT](integrate-configuration-manager-with-mdt.md) + +[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](../deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) + +[Create a custom Windows PE boot image with Configuration Manager](../deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md) + +[Add a Windows 10 operating system image using Configuration Manager](../deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md) + +[Create an application to deploy with Windows 10 using Configuration Manager](../deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md) + +[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](../deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md) + +[Deploy Windows 10 using PXE and Configuration Manager](../deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md) + +[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](../deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md) + +[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](../deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) diff --git a/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md b/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md index 895381896b..79b6610104 100644 --- a/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md +++ b/windows/deployment/deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md @@ -1,96 +1,97 @@ ---- -title: Use the MDT database to stage Windows 10 deployment information (Windows 10) -description: This topic is designed to teach you how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database, rather than include the information in a text file (CustomSettings.ini). -ms.assetid: 8956ab54-90ba-45d3-a384-4fdec72c4d46 -ms.reviewer: -manager: laurawi -ms.author: greglin -ms.pagetype: mdt -keywords: database, permissions, settings, configure, deploy -ms.prod: w10 -ms.mktglfcycl: deploy -ms.localizationpriority: medium -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# Use the MDT database to stage Windows 10 deployment information - -This topic is designed to teach you how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database, rather than include the information in a text file (CustomSettings.ini). You can use this process, for example, to add the client machines you want to deploy, specify their computer names and IP addresses, indicate applications to be deployed, and determine many additional settings for the machines. - -## Database prerequisites - -MDT can use either SQL Server Express or full SQL Server, but since the deployment database isn't big, even in large enterprise environments, we recommend using the free SQL Server 2012 SP1 Express database in your environment. - ->[!NOTE] ->Be sure to enable Named Pipes when configuring the SQL Server 2012 SP1 Express database. Although it is a legacy protocol, Named Pipes has proven to work well when connecting from Windows Preinstallation Environment (Windows PE) to the SQL Server database. -  -## Create the deployment database - -The MDT database is by default created and managed from the Deployment Workbench. In these steps, we assume you have installed SQL Server 2012 SP1 Express on MDT01. - ->[!NOTE] ->Since SQL Server 2012 SP1 Express runs by default on a separate instance (SQLEXPRESS), the SQL Server Browser service must be running, and the firewall configured to allow traffic to it. Port 1433 TCP and port 1434 UDP need to be opened for inbound traffic on MDT01. -  -1. On MDT01, using Deployment Workbench, expand the MDT Production deployment share, expand **Advanced Configuration**, right-click **Database**, and select **New Database**. -2. In the New DB Wizard, on the **SQL Server Details** page, enter the following settings and click **Next**: - 1. SQL Server Name: MDT01 - 2. Instance: SQLEXPRESS - 3. Port: <blank> - 4. Network Library: Named Pipes -3. On the **Database** page, select **Create a new database**; in the **Database** field, type **MDT** and click **Next**. -4. On the **SQL Share** page, in the **SQL Share** field, type **Logs$** and click **Next**. Click **Next** again and then click **Finish**. - -![figure 8](../images/mdt-09-fig08.png) - -Figure 8. The MDT database added to MDT01. - -## Configure database permissions - -After creating the database, you need to assign permissions to it. In MDT, the account you used to run the deployment is used to access the database. In this environment, the network access account is MDT\_BA. -1. On MDT01, start SQL Server Management Studio. -2. In the **Connect to Server** dialog box, in the **Server name** list, select **MDT01\\SQLEXPRESS** and click **Connect**. -3. In the **Object Explorer** pane, expand the top-level **Security** node, right-click **Logins**, and select **New Login**. - - ![figure 9](../images/mdt-09-fig09.png) - - Figure 9. The top-level Security node. - -4. On the **Login - New** page, next to the **Login** name field, click **Search**, and search for **CONTOSO\\MDT\_BA**. Then in the left pane, select **User Mapping**. Select the **MDT** database, and assign the following roles: - 1. db\_datareader - 2. public (default) -5. Click **OK**, and close SQL Server Management Studio. - -![figure 10](../images/mdt-09-fig10.png) - -Figure 10. Creating the login and settings permissions to the MDT database. - -## Create an entry in the database - -To start using the database, you add a computer entry and assign a description and computer name. Use the computer's MAC Address as the identifier. -1. On MDT01, using the Deployment Workbench, in the MDT Production deployment share, expand **Advanced Configuration**, and expand **Database**. -2. Right-click **Computers**, select **New**, and add a computer entry with the following settings: - 1. Description: New York Site - PC00075 - 2. MacAddress: <PC00075 MAC Address in the 00:00:00:00:00:00 format> - 3. Details Tab / OSDComputerName: PC00075 - -![figure 11](../images/mdt-09-fig11.png) - -Figure 11. Adding the PC00075 computer to the database. - -## Related topics - -[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md) - -[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md) - -[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md) - -[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md) - -[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md) - -[Use web services in MDT](use-web-services-in-mdt.md) - -[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md) +--- +title: Use MDT database to stage Windows 10 deployment info (Windows 10) +description: This topic is designed to teach you how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database, rather than include the information in a text file (CustomSettings.ini). +ms.assetid: 8956ab54-90ba-45d3-a384-4fdec72c4d46 +ms.reviewer: +manager: laurawi +ms.author: greglin +ms.pagetype: mdt +keywords: database, permissions, settings, configure, deploy +ms.prod: w10 +ms.mktglfcycl: deploy +ms.localizationpriority: medium +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Use the MDT database to stage Windows 10 deployment information + +This topic is designed to teach you how to use the MDT database to pre-stage information on your Windows 10 deployment in a Microsoft SQL Server 2012 SP1 Express database, rather than include the information in a text file (CustomSettings.ini). You can use this process, for example, to add the client machines you want to deploy, specify their computer names and IP addresses, indicate applications to be deployed, and determine many additional settings for the machines. + +## Database prerequisites + +MDT can use either SQL Server Express or full SQL Server, but since the deployment database isn't big, even in large enterprise environments, we recommend using the free SQL Server 2012 SP1 Express database in your environment. + +>[!NOTE] +>Be sure to enable Named Pipes when configuring the SQL Server 2012 SP1 Express database. Although it is a legacy protocol, Named Pipes has proven to work well when connecting from Windows Preinstallation Environment (Windows PE) to the SQL Server database. +  +## Create the deployment database + +The MDT database is by default created and managed from the Deployment Workbench. In these steps, we assume you have installed SQL Server 2012 SP1 Express on MDT01. + +>[!NOTE] +>Since SQL Server 2012 SP1 Express runs by default on a separate instance (SQLEXPRESS), the SQL Server Browser service must be running, and the firewall configured to allow traffic to it. Port 1433 TCP and port 1434 UDP need to be opened for inbound traffic on MDT01. +  +1. On MDT01, using Deployment Workbench, expand the MDT Production deployment share, expand **Advanced Configuration**, right-click **Database**, and select **New Database**. +2. In the New DB Wizard, on the **SQL Server Details** page, enter the following settings and click **Next**: + 1. SQL Server Name: MDT01 + 2. Instance: SQLEXPRESS + 3. Port: <blank> + 4. Network Library: Named Pipes +3. On the **Database** page, select **Create a new database**; in the **Database** field, type **MDT** and click **Next**. +4. On the **SQL Share** page, in the **SQL Share** field, type **Logs$** and click **Next**. Click **Next** again and then click **Finish**. + +![figure 8](../images/mdt-09-fig08.png) + +Figure 8. The MDT database added to MDT01. + +## Configure database permissions + +After creating the database, you need to assign permissions to it. In MDT, the account you used to run the deployment is used to access the database. In this environment, the network access account is MDT\_BA. +1. On MDT01, start SQL Server Management Studio. +2. In the **Connect to Server** dialog box, in the **Server name** list, select **MDT01\\SQLEXPRESS** and click **Connect**. +3. In the **Object Explorer** pane, expand the top-level **Security** node, right-click **Logins**, and select **New Login**. + + ![figure 9](../images/mdt-09-fig09.png) + + Figure 9. The top-level Security node. + +4. On the **Login - New** page, next to the **Login** name field, click **Search**, and search for **CONTOSO\\MDT\_BA**. Then in the left pane, select **User Mapping**. Select the **MDT** database, and assign the following roles: + 1. db\_datareader + 2. public (default) +5. Click **OK**, and close SQL Server Management Studio. + +![figure 10](../images/mdt-09-fig10.png) + +Figure 10. Creating the login and settings permissions to the MDT database. + +## Create an entry in the database + +To start using the database, you add a computer entry and assign a description and computer name. Use the computer's MAC Address as the identifier. +1. On MDT01, using the Deployment Workbench, in the MDT Production deployment share, expand **Advanced Configuration**, and expand **Database**. +2. Right-click **Computers**, select **New**, and add a computer entry with the following settings: + 1. Description: New York Site - PC00075 + 2. MacAddress: <PC00075 MAC Address in the 00:00:00:00:00:00 format> + 3. Details Tab / OSDComputerName: PC00075 + +![figure 11](../images/mdt-09-fig11.png) + +Figure 11. Adding the PC00075 computer to the database. + +## Related topics + +[Set up MDT for BitLocker](set-up-mdt-for-bitlocker.md) + +[Configure MDT deployment share rules](configure-mdt-deployment-share-rules.md) + +[Configure MDT for UserExit scripts](configure-mdt-for-userexit-scripts.md) + +[Simulate a Windows 10 deployment in a test environment](simulate-a-windows-10-deployment-in-a-test-environment.md) + +[Assign applications using roles in MDT](assign-applications-using-roles-in-mdt.md) + +[Use web services in MDT](use-web-services-in-mdt.md) + +[Use Orchestrator runbooks with MDT](use-orchestrator-runbooks-with-mdt.md) diff --git a/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md index e86096e831..19ffe1ae2a 100644 --- a/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md +++ b/windows/deployment/deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md @@ -1,107 +1,108 @@ ---- -title: Create an application to deploy with Windows 10 using Configuration Manager (Windows 10) -description: Microsoft System Center 2012 R2 Configuration Manager supports deploying applications as part of the Windows 10 deployment process. -ms.assetid: 2dfb2f39-1597-4999-b4ec-b063e8a8c90c -ms.reviewer: -manager: laurawi -ms.author: greglin -keywords: deployment, task sequence, custom, customize -ms.prod: w10 -ms.localizationpriority: medium -ms.mktglfcycl: deploy -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# Create an application to deploy with Windows 10 using Configuration Manager - - -**Applies to** - -- Windows 10 versions 1507, 1511 - ->[!IMPORTANT] ->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). ->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10). - -Microsoft System Center 2012 R2 Configuration Manager supports deploying applications as part of the Windows 10 deployment process. In this section, you create an application in System Center 2012 R2 Configuration Manager that you later configure the task sequence to use. - -For the purposes of this topic, we will use CM01, a machine running Windows Server 2012 R2 Standard that is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). - ->[!NOTE] ->Even though the new application model is fully supported to deploy via the task sequence, the most reliable way to deploy software via the task sequence is still the legacy packages, especially if you deploy many applications. - -## Example: Create the Adobe Reader XI application - - -The following steps show you how to create the Adobe Reader XI application. This section assumes that you have downloaded the MSI version of Adobe Reader XI to the C:\\Setup\\Adobe Reader XI folder on CM01. - -1. On CM01, using File Explorer, copy the **C:\\Setup\\Adobe Reader XI** folder to the **E:\\Sources\\Software\\Adobe** folder. - -2. Using the Configuration Manager Console, in the Software Library workspace, expand **Application Management**. - -3. Right-click **Applications** and select **Folder / Create Folder**. Assign the name **OSD**. - -4. Right-click the **OSD** folder, and select **Create Application**. - -5. In the Create Application Wizard, on the **General** page, use the following settings: - - * Automatically detect information about this application from installation files - - * Type: Windows Installer (\*.msi file) - - * Location: \\\\CM01\\Sources$\\Software\\Adobe\\Adobe Reader XI - - * \\AdbeRdr11000\_en\_US.msi - - ![The Create Application Wizard](../images/mdt-06-fig20.png "The Create Application Wizard") - - *Figure 19. The Create Application Wizard* - -6. Click **Next**, and wait while Configuration Manager parses the MSI file. - -7. On the **Import Information** page, review the information and then click **Next**. - -8. On the **General Information** page, name the application Adobe Reader XI - OSD Install, click **Next** twice, and then click **Close**. - - >[!NOTE] - >Because it is not possible to reference an application deployment type in the task sequence, you should have a single deployment type for applications deployed by the task sequence. If you are deploying applications via both the task sequence and normal application deployment, and you have multiple deployment types, you should have two applications of the same software. In this section, you add the "OSD Install" suffix to applications that are deployed via the task sequence. If using packages, you can still reference both package and program in the task sequence. - - ![Add the OSD Install suffix to the application name](../images/mdt-06-fig21.png "Add the OSD Install suffix to the application name") - - *Figure 20. Add the "OSD Install" suffix to the application name* - -9. In the **Applications** node, select the Adobe Reader XI - OSD Install application, and click **Properties** on the ribbon bar. - -10. In the **General Information** tab, select the **Allow this application to be installed from the Install Application task sequence action without being deployed** check box, and click **OK**. - -## Related topics - - -[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md) - -[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) - -[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md) - -[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md) - -[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md) - -[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md) - -[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md) - -[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md) - -[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) - - - - - - - - - +--- +title: Create an app to deploy with Windows 10 using Configuration Manager +description: Microsoft System Center 2012 R2 Configuration Manager supports deploying applications as part of the Windows 10 deployment process. +ms.assetid: 2dfb2f39-1597-4999-b4ec-b063e8a8c90c +ms.reviewer: +manager: laurawi +ms.author: greglin +keywords: deployment, task sequence, custom, customize +ms.prod: w10 +ms.localizationpriority: medium +ms.mktglfcycl: deploy +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Create an application to deploy with Windows 10 using Configuration Manager + + +**Applies to** + +- Windows 10 versions 1507, 1511 + +>[!IMPORTANT] +>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). +>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10). + +Microsoft System Center 2012 R2 Configuration Manager supports deploying applications as part of the Windows 10 deployment process. In this section, you create an application in System Center 2012 R2 Configuration Manager that you later configure the task sequence to use. + +For the purposes of this topic, we will use CM01, a machine running Windows Server 2012 R2 Standard that is a member of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). + +>[!NOTE] +>Even though the new application model is fully supported to deploy via the task sequence, the most reliable way to deploy software via the task sequence is still the legacy packages, especially if you deploy many applications. + +## Example: Create the Adobe Reader XI application + + +The following steps show you how to create the Adobe Reader XI application. This section assumes that you have downloaded the MSI version of Adobe Reader XI to the C:\\Setup\\Adobe Reader XI folder on CM01. + +1. On CM01, using File Explorer, copy the **C:\\Setup\\Adobe Reader XI** folder to the **E:\\Sources\\Software\\Adobe** folder. + +2. Using the Configuration Manager Console, in the Software Library workspace, expand **Application Management**. + +3. Right-click **Applications** and select **Folder / Create Folder**. Assign the name **OSD**. + +4. Right-click the **OSD** folder, and select **Create Application**. + +5. In the Create Application Wizard, on the **General** page, use the following settings: + + * Automatically detect information about this application from installation files + + * Type: Windows Installer (\*.msi file) + + * Location: \\\\CM01\\Sources$\\Software\\Adobe\\Adobe Reader XI + + * \\AdbeRdr11000\_en\_US.msi + + ![The Create Application Wizard](../images/mdt-06-fig20.png "The Create Application Wizard") + + *Figure 19. The Create Application Wizard* + +6. Click **Next**, and wait while Configuration Manager parses the MSI file. + +7. On the **Import Information** page, review the information and then click **Next**. + +8. On the **General Information** page, name the application Adobe Reader XI - OSD Install, click **Next** twice, and then click **Close**. + + >[!NOTE] + >Because it is not possible to reference an application deployment type in the task sequence, you should have a single deployment type for applications deployed by the task sequence. If you are deploying applications via both the task sequence and normal application deployment, and you have multiple deployment types, you should have two applications of the same software. In this section, you add the "OSD Install" suffix to applications that are deployed via the task sequence. If using packages, you can still reference both package and program in the task sequence. + + ![Add the OSD Install suffix to the application name](../images/mdt-06-fig21.png "Add the OSD Install suffix to the application name") + + *Figure 20. Add the "OSD Install" suffix to the application name* + +9. In the **Applications** node, select the Adobe Reader XI - OSD Install application, and click **Properties** on the ribbon bar. + +10. In the **General Information** tab, select the **Allow this application to be installed from the Install Application task sequence action without being deployed** check box, and click **OK**. + +## Related topics + + +[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md) + +[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) + +[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md) + +[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md) + +[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md) + +[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md) + +[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md) + +[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md) + +[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) + + + + + + + + + diff --git a/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md index 097ab5c60f..b695cf75f7 100644 --- a/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md +++ b/windows/deployment/deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md @@ -1,5 +1,5 @@ --- -title: Finalize the operating system configuration for Windows 10 deployment with Configuration Manager (Windows 10) +title: Finalize operating system configuration for Windows 10 deployment description: This topic walks you through the steps to finalize the configuration of your Windows 10 operating deployment, which includes enablement of the optional Microsoft Deployment Toolkit (MDT) monitoring for Microsoft System Center 2012 R2 Configuration Manager, logs folder creation, rules configuration, content distribution, and deployment of the previously created task sequence. ms.assetid: 38b55fa8-e717-4689-bd43-8348751d493e ms.reviewer: diff --git a/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md b/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md index c0e59fd398..d5fce49214 100644 --- a/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md +++ b/windows/deployment/deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md @@ -1,88 +1,89 @@ ---- -title: Monitor the Windows 10 deployment with Configuration Manager (Windows 10) -description: In this topic, you will learn how to monitor a Windows 10 deployment that was started previously using Microsoft System Center 2012 R2 Configuration Manager and the Microsoft Deployment Toolkit (MDT) Deployment Workbench. -ms.assetid: 4863c6aa-6369-4171-8e1a-b052ca195fce -ms.reviewer: -manager: laurawi -ms.author: greglin -keywords: deploy, upgrade -ms.prod: w10 -ms.mktglfcycl: deploy -ms.localizationpriority: medium -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# Monitor the Windows 10 deployment with Configuration Manager - - -**Applies to** - -- Windows 10 versions 1507, 1511 - ->[!IMPORTANT] ->For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). ->Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10). - -In this topic, you will learn how to monitor a Windows 10 deployment that was started previously using Microsoft System Center 2012 R2 Configuration Manager and the Microsoft Deployment Toolkit (MDT) Deployment Workbench. You will also use the Deployment Workbench to access the computer remotely via the Microsoft Diagnostics and Recovery Toolkit (DaRT) Remote Connection feature. - -For the purposes of this topic, we will use four machines: DC01, CM01, and PC0001. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. PC0001 is a Unified Extensible Firmware Interface (UEFI) machine to which Windows 10 Enterprise has been deployed. DC01, CM01, and PC0001 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). - -To monitor an operating system deployment conducted through System Center 2012 R2 Configuration Manager, you will use the Deployment Workbench in MDT as follows: - -1. On CM01, using the Deployment Workbench, expand **MDT Production**, and use the **Monitoring** node to view the deployment process (press **F5** to refresh). - - >[!NOTE] - >It takes a little while for the task sequence to start reporting monitor information, so if PC0001 does not appear when you press F5 the first time, wait 20 seconds and try again. - - ![PC0001 being deployed by Configuration Manager](../images/mdt-06-fig39.png) - - *Figure 33. PC0001 being deployed by Configuration Manager* - -2. When you see the PC0001 entry, double-click **PC0001**, and then click **DaRT Remote Control** and review the **Remote Control** option. - -3. The task sequence will now run and do the following: - - * Install the Windows 10 operating system. - - * Install the Configuration Manager client and the client hotfix. - - * Join the machine to the domain. - - * Install the application added to the task sequence. - - >[!NOTE] - >You also can use the built-in reports to get information about ongoing deployments. For example, a task sequence report gives you a quick overview of the task sequence progress. -   -4. If time permits, allow the deployment of PC0001 to complete. Then log in as Administrator in the CONTOSO domain and verify that Adobe Reader XI was installed. - -## Related topics - - -[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md) - -[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) - -[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md) - -[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md) - -[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md) - -[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md) - -[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md) - -[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md) - -[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) - -  - -  - - - - - +--- +title: Monitor the Windows 10 deployment with Configuration Manager +description: In this topic, you will learn how to monitor a Windows 10 deployment that was started previously using Microsoft System Center 2012 R2 Configuration Manager and the Microsoft Deployment Toolkit (MDT) Deployment Workbench. +ms.assetid: 4863c6aa-6369-4171-8e1a-b052ca195fce +ms.reviewer: +manager: laurawi +ms.author: greglin +keywords: deploy, upgrade +ms.prod: w10 +ms.mktglfcycl: deploy +ms.localizationpriority: medium +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Monitor the Windows 10 deployment with Configuration Manager + + +**Applies to** + +- Windows 10 versions 1507, 1511 + +>[!IMPORTANT] +>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems). +>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10). + +In this topic, you will learn how to monitor a Windows 10 deployment that was started previously using Microsoft System Center 2012 R2 Configuration Manager and the Microsoft Deployment Toolkit (MDT) Deployment Workbench. You will also use the Deployment Workbench to access the computer remotely via the Microsoft Diagnostics and Recovery Toolkit (DaRT) Remote Connection feature. + +For the purposes of this topic, we will use four machines: DC01, CM01, and PC0001. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. PC0001 is a Unified Extensible Firmware Interface (UEFI) machine to which Windows 10 Enterprise has been deployed. DC01, CM01, and PC0001 are all members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). + +To monitor an operating system deployment conducted through System Center 2012 R2 Configuration Manager, you will use the Deployment Workbench in MDT as follows: + +1. On CM01, using the Deployment Workbench, expand **MDT Production**, and use the **Monitoring** node to view the deployment process (press **F5** to refresh). + + >[!NOTE] + >It takes a little while for the task sequence to start reporting monitor information, so if PC0001 does not appear when you press F5 the first time, wait 20 seconds and try again. + + ![PC0001 being deployed by Configuration Manager](../images/mdt-06-fig39.png) + + *Figure 33. PC0001 being deployed by Configuration Manager* + +2. When you see the PC0001 entry, double-click **PC0001**, and then click **DaRT Remote Control** and review the **Remote Control** option. + +3. The task sequence will now run and do the following: + + * Install the Windows 10 operating system. + + * Install the Configuration Manager client and the client hotfix. + + * Join the machine to the domain. + + * Install the application added to the task sequence. + + >[!NOTE] + >You also can use the built-in reports to get information about ongoing deployments. For example, a task sequence report gives you a quick overview of the task sequence progress. +   +4. If time permits, allow the deployment of PC0001 to complete. Then log in as Administrator in the CONTOSO domain and verify that Adobe Reader XI was installed. + +## Related topics + + +[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md) + +[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) + +[Create a custom Windows PE boot image with Configuration Manager](create-a-custom-windows-pe-boot-image-with-configuration-manager.md) + +[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md) + +[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md) + +[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md) + +[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md) + +[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md) + +[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) + +  + +  + + + + + diff --git a/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md b/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md index c434f06486..bb66b25095 100644 --- a/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md +++ b/windows/deployment/planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md @@ -1,5 +1,5 @@ --- -title: Creating a Custom Compatibility Mode in Compatibility Administrator (Windows 10) +title: Create a Custom Compatibility Mode (Windows 10) description: Windows® provides several compatibility modes, groups of compatibility fixes found to resolve many common application-compatibility issues. ms.assetid: 661a1c0d-267f-4a79-8445-62a9a98d09b0 ms.reviewer: diff --git a/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md b/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md index e4ebfef4e3..8d8da0f126 100644 --- a/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md +++ b/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator.md @@ -1,5 +1,5 @@ --- -title: Creating an AppHelp Message in Compatibility Administrator (Windows 10) +title: Create AppHelp Message in Compatibility Administrator (Windows 10) description: The Compatibility Administrator tool enables you to create an AppHelp text message. This is a blocking or non-blocking message that appears when a user starts an application that you know has major functionality issues on the Windows® operating system. ms.assetid: 5c6e89f5-1942-4aa4-8439-ccf0ecd02848 ms.reviewer: diff --git a/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md b/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md index f8f502fe93..e066e2b214 100644 --- a/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md +++ b/windows/deployment/planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md @@ -1,5 +1,5 @@ --- -title: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator (Windows 10) +title: Install/Uninstall Custom Databases (Windows 10) description: The Compatibility Administrator tool enables the creation and the use of custom-compatibility and standard-compatibility databases. ms.assetid: 659c9d62-5f32-433d-94aa-12141c01368f ms.reviewer: diff --git a/windows/deployment/update/waas-integrate-wufb.md b/windows/deployment/update/waas-integrate-wufb.md index d28b788ca7..4d5f0b31bc 100644 --- a/windows/deployment/update/waas-integrate-wufb.md +++ b/windows/deployment/update/waas-integrate-wufb.md @@ -1,5 +1,5 @@ --- -title: Integrate Windows Update for Business with management solutions (Windows 10) +title: Integrate Windows Update for Business (Windows 10) description: Use Windows Update for Business deployments with management tools such as Windows Server Update Services (WSUS) and System Center Configuration Manager. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/deployment/update/waas-manage-updates-configuration-manager.md b/windows/deployment/update/waas-manage-updates-configuration-manager.md index 7563d572b3..1ebdd76767 100644 --- a/windows/deployment/update/waas-manage-updates-configuration-manager.md +++ b/windows/deployment/update/waas-manage-updates-configuration-manager.md @@ -1,5 +1,5 @@ --- -title: Deploy Windows 10 updates using System Center Configuration Manager (Windows 10) +title: Deploy Windows 10 updates via System Center Configuration Manager description: System Center Configuration Manager provides maximum control over quality and feature updates for Windows 10. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/deployment/update/waas-mobile-updates.md b/windows/deployment/update/waas-mobile-updates.md index e425484498..c0d1218ade 100644 --- a/windows/deployment/update/waas-mobile-updates.md +++ b/windows/deployment/update/waas-mobile-updates.md @@ -1,6 +1,6 @@ --- -title: Deploy updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile (Windows 10) -description: tbd +title: Deploy updates to Windows 10 Mobile or Windows 10 IoT Mobile +description: Deploy updates to devices in your organization that are running Windows 10 Mobile Enterprise or Windows 10 IoT Mobile. ms.prod: w10 ms.mktglfcycl: manage author: jaimeo diff --git a/windows/deployment/update/waas-wufb-group-policy.md b/windows/deployment/update/waas-wufb-group-policy.md index d4e43924fb..8b7d1bcfd2 100644 --- a/windows/deployment/update/waas-wufb-group-policy.md +++ b/windows/deployment/update/waas-wufb-group-policy.md @@ -1,6 +1,6 @@ --- -title: Walkthrough use Group Policy to configure Windows Update for Business - Windows 10 -description: Configure Windows Update for Business settings using Group Policy. +title: Configure Windows Update for Business via Group Policy (Windows 10) +description: Walkthrough demonstrating how to configure Windows Update for Business settings, using Group Policy. ms.prod: w10 ms.mktglfcycl: manage author: jaimeo @@ -11,7 +11,7 @@ manager: laurawi ms.topic: article --- -# Walkthrough: use Group Policy to configure Windows Update for Business +# Walkthrough: Use Group Policy to configure Windows Update for Business **Applies to** diff --git a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md index 82f4193c52..513ae0cfd8 100644 --- a/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md +++ b/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md @@ -1,216 +1,217 @@ ---- -title: Perform an in-place upgrade to Windows 10 using Configuration Manager (Windows 10) -description: The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. Use a System Center Configuration Manager task sequence to completely automate the process. -ms.assetid: F8DF6191-0DB0-4EF5-A9B1-6A11D5DE4878 -ms.reviewer: -manager: laurawi -ms.author: greglin -keywords: upgrade, update, task sequence, deploy -ms.prod: w10 -ms.localizationpriority: medium -ms.mktglfcycl: deploy -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# Perform an in-place upgrade to Windows 10 using Configuration Manager - - -**Applies to** - -- Windows 10 - -The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process. - -## Proof-of-concept environment - - -For the purposes of this topic, we will use three machines: DC01, CM01, and PC0001. DC01 is a domain controller and CM01 is a Windows Server 2012 R2 standard machine, fully patched with the latest security updates, and configured as a member server in the fictional contoso.com domain. PC0001 is a machine with Windows 7 SP1, targeted for the Windows 10 upgrade. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). - -![figure 1](../images/upgrademdt-fig1-machines.png) - -Figure 1. The machines used in this topic. - -## Upgrade to Windows 10 with System Center 2012 R2 Configuration Manager - - -System Center 2012 R2 Configuration Manager SP1 adds support to manage and deploy Windows 10. Although it does not include built-in support to perform an in-place upgrade from Windows 7, Windows 8, or Windows 8.1 to Windows 10, you can build a custom task sequence to perform the necessary tasks. - -## Create the task sequence - - -To help with this process, the Configuration Manager team has published [a blog](https://go.microsoft.com/fwlink/p/?LinkId=620179) that provides a sample task sequence, as well as the [original blog that includes the instructions for setting up the task sequence](https://go.microsoft.com/fwlink/p/?LinkId=620180). To summarize, here are the tasks you need to perform: - -1. Download the [Windows10Upgrade1506.zip](https://go.microsoft.com/fwlink/p/?LinkId=620182) file that contains the sample task sequence and related scripts. Extract the contents onto a network share. -2. Copy the Windows 10 Enterprise RTM x64 media into the extracted but empty **Windows vNext Upgrade Media** folder. -3. Using the Configuration Manager Console, right-click the **Task Sequences** node, and then choose **Import Task Sequence**. Select the **Windows-vNextUpgradeExport.zip** file that you extracted in Step 1. -4. Distribute the two created packages (one contains the Windows 10 Enterprise x64 media, the other contains the related scripts) to the Configuration Manager distribution point. - -For full details and an explanation of the task sequence steps, review the full details of the two blogs that are referenced above. - -## Create a device collection - - -After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the Configuration Manager client installed. - -1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: - - General - - - Name: Windows 10 Enterprise x64 Upgrade - - - Limited Collection: All Systems - - - Membership rules: - - - Direct rule - - - Resource Class: System Resource - - - Attribute Name: Name - - - Value: PC0001 - - - Select Resources - - - Select PC0001 - -2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection. - -## Deploy the Windows 10 upgrade - - -In this section, you create a deployment for the Windows 10 Enterprise x64 Update application. - -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**. -2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**. -3. On the **Content** page, click **Next**. -4. On the **Deployment Settings** page, select the following settings, and then click **Next**: - - Action: Install - - - Purpose: Available - -5. On the **Scheduling** page, accept the default settings, and then click **Next**. -6. On the **User Experience** page, accept the default settings, and then click **Next**. -7. On the **Alerts** page, accept the default settings, and then click **Next**. -8. On the **Summary** page, click **Next**, and then click **Close**. - -## Start the Windows 10 upgrade - - -In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1). - -1. On PC0001, start the **Software Center**. -2. Select the **Windows vNext Upgrade** task sequence, and then click **Install**. - -When the task sequence begins, it will automatically initiate the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers. - -![figure 2](../images/upgradecfg-fig2-upgrading.png) - -Figure 2. Upgrade from Windows 7 to Windows 10 Enterprise x64 with a task sequence. - -After the task sequence finishes, the computer will be fully upgraded to Windows 10. - -## Upgrade to Windows 10 with System Center Configuration Manager Current Branch - - -With System Center Configuration Manager Current Branch, new built-in functionality makes it easier to upgrade to Windows 10. - -**Note**   -For more details about Configuration Manager Current Branch, see the [Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620205). An [evaluation version is currently available](https://go.microsoft.com/fwlink/p/?LinkId=620206) for you to try. The instructions below are specific to the Technical Preview 2 release and may change after the next version of Configuration Manager is released. - - - -### Create the OS upgrade package - -First, you need to create an operating system upgrade package that contains the full Windows 10 Enterprise x64 installation media. - -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Operating System Upgrade Packages** node, then select **Add Operating System Upgrade Package**. -2. On the **Data Source** page, specify the UNC path to the Windows 10 Enterprise x64 media, and then click **Next**. -3. On the **General** page, specify Windows 10 Enterprise x64 Upgrade, and then click **Next**. -4. On the **Summary** page, click **Next**, and then click **Close**. -5. Right-click the created **Windows 10 Enterprise x64 Update** package, and then select **Distribute Content**. Choose the CM01 distribution point. - -### Create the task sequence - -To create an upgrade task sequence, perform the following steps: - -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Task Sequences** node, and then select **Create Task Sequence**. -2. On the **Create a new task sequence** page, select **Upgrade an operating system from upgrade package**, and then click **Next**. -3. On the **Task Sequence Information** page, specify **Windows 10 Enterprise x64 Upgrade**, and then click **Next**. -4. On the **Upgrade the Windows operating system** page, select the **Windows 10 Enterprise x64 Upgrade operating system upgrade** package, and then click **Next**. -5. Click **Next** through the remaining wizard pages, and then click **Close**. - -![figure 3](../images/upgradecfg-fig3-upgrade.png) - -Figure 3. The Configuration Manager upgrade task sequence. - -### Create a device collection - -After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the next version of System Center Configuration Manager client installed. - -1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: - - General - - - Name: Windows 10 Enterprise x64 Upgrade - - - Limited Collection: All Systems - - - Membership rules: - - - Direct rule - - - Resource Class: System Resource - - - Attribute Name: Name - - - Value: PC0001 - - - Select Resources - - - Select PC0001 - -2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection. - -### Deploy the Windows 10 upgrade - -In this section, you create a deployment for the Windows 10 Enterprise x64 Update application. - -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**. -2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**. -3. On the **Content** page, click **Next**. -4. On the **Deployment Settings** page, select the following settings and click **Next**: - - Action: Install - - - Purpose: Available - -5. On the **Scheduling** page, accept the default settings, and then click **Next**. -6. On the **User Experience** page, accept the default settings, and then click **Next**. -7. On the **Alerts** page, accept the default settings, and then click **Next**. -8. On the **Summary** page, click **Next**, and then click **Close**. - -### Start the Windows 10 upgrade - -In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1). - -1. On PC0001, start the **Software Center**. -2. Select the **Windows 10 Enterprise x64 Upgrade** task sequence, and then click **Install.** - -When the task sequence begins, it automatically initiates the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers. - -After the task sequence completes, the computer will be fully upgraded to Windows 10. - -## Related topics - - -[Windows 10 deployment scenarios](../windows-10-deployment-scenarios.md) - -[Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620109) - - - - - - - - - +--- +title: Perform in-place upgrade to Windows 10 via Configuration Manager +description: The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. Use a System Center Configuration Manager task sequence to completely automate the process. +ms.assetid: F8DF6191-0DB0-4EF5-A9B1-6A11D5DE4878 +ms.reviewer: +manager: laurawi +ms.author: greglin +keywords: upgrade, update, task sequence, deploy +ms.prod: w10 +ms.localizationpriority: medium +ms.mktglfcycl: deploy +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Perform an in-place upgrade to Windows 10 using Configuration Manager + + +**Applies to** + +- Windows 10 + +The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a System Center Configuration Manager task sequence to completely automate the process. + +## Proof-of-concept environment + + +For the purposes of this topic, we will use three machines: DC01, CM01, and PC0001. DC01 is a domain controller and CM01 is a Windows Server 2012 R2 standard machine, fully patched with the latest security updates, and configured as a member server in the fictional contoso.com domain. PC0001 is a machine with Windows 7 SP1, targeted for the Windows 10 upgrade. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md). + +![figure 1](../images/upgrademdt-fig1-machines.png) + +Figure 1. The machines used in this topic. + +## Upgrade to Windows 10 with System Center 2012 R2 Configuration Manager + + +System Center 2012 R2 Configuration Manager SP1 adds support to manage and deploy Windows 10. Although it does not include built-in support to perform an in-place upgrade from Windows 7, Windows 8, or Windows 8.1 to Windows 10, you can build a custom task sequence to perform the necessary tasks. + +## Create the task sequence + + +To help with this process, the Configuration Manager team has published [a blog](https://go.microsoft.com/fwlink/p/?LinkId=620179) that provides a sample task sequence, as well as the [original blog that includes the instructions for setting up the task sequence](https://go.microsoft.com/fwlink/p/?LinkId=620180). To summarize, here are the tasks you need to perform: + +1. Download the [Windows10Upgrade1506.zip](https://go.microsoft.com/fwlink/p/?LinkId=620182) file that contains the sample task sequence and related scripts. Extract the contents onto a network share. +2. Copy the Windows 10 Enterprise RTM x64 media into the extracted but empty **Windows vNext Upgrade Media** folder. +3. Using the Configuration Manager Console, right-click the **Task Sequences** node, and then choose **Import Task Sequence**. Select the **Windows-vNextUpgradeExport.zip** file that you extracted in Step 1. +4. Distribute the two created packages (one contains the Windows 10 Enterprise x64 media, the other contains the related scripts) to the Configuration Manager distribution point. + +For full details and an explanation of the task sequence steps, review the full details of the two blogs that are referenced above. + +## Create a device collection + + +After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the Configuration Manager client installed. + +1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: + - General + + - Name: Windows 10 Enterprise x64 Upgrade + + - Limited Collection: All Systems + + - Membership rules: + + - Direct rule + + - Resource Class: System Resource + + - Attribute Name: Name + + - Value: PC0001 + + - Select Resources + + - Select PC0001 + +2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection. + +## Deploy the Windows 10 upgrade + + +In this section, you create a deployment for the Windows 10 Enterprise x64 Update application. + +1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**. +2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**. +3. On the **Content** page, click **Next**. +4. On the **Deployment Settings** page, select the following settings, and then click **Next**: + - Action: Install + + - Purpose: Available + +5. On the **Scheduling** page, accept the default settings, and then click **Next**. +6. On the **User Experience** page, accept the default settings, and then click **Next**. +7. On the **Alerts** page, accept the default settings, and then click **Next**. +8. On the **Summary** page, click **Next**, and then click **Close**. + +## Start the Windows 10 upgrade + + +In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1). + +1. On PC0001, start the **Software Center**. +2. Select the **Windows vNext Upgrade** task sequence, and then click **Install**. + +When the task sequence begins, it will automatically initiate the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers. + +![figure 2](../images/upgradecfg-fig2-upgrading.png) + +Figure 2. Upgrade from Windows 7 to Windows 10 Enterprise x64 with a task sequence. + +After the task sequence finishes, the computer will be fully upgraded to Windows 10. + +## Upgrade to Windows 10 with System Center Configuration Manager Current Branch + + +With System Center Configuration Manager Current Branch, new built-in functionality makes it easier to upgrade to Windows 10. + +**Note**   +For more details about Configuration Manager Current Branch, see the [Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620205). An [evaluation version is currently available](https://go.microsoft.com/fwlink/p/?LinkId=620206) for you to try. The instructions below are specific to the Technical Preview 2 release and may change after the next version of Configuration Manager is released. + + + +### Create the OS upgrade package + +First, you need to create an operating system upgrade package that contains the full Windows 10 Enterprise x64 installation media. + +1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Operating System Upgrade Packages** node, then select **Add Operating System Upgrade Package**. +2. On the **Data Source** page, specify the UNC path to the Windows 10 Enterprise x64 media, and then click **Next**. +3. On the **General** page, specify Windows 10 Enterprise x64 Upgrade, and then click **Next**. +4. On the **Summary** page, click **Next**, and then click **Close**. +5. Right-click the created **Windows 10 Enterprise x64 Update** package, and then select **Distribute Content**. Choose the CM01 distribution point. + +### Create the task sequence + +To create an upgrade task sequence, perform the following steps: + +1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Task Sequences** node, and then select **Create Task Sequence**. +2. On the **Create a new task sequence** page, select **Upgrade an operating system from upgrade package**, and then click **Next**. +3. On the **Task Sequence Information** page, specify **Windows 10 Enterprise x64 Upgrade**, and then click **Next**. +4. On the **Upgrade the Windows operating system** page, select the **Windows 10 Enterprise x64 Upgrade operating system upgrade** package, and then click **Next**. +5. Click **Next** through the remaining wizard pages, and then click **Close**. + +![figure 3](../images/upgradecfg-fig3-upgrade.png) + +Figure 3. The Configuration Manager upgrade task sequence. + +### Create a device collection + +After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the next version of System Center Configuration Manager client installed. + +1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: + - General + + - Name: Windows 10 Enterprise x64 Upgrade + + - Limited Collection: All Systems + + - Membership rules: + + - Direct rule + + - Resource Class: System Resource + + - Attribute Name: Name + + - Value: PC0001 + + - Select Resources + + - Select PC0001 + +2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection. + +### Deploy the Windows 10 upgrade + +In this section, you create a deployment for the Windows 10 Enterprise x64 Update application. + +1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**. +2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**. +3. On the **Content** page, click **Next**. +4. On the **Deployment Settings** page, select the following settings and click **Next**: + - Action: Install + + - Purpose: Available + +5. On the **Scheduling** page, accept the default settings, and then click **Next**. +6. On the **User Experience** page, accept the default settings, and then click **Next**. +7. On the **Alerts** page, accept the default settings, and then click **Next**. +8. On the **Summary** page, click **Next**, and then click **Close**. + +### Start the Windows 10 upgrade + +In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1). + +1. On PC0001, start the **Software Center**. +2. Select the **Windows 10 Enterprise x64 Upgrade** task sequence, and then click **Install.** + +When the task sequence begins, it automatically initiates the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers. + +After the task sequence completes, the computer will be fully upgraded to Windows 10. + +## Related topics + + +[Windows 10 deployment scenarios](../windows-10-deployment-scenarios.md) + +[Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620109) + + + + + + + + + diff --git a/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md b/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md index 8a830c5fd9..b0cf117686 100644 --- a/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md +++ b/windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md @@ -1,86 +1,87 @@ ---- -title: Getting Started with the User State Migration Tool (USMT) (Windows 10) -description: Getting Started with the User State Migration Tool (USMT) -ms.assetid: 506ff1d2-94b8-4460-8672-56aad963504b -ms.reviewer: -manager: laurawi -ms.author: greglin -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.topic: article ---- - -# Getting Started with the User State Migration Tool (USMT) -This topic outlines the general process that you should follow to migrate files and settings. - -## In this Topic -- [Step 1: Plan Your Migration](#step-1-plan-your-migration) - -- [Step 2: Collect files and settings from the source computer](#step-2-collect-files-and-settings-from-the-source-computer) - -- [Step 3: Prepare the destination computer and restore files and settings](#step-3-prepare-the-destination-computer-and-restore-files-and-settings) - -## Step 1: Plan your migration -1. [Plan Your Migration](usmt-plan-your-migration.md). Depending on whether your migration scenario is refreshing or replacing computers, you can choose an online migration or an offline migration using Windows Preinstallation Environment (WinPE) or the files in the Windows.old directory. For more information, see [Common Migration Scenarios](usmt-common-migration-scenarios.md). - -2. [Determine What to Migrate](usmt-determine-what-to-migrate.md). Data you might consider migrating includes end-user information, applications settings, operating-system settings, files, folders, and registry keys. - -3. Determine where to store data. Depending on the size of your migration store, you can store the data remotely, locally in a hard-link migration store or on a local external storage device, or directly on the destination computer. For more information, see [Choose a Migration Store Type](usmt-choose-migration-store-type.md). - -4. Use the **/GenMigXML** command-line option to determine which files will be included in your migration, and to determine whether any modifications are necessary. For more information see [ScanState Syntax](usmt-scanstate-syntax.md) - -5. Modify copies of the Migration.xml and MigDocs.xml files and create custom .xml files, if it is required. To modify the migration behavior, such as migrating the **Documents** folder but not the **Music** folder, you can create a custom .xml file or modify the rules in the existing migration .xml files. The document finder, or **MigXmlHelper.GenerateDocPatterns** helper function, can be used to automatically find user documents on a computer without creating extensive custom migration .xml files. - - **Important**   - We recommend that you always make and modify copies of the .xml files included in User State Migration Tool (USMT) 10.0. Never modify the original .xml files. - - You can use the MigXML.xsd file to help you write and validate the .xml files. For more information about how to modify these files, see [USMT XML Reference](usmt-xml-reference.md). - -6. Create a [Config.xml File](usmt-configxml-file.md) if you want to exclude any components from the migration. To create this file, use the [ScanState Syntax](usmt-scanstate-syntax.md) option together with the other .xml files when you use the **ScanState** command. For example, the following command creates a Config.xml file by using the MigDocs and MigApp.xml files: - - `scanstate /genconfig:config.xml /i:migdocs.xml /i:migapp.xml /v:13 /l:scanstate.log` - -7. Review the migration state of the components listed in the Config.xml file, and specify `migrate=no` for any components that you do not want to migrate. - -## Step 2: Collect files and settings from the source computer -1. Back up the source computer. - -2. Close all applications. If some applications are running when you run the **ScanState** command, USMT might not migrate all of the specified data. For example, if Microsoft® Office Outlook® is open, USMT might not migrate PST files. - - **Note**   - USMT will fail if it cannot migrate a file or setting unless you specify the **/C** option. When you specify the **/C** option, USMT will ignore the errors, and log an error every time that it encounters a file that is being used that USMT did not migrate. You can use the **<ErrorControl>** section in the Config.xml file to specify which errors should be ignored, and which should cause the migration to fail. - -3. Run the **ScanState** command on the source computer to collect files and settings. You should specify all of the .xml files that you want the **ScanState** command to use. For example, - - `scanstate \\server\migration\mystore /config:config.xml /i:migdocs.xml /i:migapp.xml /v:13 /l:scan.log` - - **Note**   - If the source computer is running Windows 7, or Windows 8, you must run the **ScanState** command in **Administrator** mode. To run in **Administrator** mode, right-click **Command Prompt**, and then click **Run As Administrator**. If the source computer is running Windows XP, you must run the **ScanState** command from an account that has administrative credentials. For more information about the how the **ScanState** command processes and stores the data, see [How USMT Works](usmt-how-it-works.md). - -4. Run the **USMTUtils** command with the **/Verify** option to ensure that the store you created is not corrupted. - -## Step 3: Prepare the destination computer and restore files and settings -1. Install the operating system on the destination computer. - -2. Install all applications that were on the source computer. Although it is not always required, we recommend installing all applications on the destination computer before you restore the user state. This makes sure that migrated settings are preserved. - - **Note**   - The application version that is installed on the destination computer should be the same version as the one on the source computer. USMT does not support migrating the settings for an older version of an application to a newer version. The exception to this is Microsoft® Office, which USMT can migrate from an older version to a newer version. - -3. Close all applications. If some applications are running when you run the **LoadState** command, USMT might not migrate all of the specified data. For example, if Microsoft Office Outlook is open, USMT might not migrate PST files. - - **Note**   - Use **/C** to continue your migration if errors are encountered, and use the **<ErrorControl>** section in the Config.xml file to specify which errors should be ignored, and which errors should cause the migration to fail. - -4. Run the **LoadState** command on the destination computer. Specify the same set of .xml files that you specified when you used the **ScanState** command. However, you do not have to specify the Config.xml file, unless you want to exclude some of the files and settings that you migrated to the store. For example, you might want to migrate the My Documents folder to the store, but not to the destination computer. To do this, modify the Config.xml file and specify the updated file by using the **LoadState** command. Then, the **LoadState** command will migrate only the files and settings that you want to migrate. For more information about the how the **LoadState** command processes and migrates data, see [How USMT Works](usmt-how-it-works.md). - - For example, the following command migrates the files and settings: - - `loadstate \\server\migration\mystore /config:config.xml /i:migdocs.xml /i:migapp.xml /v:13 /l:load.log` - - **Note**   - Run the **LoadState** command in administrator mode. To do this, right-click **Command Prompt**, and then click **Run As Administrator**. - -5. Log off after you run the **LoadState** command. Some settings (for example, fonts, wallpaper, and screen saver settings) will not take effect until the next time that the user logs on. +--- +title: User State Migration Tool (USMT) - Getting Started (Windows 10) +description: Getting Started with the User State Migration Tool (USMT) +ms.assetid: 506ff1d2-94b8-4460-8672-56aad963504b +ms.reviewer: +manager: laurawi +ms.author: greglin +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Getting Started with the User State Migration Tool (USMT) +This topic outlines the general process that you should follow to migrate files and settings. + +## In this Topic +- [Step 1: Plan Your Migration](#step-1-plan-your-migration) + +- [Step 2: Collect files and settings from the source computer](#step-2-collect-files-and-settings-from-the-source-computer) + +- [Step 3: Prepare the destination computer and restore files and settings](#step-3-prepare-the-destination-computer-and-restore-files-and-settings) + +## Step 1: Plan your migration +1. [Plan Your Migration](usmt-plan-your-migration.md). Depending on whether your migration scenario is refreshing or replacing computers, you can choose an online migration or an offline migration using Windows Preinstallation Environment (WinPE) or the files in the Windows.old directory. For more information, see [Common Migration Scenarios](usmt-common-migration-scenarios.md). + +2. [Determine What to Migrate](usmt-determine-what-to-migrate.md). Data you might consider migrating includes end-user information, applications settings, operating-system settings, files, folders, and registry keys. + +3. Determine where to store data. Depending on the size of your migration store, you can store the data remotely, locally in a hard-link migration store or on a local external storage device, or directly on the destination computer. For more information, see [Choose a Migration Store Type](usmt-choose-migration-store-type.md). + +4. Use the **/GenMigXML** command-line option to determine which files will be included in your migration, and to determine whether any modifications are necessary. For more information see [ScanState Syntax](usmt-scanstate-syntax.md) + +5. Modify copies of the Migration.xml and MigDocs.xml files and create custom .xml files, if it is required. To modify the migration behavior, such as migrating the **Documents** folder but not the **Music** folder, you can create a custom .xml file or modify the rules in the existing migration .xml files. The document finder, or **MigXmlHelper.GenerateDocPatterns** helper function, can be used to automatically find user documents on a computer without creating extensive custom migration .xml files. + + **Important**   + We recommend that you always make and modify copies of the .xml files included in User State Migration Tool (USMT) 10.0. Never modify the original .xml files. + + You can use the MigXML.xsd file to help you write and validate the .xml files. For more information about how to modify these files, see [USMT XML Reference](usmt-xml-reference.md). + +6. Create a [Config.xml File](usmt-configxml-file.md) if you want to exclude any components from the migration. To create this file, use the [ScanState Syntax](usmt-scanstate-syntax.md) option together with the other .xml files when you use the **ScanState** command. For example, the following command creates a Config.xml file by using the MigDocs and MigApp.xml files: + + `scanstate /genconfig:config.xml /i:migdocs.xml /i:migapp.xml /v:13 /l:scanstate.log` + +7. Review the migration state of the components listed in the Config.xml file, and specify `migrate=no` for any components that you do not want to migrate. + +## Step 2: Collect files and settings from the source computer +1. Back up the source computer. + +2. Close all applications. If some applications are running when you run the **ScanState** command, USMT might not migrate all of the specified data. For example, if Microsoft® Office Outlook® is open, USMT might not migrate PST files. + + **Note**   + USMT will fail if it cannot migrate a file or setting unless you specify the **/C** option. When you specify the **/C** option, USMT will ignore the errors, and log an error every time that it encounters a file that is being used that USMT did not migrate. You can use the **<ErrorControl>** section in the Config.xml file to specify which errors should be ignored, and which should cause the migration to fail. + +3. Run the **ScanState** command on the source computer to collect files and settings. You should specify all of the .xml files that you want the **ScanState** command to use. For example, + + `scanstate \\server\migration\mystore /config:config.xml /i:migdocs.xml /i:migapp.xml /v:13 /l:scan.log` + + **Note**   + If the source computer is running Windows 7, or Windows 8, you must run the **ScanState** command in **Administrator** mode. To run in **Administrator** mode, right-click **Command Prompt**, and then click **Run As Administrator**. If the source computer is running Windows XP, you must run the **ScanState** command from an account that has administrative credentials. For more information about the how the **ScanState** command processes and stores the data, see [How USMT Works](usmt-how-it-works.md). + +4. Run the **USMTUtils** command with the **/Verify** option to ensure that the store you created is not corrupted. + +## Step 3: Prepare the destination computer and restore files and settings +1. Install the operating system on the destination computer. + +2. Install all applications that were on the source computer. Although it is not always required, we recommend installing all applications on the destination computer before you restore the user state. This makes sure that migrated settings are preserved. + + **Note**   + The application version that is installed on the destination computer should be the same version as the one on the source computer. USMT does not support migrating the settings for an older version of an application to a newer version. The exception to this is Microsoft® Office, which USMT can migrate from an older version to a newer version. + +3. Close all applications. If some applications are running when you run the **LoadState** command, USMT might not migrate all of the specified data. For example, if Microsoft Office Outlook is open, USMT might not migrate PST files. + + **Note**   + Use **/C** to continue your migration if errors are encountered, and use the **<ErrorControl>** section in the Config.xml file to specify which errors should be ignored, and which errors should cause the migration to fail. + +4. Run the **LoadState** command on the destination computer. Specify the same set of .xml files that you specified when you used the **ScanState** command. However, you do not have to specify the Config.xml file, unless you want to exclude some of the files and settings that you migrated to the store. For example, you might want to migrate the My Documents folder to the store, but not to the destination computer. To do this, modify the Config.xml file and specify the updated file by using the **LoadState** command. Then, the **LoadState** command will migrate only the files and settings that you want to migrate. For more information about the how the **LoadState** command processes and migrates data, see [How USMT Works](usmt-how-it-works.md). + + For example, the following command migrates the files and settings: + + `loadstate \\server\migration\mystore /config:config.xml /i:migdocs.xml /i:migapp.xml /v:13 /l:load.log` + + **Note**   + Run the **LoadState** command in administrator mode. To do this, right-click **Command Prompt**, and then click **Run As Administrator**. + +5. Log off after you run the **LoadState** command. Some settings (for example, fonts, wallpaper, and screen saver settings) will not take effect until the next time that the user logs on. diff --git a/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md b/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md index c6e50f98f3..41c5fa5a8a 100644 --- a/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md +++ b/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md @@ -1,6 +1,6 @@ --- +title: Enhanced diagnostic data required by Windows Analytics (Windows 10) description: Use this article to learn more about the limit enhanced diagnostic data events policy used by Desktop Analytics -title: Windows 10 diagnostic data events and fields collected through the limit enhanced diagnostic data policy (Windows 10) keywords: privacy, diagnostic data ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/privacy/gdpr-win10-whitepaper.md b/windows/privacy/gdpr-win10-whitepaper.md index 259561932e..fb8707befe 100644 --- a/windows/privacy/gdpr-win10-whitepaper.md +++ b/windows/privacy/gdpr-win10-whitepaper.md @@ -1,6 +1,6 @@ --- -title: Beginning your General Data Protection Regulation (GDPR) journey for Windows 10 (Windows 10) -description: Use this article to understand what GDPR is and about the products Microsoft provides to help you get started towards compliance. +title: General Data Protection Regulation (GDPR) for Windows 10 +description: Use this article to understand what GDPR is and which products Microsoft provides to help you get started towards compliance. keywords: privacy, GDPR ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/privacy/windows-10-and-privacy-compliance.md b/windows/privacy/windows-10-and-privacy-compliance.md index 47ce5b00ee..04e1b3af64 100644 --- a/windows/privacy/windows-10-and-privacy-compliance.md +++ b/windows/privacy/windows-10-and-privacy-compliance.md @@ -1,6 +1,6 @@ --- +title: Windows 10 & Privacy Compliance Guide description: This article provides information to help IT and compliance professionals understand the personal data policies as related to Windows 10. -title: Windows 10 & Privacy Compliance - A Guide for IT and Compliance Professionals keywords: privacy, GDPR, compliance ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index f6351c2c0b..5e8590a6eb 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -1,10 +1,10 @@ ### YamlMime:YamlDocument documentType: LandingData -title: Resolved issues in Windows 10, version 1809 and Windows Server 2019 +title: Resolved issues in Windows 10 version 1809 & Windows Server 2019 metadata: document_id: - title: Resolved issues in Windows 10, version 1809 and Windows Server 2019 + title: Resolved issues in Windows 10 version 1809 and Windows Server 2019 description: Resolved issues in Windows 10, version 1809 or Windows Server 2019 keywords: ["Resolved issues in Windows 10", "Windows 10", "Windows 10 1809"] ms.localizationpriority: high diff --git a/windows/security/identity-protection/credential-guard/credential-guard-considerations.md b/windows/security/identity-protection/credential-guard/credential-guard-considerations.md index 60d02adb71..6d52746433 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-considerations.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-considerations.md @@ -1,5 +1,5 @@ --- -title: Considerations when using Windows Defender Credential Guard (Windows 10) +title: Advice while using Windows Defender Credential Guard (Windows 10) description: Considerations and recommendations for certain scenarios when using Windows Defender Credential Guard in Windows 10. ms.prod: w10 ms.mktglfcycl: explore diff --git a/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md b/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md index 9197e2d07d..013c2a4130 100644 --- a/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md +++ b/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md @@ -1,6 +1,6 @@ --- -title: Planning an adequate number of Windows Server 2019 Domain Controllers for Windows Hello for Business deployments -description: Planning an adequate number of Windows Server 2019 Domain Controllers for Windows Hello for Business deployments +title: Having enough Domain Controllers for Windows Hello for Business deployments +description: Guide for planning to have an adequate number of Windows Server 2016 or later Domain Controllers for Windows Hello for Business deployments keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, key-trust ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md index 4563787217..2228b98923 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md @@ -1,6 +1,6 @@ --- -title: Prepare and Deploy Windows Server 2016 Active Directory Federation Services (Windows Hello for Business) -description: How toPrepare and Deploy Windows Server 2016 Active Directory Federation Services for Windows Hello for Business +title: Prepare & Deploy Windows AD FS (Windows Hello for Business) +description: How to Prepare and Deploy Windows Server 2016 Active Directory Federation Services (AD FS) for Windows Hello for Business keywords: identity, PIN, biometric, Hello, passport ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md index ff7f5deec6..e3a382622c 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md @@ -1,6 +1,6 @@ --- -title: Validate and Deploy Multifactor Authentication Services (MFA) (Windows Hello for Business) -description: How to Validate and Deploy Multifactor Authentication Services for Windows Hello for Business +title: Validate and Deploy MFA for Windows Hello for Business +description: How to Validate and Deploy Multifactor Authentication (MFA) Services for Windows Hello for Business keywords: identity, PIN, biometric, Hello, passport ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md index cd40458897..5304c0af57 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md @@ -1,5 +1,5 @@ --- -title: Hybrid Windows Hello for Business Prerequisites (Windows Hello for Business) +title: Hybrid Windows Hello for Business Prerequisites description: Prerequisites for Hybrid Windows Hello for Business Deployments keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust ms.prod: w10 diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md index 2e7fe96f8c..e2d7d4fc9c 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md @@ -1,5 +1,5 @@ --- -title: Configuring Hybrid Windows Hello for Business - Directory Synchronization +title: Configure Hybrid Windows Hello for Business Directory Synch description: Discussing Directory Synchronization in a Hybrid deployment of Windows Hello for Business keywords: identity, PIN, biometric, Hello, passport, WHFB, dirsync, connect ms.prod: w10 diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md index 653af360e6..351e8af565 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md @@ -1,5 +1,5 @@ --- -title: Windows Hello for Business Key Trust New Installation (Windows Hello for Business) +title: Windows Hello for Business Key Trust New Installation description: Windows Hello for Business Hybrid baseline deployment keywords: identity, PIN, biometric, Hello, passport, WHFB ms.prod: w10 diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md index 149f51780f..dcb12f2345 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md @@ -1,6 +1,6 @@ --- -title: Configuring Hybrid key trust Windows Hello for Business - Directory Synchronization -description: Configuring Hybrid key trust Windows Hello for Business - Directory Synchronization +title: Hybrid Windows Hello for Business - Directory Synchronization +description: How to configure Hybrid key trust Windows Hello for Business - Directory Synchronization keywords: identity, PIN, biometric, Hello, passport, WHFB, dirsync, connect, Windows Hello, AD Connect, key trust, key-trust ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md index 9e2635b984..41d11386b2 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md @@ -1,5 +1,5 @@ --- -title: Configuring Hybrid key trust Windows Hello for Business - Public Key Infrastructure (PKI) +title: Configure Hybrid key trust Windows Hello for Business description: Configuring Hybrid key trust Windows Hello for Business - Public Key Infrastructure (PKI) keywords: identity, PIN, biometric, Hello, passport, WHFB, PKI, Windows Hello, key trust, key-trust ms.prod: w10 diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md index 122053e414..440ab1ea70 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md @@ -1,5 +1,5 @@ --- -title: Configuring Hybrid key trust Windows Hello for Business - Group Policy +title: Configure Hybrid Windows Hello for Business - Group Policy description: Configuring Hybrid key trust Windows Hello for Business - Group Policy keywords: identity, PIN, biometric, Hello, passport, WHFB, Windows Hello, key trust, key-trust ms.prod: w10 diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md index 48f2e98a5d..5202ec8d19 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md @@ -1,5 +1,5 @@ --- -title: Configure Hybrid Windows Hello for Business key trust Settings (Windows Hello for Business) +title: Configure Hybrid Windows Hello for Business key trust Settings description: Configuring Windows Hello for Business Settings in Hybrid deployment keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, certificate-trust ms.prod: w10 diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md index a6364bad59..5d99da0e10 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md @@ -1,6 +1,6 @@ --- -title: Prepare and Deploy Windows Server 2016 Active Directory Federation Services (Windows Hello for Business) -description: How toPrepare and Deploy Windows Server 2016 Active Directory Federation Services for Windows Hello for Business +title: Prepare & Deploy Windows Active Directory Federation Services +description: How to Prepare and Deploy Windows Server 2016 Active Directory Federation Services for Windows Hello for Business keywords: identity, PIN, biometric, Hello, passport ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md index f4e3ef2457..14785da0c9 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md @@ -1,6 +1,6 @@ --- -title: Validate and Deploy Multifactor Authentication Services (MFA) (Windows Hello for Business) -description: How to Validate and Deploy Multifactor Authentication Services for Windows Hello for Business +title: Validate and Deploy MFA for Windows Hello for Business +description: How to Validate and Deploy Multifactor Authentication (MFA) Services for Windows Hello for Business with key trust keywords: identity, PIN, biometric, Hello, passport ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md b/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md index bf7360d125..a6029ffb2a 100644 --- a/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md +++ b/windows/security/information-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md @@ -1,5 +1,5 @@ --- -title: Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate (Windows 10) +title: Make & verify an EFS Data Recovery Agent certificate (Windows 10) description: Follow these steps to create, verify, and perform a quick recovery by using a Encrypting File System (EFS) Data Recovery Agent (DRA) certificate. keywords: Windows Information Protection, WIP, EDP, Enterprise Data Protection ms.prod: w10 diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md index 46f40cb732..b11eab1f7d 100644 --- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md +++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md @@ -1,5 +1,5 @@ --- -title: Recommended Enterprise Cloud Resources and Neutral Resources network settings with Windows Information Protection (WIP) (Windows 10) +title: Recommended URLs for Windows Information Protection (Windows 10) description: Recommended URLs to add to your Enterprise Cloud Resources and Neutral Resources network settings, when used with Windows Information Protection (WIP). keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection, WIP and Neutral Resources, WIP and Enterprise Cloud Resources ms.prod: w10 diff --git a/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md b/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md index 958ab7847d..94df767962 100644 --- a/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md +++ b/windows/security/information-protection/windows-information-protection/using-owa-with-wip.md @@ -1,5 +1,5 @@ --- -title: Using Outlook on the web with Windows Information Protection (WIP) (Windows 10) +title: Using Outlook on the web with WIP (Windows 10) description: Options for using Outlook on the web with Windows Information Protection (WIP). keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection, WIP and OWA configuration, OWA, Outlook Web access ms.prod: w10 diff --git a/windows/security/threat-protection/auditing/event-1108.md b/windows/security/threat-protection/auditing/event-1108.md index 148ab10880..0aaa3b6a99 100644 --- a/windows/security/threat-protection/auditing/event-1108.md +++ b/windows/security/threat-protection/auditing/event-1108.md @@ -1,5 +1,5 @@ --- -title: 1108(S) The event logging service encountered an error while processing an incoming event published from %1. (Windows 10) +title: The event logging service encountered an error (Windows 10) description: Describes security event 1108(S) The event logging service encountered an error while processing an incoming event published from %1. ms.pagetype: security ms.prod: w10 diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md index 75322ba7e9..fad5b7ff52 100644 --- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md +++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md @@ -1,5 +1,5 @@ --- -title: Monitor the central access policies associated with files and folders (Windows 10) +title: Monitor central access policies for files or folders (Windows 10) description: This topic for the IT professional describes how to monitor changes to the central access policies that are associated with files and folders when you are using advanced security auditing options to monitor dynamic access control objects. ms.assetid: 2ea8fc23-b3ac-432f-87b0-6a16506e8eed ms.reviewer: diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md index 48dacf418f..4a9c0d7f29 100644 --- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md +++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md @@ -1,5 +1,5 @@ --- -title: Monitor the central access policies that apply on a file server (Windows 10) +title: Monitor central access policies on a file server (Windows 10) description: This topic for the IT professional describes how to monitor changes to the central access policies that apply to a file server when using advanced security auditing options to monitor dynamic access control objects. ms.assetid: 126b051e-c20d-41f1-b42f-6cff24dcf20c ms.reviewer: diff --git a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md index 56b249d3be..f60748b37b 100644 --- a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md +++ b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md @@ -1,6 +1,6 @@ --- -title: Windows Defender Application Control and virtualization-based protection of code integrity (Windows 10) -description: Hardware and software system integrity hardening capabilites that can be deployed separately or in combination. +title: WDAC and virtualization-based code integrity (Windows 10) +description: Hardware and software system integrity-hardening capabilites that can be deployed separately or in combination with Windows Defender Application Control (WDAC). keywords: virtualization, security, malware, device guard ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md index 58f95ecbc5..92fb064c14 100644 --- a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md @@ -1,6 +1,6 @@ --- -title: Requirements and deployment planning guidelines for virtualization-based protection of code integrity (Windows 10) -description: To help you plan a deployment of Microsoft Windows Defender Device Guard, this article describes hardware requirements for Windows Defender Device Guard, outlines deployment approaches, and describes methods for code signing and the deployment of code integrity policies. +title: Deployment guidelines for Windows Defender Device Guard (Windows 10) +description: To help you plan a deployment of Microsoft Windows Defender Device Guard, this article describes hardware requirements for Windows Defender Device Guard, outlines deployment approaches, and describes methods for code signing and code integrity policies. keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy @@ -21,7 +21,7 @@ ms.author: dansimp - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Computers must meet certain hardware, firmware, and software requirements in order to take adavantage of all of the virtualization-based security (VBS) features in [Windows Defender Device Guard](../device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md). Computers lacking these requirements can still be protected by Windows Defender Application Control (WDAC) policies—the difference is that those computers will not be as hardened against certain threats. +Computers must meet certain hardware, firmware, and software requirements in order to take advantage of all of the virtualization-based security (VBS) features in [Windows Defender Device Guard](../device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md). Computers lacking these requirements can still be protected by Windows Defender Application Control (WDAC) policies—the difference is that those computers will not be as hardened against certain threats. For example, hardware that includes CPU virtualization extensions and SLAT will be hardened against malware that attempts to gain access to the kernel, but without protected BIOS options such as “Boot only from internal hard drive,” the computer could be booted (by a malicious person who has physical access) into an operating system on bootable media. diff --git a/windows/security/threat-protection/mbsa-removal-and-guidance.md b/windows/security/threat-protection/mbsa-removal-and-guidance.md index d1b7cfa967..0490c8a9a6 100644 --- a/windows/security/threat-protection/mbsa-removal-and-guidance.md +++ b/windows/security/threat-protection/mbsa-removal-and-guidance.md @@ -1,6 +1,6 @@ --- -title: Microsoft Baseline Security Analyzer (MBSA) removal and guidance on alternative solutions -description: This article documents the removal of MBSA and alternative solutions +title: Guide to removing Microsoft Baseline Security Analyzer (MBSA) +description: This article documents the removal of Microsoft Baseline Security Analyzer (MBSA) and provides alternative solutions keywords: MBSA, security, removal ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md index fafeee5fd2..a5cb971e01 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md @@ -1,5 +1,5 @@ --- -title: Onboard Windows 10 machines using Group Policy to Microsoft Defender ATP +title: Onboard Windows 10 devices to Microsoft Defender ATP via Group Policy description: Use Group Policy to deploy the configuration package on Windows 10 machines so that they are onboarded to the service. keywords: configure machines using group policy, machine management, configure Windows ATP machines, onboard Microsoft Defender Advanced Threat Protection machines, group policy search.product: eADQiWindows 10XVcnh diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md index ffedb17951..b751dd036f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md @@ -1,5 +1,5 @@ --- -title: Help prevent ransomware and threats from encrypting and changing files +title: Prevent ransomware and threats from encrypting and changing files description: Files in default folders can be protected from being changed by malicious apps. This can help prevent ransomware from encrypting your files. keywords: controlled folder access, windows 10, windows defender, ransomware, protect, files, folders search.product: eADQiWindows 10XVcnh diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md index 1c3591492a..703b8a3412 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md +++ b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md @@ -1,6 +1,6 @@ --- -title: Update data retention settings for Microsoft Defender Advanced Threat Protection -description: Update data retention settings by selecting between 30 days to 180 days. +title: Update how long data is stored by MDATP +description: Update data retention settings for Microsoft Defender Advanced Threat Protection (MDATP) by selecting between 30 days to 180 days. keywords: data, storage, settings, retention, update search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md index a9b824cade..3e5cd564fb 100644 --- a/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md +++ b/windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md @@ -1,7 +1,7 @@ --- manager: dansimp ms.author: dansimp -title: Override Process Mitigation Options to help enforce app-related security policies (Windows 10) +title: Override Process Mitigation Options (Windows 10) description: How to use Group Policy to override individual Process Mitigation Options settings and to help enforce specific app-related security policies. keywords: Process Mitigation Options, Mitigation Options, Group Policy Mitigation Options ms.prod: w10 diff --git a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md index 94c7732647..f6beb6795e 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md @@ -1,5 +1,5 @@ --- -title: Accounts Limit local account use of blank passwords to console logon only (Windows 10) +title: Accounts Limit local account use of blank passwords (Windows 10) description: Describes the best practices, location, values, and security considerations for the Accounts Limit local account use of blank passwords to console logon only security policy setting. ms.assetid: a1bfb58b-1ae8-4de9-832b-aa889a6e64bd ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md index efc1e8ea6f..45bae7d793 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md +++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md @@ -1,5 +1,5 @@ --- -title: Devices Restrict CD-ROM access to locally logged-on user only (Windows 10) +title: Restrict CD-ROM access to locally logged-on user (Windows 10) description: Describes the best practices, location, values, and security considerations for the Devices Restrict CD-ROM access to locally logged-on user only security policy setting. ms.assetid: 8b8f44bb-84ce-4f18-af30-ab89910e234d ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md index 91a78717ea..0115f58fc6 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md @@ -1,5 +1,5 @@ --- -title: Domain controller Refuse machine account password changes (Windows 10) +title: Refuse machine account password changes policy (Windows 10) description: Describes the best practices, location, values, and security considerations for the Domain controller Refuse machine account password changes security policy setting. ms.assetid: 5a7fa2e2-e1a8-4833-90f7-aa83e3b456a9 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md index 82dc9c1898..dcf829294a 100644 --- a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md +++ b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md @@ -1,5 +1,5 @@ --- -title: Enable computer and user accounts to be trusted for delegation (Windows 10) +title: Trust computer and user accounts for delegation (Windows 10) description: Describes the best practices, location, values, policy management, and security considerations for the Enable computer and user accounts to be trusted for delegation security policy setting. ms.assetid: 524062d4-1595-41f3-8ce1-9c85fd21497b ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md index 456a194ed3..c1da92162e 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md @@ -1,5 +1,5 @@ --- -title: Interactive logon Message text for users attempting to log on (Windows 10) +title: Interactive Logon Message text (Windows 10) description: Describes the best practices, location, values, management, and security considerations for the Interactive logon Message text for users attempting to log on security policy setting. ms.assetid: fcfe8a6d-ca65-4403-b9e6-2fa017a31c2e ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md index a3a1d550e4..2f0c68363e 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md @@ -1,5 +1,5 @@ --- -title: Microsoft network client Send unencrypted password to third-party SMB servers (Windows 10) +title: Microsoft network client Send unencrypted password (Windows 10) description: Describes the best practices, location, values, policy management and security considerations for the Microsoft network client Send unencrypted password to third-party SMB servers security policy setting. ms.assetid: 97a76b93-afa7-4dd9-bb52-7c9e289b6017 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md index 130fb31904..51a7a62dde 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md @@ -1,5 +1,5 @@ --- -title: Microsoft network server Attempt S4U2Self to obtain claim information (Windows 10) +title: Microsoft network server Attempt S4U2Self (Windows 10) description: Describes the best practices, location, values, management, and security considerations for the Microsoft network server Attempt S4U2Self to obtain claim information security policy setting. ms.assetid: e4508387-35ed-4a3f-a47c-27f8396adbba ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md index 42270f6a74..56ba9ce742 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md @@ -1,5 +1,5 @@ --- -title: Network access Do not allow anonymous enumeration of SAM accounts and shares (Windows 10) +title: Network access Do not allow anonymous enumeration (Windows 10) description: Describes the best practices, location, values, and security considerations for the Network access Do not allow anonymous enumeration of SAM accounts and shares security policy setting. ms.assetid: 3686788d-4cc7-4222-9163-cbc7c3362d73 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md index 3951aa3864..0e3279dc6e 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md @@ -1,5 +1,5 @@ --- -title: Network access Let Everyone permissions apply to anonymous users (Windows 10) +title: Let Everyone permissions apply to anonymous users (Windows 10) description: Describes the best practices, location, values, policy management and security considerations for the Network access Let Everyone permissions apply to anonymous users security policy setting. ms.assetid: cdbc5159-9173-497e-b46b-7325f4256353 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md index ddad0a8565..c8d671e6b6 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md @@ -1,5 +1,5 @@ --- -title: Network security Restrict NTLM NTLM authentication in this domain (Windows 10) +title: Network security Restrict NTLM in this domain (Windows 10) description: Describes the best practices, location, values, management aspects, and security considerations for the Network Security Restrict NTLM NTLM authentication in this domain security policy setting. ms.assetid: 4c7884e9-cc11-4402-96b6-89c77dc908f8 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md index c2a02e239d..0e229ebce6 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md @@ -1,5 +1,5 @@ --- -title: Network security Restrict NTLM Outgoing NTLM traffic to remote servers (Windows 10) +title: Network security Restrict NTLM Outgoing traffic (Windows 10) description: Describes the best practices, location, values, management aspects, and security considerations for the Network Security Restrict NTLM Outgoing NTLM traffic to remote servers security policy setting. ms.assetid: 63437a90-764b-4f06-aed8-a4a26cf81bd1 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md index e814cda2fd..b3e5bb9c6c 100644 --- a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md +++ b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md @@ -1,5 +1,5 @@ --- -title: Shutdown Clear virtual memory pagefile - security policy setting (Windows 10) +title: Shutdown Clear virtual memory pagefile (Windows 10) description: Describes the best practices, location, values, policy management and security considerations for the Shutdown Clear virtual memory pagefile security policy setting. ms.assetid: 31400078-6c56-4891-a6df-6dfb403c4bc9 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md index fc1b6be023..f055b88d86 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md @@ -1,5 +1,5 @@ --- -title: SMBv1 Microsoft network client Digitally sign communications (always) (Windows 10) +title: Always sign SMBv1 network client communications (Windows 10) description: For SMBv1 only, describes the best practices, location, values, policy management and security considerations for the Microsoft network client Digitally sign communications (always) security policy setting. ms.assetid: 4b7b0298-b130-40f8-960d-60418ba85f76 ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md index c6c7912ae9..92e19e7cda 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md @@ -1,5 +1,5 @@ --- -title: User Account Control Behavior of the elevation prompt for standard users (Windows 10) +title: Behavior of the elevation prompt for standard users (Windows 10) description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Behavior of the elevation prompt for standard users security policy setting. ms.assetid: 1eae7def-8f6c-43b6-9474-23911fdc01ba ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md index 7683b3beec..47e4c3b995 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md @@ -1,5 +1,5 @@ --- -title: User Account Control Only elevate UIAccess applications that are installed in secure locations (Windows 10) +title: Only elevate UIAccess app installed in secure location (Windows 10) description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Only elevate UIAccess applications that are installed in secure locations security policy setting. ms.assetid: 4333409e-a5be-4f2f-8808-618f53abd22c ms.reviewer: diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md index 6361e34ee2..9c85a319b8 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md @@ -1,5 +1,5 @@ --- -title: User Account Control Run all administrators in Admin Approval Mode (Windows 10) +title: UAC Run all administrators in Admin Approval Mode (Windows 10) description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Run all administrators in Admin Approval Mode security policy setting. ms.assetid: b838c561-7bfc-41ef-a7a5-55857259c7bf ms.reviewer: diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md index 039a888196..7591c17136 100644 --- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md @@ -1,5 +1,5 @@ --- -title: Allow COM object registration in a Windows Defender Application Control policy (Windows 10) +title: Allow COM object registration in a WDAC policy (Windows 10) description: You can allow COM object registration in a Windows Defender Application Control policy. keywords: whitelisting, security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md index 3b75aaec82..099c30bac7 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md @@ -1,5 +1,5 @@ --- -title: Determine which apps are digitally signed on a reference device (Windows 10) +title: Find digitally signed apps on a reference device (Windows 10) description: This topic for the IT professional describes how to use AppLocker logs and tools to determine which applications are digitally signed. ms.assetid: 24609a6b-fdcb-4083-b234-73e23ff8bcb8 ms.reviewer: diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md index 44a181aa71..0e40237b7b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md @@ -1,5 +1,5 @@ --- -title: Document the Group Policy structure and AppLocker rule enforcement (Windows 10) +title: Document Group Policy structure & AppLocker rule enforcement (Windows 10) description: This planning topic describes what you need to investigate, determine, and record in your application control policies plan when you use AppLocker. ms.assetid: 389ffa8e-11fc-49ff-b0b1-89553e6fb6e5 ms.reviewer: diff --git a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md index a866996a6f..b86dfe2687 100644 --- a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md @@ -1,6 +1,6 @@ --- -title: Audit Windows Defender Application Control (WDAC) policies (Windows 10) -description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core. +title: Audit Windows Defender Application Control policies (Windows 10) +description: Windows Defender Application Control (WDAC) restricts which applications users are allowed to run and the code that runs in the system core. keywords: whitelisting, security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md index 7bbbc5f8e5..781b9fd9be 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md @@ -1,6 +1,6 @@ --- -title: Deploy Windows Defender Application Control (WDAC) policies by using Group Policy (Windows 10) -description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core. +title: Deploy WDAC policies via Group Policy (Windows 10) +description: Windows Defender Application Control (WDAC) restricts which applications users are allowed to run and the code that runs in the system core. keywords: whitelisting, security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md index e6b57b9722..022007f730 100644 --- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md @@ -1,6 +1,6 @@ --- -title: Manage packaged apps with Windows Defender Application Control (Windows 10) -description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core. +title: Manage packaged apps with WDAC (Windows 10) +description: Windows Defender Application Control (WDAC) restricts which applications users are allowed to run and the code that runs in the system core. keywords: whitelisting, security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md index 01d8f1abb4..ef1a7fdc46 100644 --- a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md @@ -1,6 +1,6 @@ --- -title: Merge Windows Defender Application Control (WDAC) policies (Windows 10) -description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core. +title: Merge Windows Defender Application Control policies (Windows 10) +description: Windows Defender Application Control (WDAC) restricts which applications users are allowed to run and the code that runs in the system core. keywords: whitelisting, security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md index 2d05216e90..f58c81c02c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md +++ b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md @@ -1,6 +1,6 @@ --- -title: Plan for Windows Defender Application Control policy management (Windows 10) -description: Plan for Windows Defender Application Control policy management. +title: Plan for WDAC policy management (Windows 10) +description: How to plan for Windows Defender Application Control (WDAC) policy management. keywords: whitelisting, security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: w10 diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md index 183701e0a9..22a50b0c24 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md @@ -1,5 +1,5 @@ --- -title: Querying Application Control events centrally using Advanced hunting (Windows 10) +title: Query Application Control events with Advanced Hunting (Windows 10) description: Learn about Windows Defender Application Guard and how it helps to combat malicious content and malware out on the Internet. keywords: whitelisting, security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb diff --git a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md index 94432cdc5e..8e16e1695e 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md @@ -1,5 +1,5 @@ --- -title: Frequently asked questions - Windows Defender Application Guard (Windows 10) +title: FAQ - Windows Defender Application Guard (Windows 10) description: Learn about the commonly asked questions and answers for Windows Defender Application Guard. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md index 125c5b3514..6f9c6ff4ff 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md @@ -1,5 +1,5 @@ --- -title: Testing scenarios using Windows Defender Application Guard in your business or organization (Windows 10) +title: Testing scenarios with Windows Defender Application Guard (Windows 10) description: Suggested testing scenarios for Windows Defender Application Guard, showing how it works in both Standalone and Enterprise-managed mode. ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md index 4cbc411cdd..a7def9d5fd 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md +++ b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md @@ -1,5 +1,5 @@ --- -title: Windows Defender System Guard How a hardware-based root of trust helps protect Windows 10 (Windows 10) +title: How a Windows Defender System Guard helps protect Windows 10 description: Windows Defender System Guard in Windows 10 uses a hardware-based root of trust to securely protect systems against firmware exploits. ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: diff --git a/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md index 0f576ccc0f..8aba164682 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md +++ b/windows/security/threat-protection/windows-defender-system-guard/system-guard-how-hardware-based-root-of-trust-helps-protect-windows.md @@ -1,5 +1,5 @@ --- -title: Windows Defender System Guard How a hardware-based root of trust helps protect Windows 10 (Windows 10) +title: How a Windows Defender System Guard helps protect Windows 10 description: Windows Defender System Guard in Windows 10 uses a hardware-based root of trust to securely protect systems against firmware exploits. ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.reviewer: diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md index 02be1db95f..49d318d5fe 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md @@ -1,6 +1,6 @@ --- -title: Checklist Creating Rules for Clients of a Standalone Isolated Server Zone (Windows 10) -description: Checklist Creating Rules for Clients of a Standalone Isolated Server Zone +title: Create Rules for Standalone Isolated Server Zone Clients (Windows 10) +description: Checklist for when creating rules for clients of a Standalone Isolated Server Zone ms.assetid: 6a5e6478-add3-47e3-8221-972549e013f6 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md b/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md index 5dae7a9636..61f12fe05d 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md @@ -1,5 +1,5 @@ --- -title: Configure the Workstation Authentication Certificate Template (Windows 10) +title: Configure the Workstation Authentication Template (Windows 10) description: Configure the Workstation Authentication Certificate Template ms.assetid: c3ac9960-6efc-47c1-bd69-d9d4bf84f7a6 ms.reviewer: diff --git a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md index 83f35fe206..d67461d012 100644 --- a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md +++ b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md @@ -1,6 +1,6 @@ --- -title: Designing a Windows Defender Firewall with Advanced Security Strategy (Windows 10) -description: Designing a Windows Defender Firewall Strategy +title: Designing a Windows Defender Firewall Strategy (Windows 10) +description: Designing a Windows Defender Firewall with Advanced Security Strategy ms.assetid: 6d98b184-33d6-43a5-9418-4f24905cfd71 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md index 992c8390e8..0c27975e1b 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md @@ -1,5 +1,5 @@ --- -title: Gathering Information about Your Current Network Infrastructure (Windows 10) +title: Gathering Info about Your Network Infrastructure (Windows 10) description: Gathering Information about Your Current Network Infrastructure ms.assetid: f98d2b17-e71d-4ffc-b076-118b4d4782f9 ms.reviewer: diff --git a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md index 9bdbf322d4..5e3a16c452 100644 --- a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md +++ b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md @@ -1,6 +1,6 @@ --- -title: Identifying Your Windows Defender Firewall with Advanced Security Deployment Goals (Windows 10) -description: Identifying Your Windows Defender Firewall with Advanced Security Deployment Goals +title: Identify Goals for your WFAS Deployment (Windows 10) +description: Identifying Your Windows Defender Firewall with Advanced Security (WFAS) Deployment Goals ms.assetid: 598cf45e-2e1c-4947-970f-361dfa264bba ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md index 126a5f0dc2..b055c8d636 100644 --- a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md +++ b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md @@ -1,5 +1,5 @@ --- -title: Modify GPO Filters to Apply to a Different Zone or Version of Windows (Windows 10) +title: Modify GPO Filters (Windows 10) description: Modify GPO Filters to Apply to a Different Zone or Version of Windows ms.assetid: 24ede9ca-a501-4025-9020-1129e2cdde80 ms.reviewer: diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md index 9e395fc16f..bce220a506 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md @@ -1,5 +1,5 @@ --- -title: Open the Group Policy Management Console to Windows Defender Firewall (Windows 10) +title: Open a GPO to Windows Defender Firewall (Windows 10) description: Open the Group Policy Management Console to Windows Defender Firewall with Advanced Security ms.assetid: 5090b2c8-e038-4905-b238-19ecf8227760 ms.reviewer: diff --git a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md index 8909c58454..e8ec3acdbe 100644 --- a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md @@ -1,5 +1,5 @@ --- -title: Planning to Deploy Windows Defender Firewall with Advanced Security (Windows 10) +title: Plan to Deploy Windows Defender Firewall with Advanced Security (Windows 10) description: Planning to Deploy Windows Defender Firewall with Advanced Security ms.assetid: 891a30c9-dbf5-4a88-a279-00662b9da48e ms.reviewer: diff --git a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md index 1a0ea617b9..26796b6814 100644 --- a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md +++ b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md @@ -1,6 +1,6 @@ --- -title: Understanding the Windows Defender Firewall with Advanced Security Design Process (Windows 10) -description: Understanding the Windows Defender Firewall with Advanced Security Design Process +title: Understand WFAS Deployment (Windows 10) +description: Resources for helping you understand the Windows Defender Firewall with Advanced Security (WFAS) Design Process ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md index 05befcbc72..d91723c3d2 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md @@ -1,5 +1,5 @@ --- -title: Windows Defender Firewall with Advanced Security Deployment Guide (Windows 10) +title: Deploy Windows Defender Firewall with Advanced Security (Windows 10) description: Windows Defender Firewall with Advanced Security Deployment Guide ms.assetid: 56b51b97-1c38-481e-bbda-540f1216ad56 ms.reviewer: