deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 12:53:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merged PR 13414: 12/14 PM Publish

Browse Source
This commit is contained in:
Huaping Yu (Beyondsoft Consulting Inc)
2018-12-14 23:26:50 +00:00
parent db1a0c6d67 d3f99a931c
commit b2a8350440
4 changed files with 16 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
devices/surface/surface-diagnostic-toolkit-business.md
View File

@ -28,7 +28,7 @@ Specifically, SDT for Business enables you to:
To run SDT for Business, download the components listed in the following table. To run SDT for Business, download the components listed in the following table.
>[!NOTE] >[!NOTE]
>In contrast to the way you typically install MSI packages, the SDT distributable MSI package can only be created by running Windows Installer (MSI.exe) at a command prompt and setting the custom flag `ADMINMODE = 1`. For details, see [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md). >In contrast to the way you typically install MSI packages, the SDT distributable MSI package can only be created by running Windows Installer (msiexec.exe) at a command prompt and setting the custom flag `ADMINMODE = 1`. For details, see [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md).
Mode | Primary scenarios | Download | Learn more Mode | Primary scenarios | Download | Learn more
--- | --- | --- | --- --- | --- | --- | ---

3
windows/deployment/update/windows-as-a-service.md
View File

@ -6,7 +6,7 @@ ms.topic: landing-page
ms.manager: elizapo ms.manager: elizapo
author: lizap author: lizap
ms.author: elizapo ms.author: elizapo
ms.date: 12/05/2018 ms.date: 12/12/2018
ms.localizationpriority: high ms.localizationpriority: high
--- ---
# Windows as a service # Windows as a service
@ -25,6 +25,7 @@ Windows 10 is the most secure version of Windows yet. Learn what updates we rele
The latest news: The latest news:
<ul compact style="list-style: none"> <ul compact style="list-style: none">
<li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Measuring-Delivery-Optimization-and-its-impact-to-your-network/ba-p/301809#M409">Measuring Delivery Optimization and its impact to your network</a> - December 13, 2018</li>
<li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181">LTSC: What is it, and when should it be used?</a> - November 29, 2018</li> <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181">LTSC: What is it, and when should it be used?</a> - November 29, 2018</li>
<li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Local-Experience-Packs-What-are-they-and-when-should-you-use/ba-p/286841">Local Experience Packs: What are they and when should you use them?</a> - November 14, 2018</li> <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Local-Experience-Packs-What-are-they-and-when-should-you-use/ba-p/286841">Local Experience Packs: What are they and when should you use them?</a> - November 14, 2018</li>
<li><a href="https://blogs.windows.com/windowsexperience/2018/11/13/resuming-the-rollout-of-the-windows-10-october-2018-update/#amAFU5YS1igMQRoB.97">Resuming the Rollout of the Windows 10 October 2018 Update</a> - November 13, 2018</li> <li><a href="https://blogs.windows.com/windowsexperience/2018/11/13/resuming-the-rollout-of-the-windows-10-october-2018-update/#amAFU5YS1igMQRoB.97">Resuming the Rollout of the Windows 10 October 2018 Update</a> - November 13, 2018</li>

30
windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md
View File

@ -309,33 +309,6 @@ The following fields are available:
- **isTrustletRunning:** Indicates whether an enhanced security component is currently running - **isTrustletRunning:** Indicates whether an enhanced security component is currently running
- **isVsmCfg:** Flag indicating whether virtual secure mode is configured or not - **isVsmCfg:** Flag indicating whether virtual secure mode is configured or not
## Microsoft.Windows.Security.Certificates.PinRulesCaCertUsedAnalytics
The Microsoft.Windows.Security.Certificates.Pin\*Analytics events summarize which server certificates the client encounters. By using this event with Windows Analytics, organizations can use this to determine potential scope and impact of pending certificate revocations or expirations.
The following fields are available:
- **certBinary:** Binary blob of public certificate as presented to the client (does not include any private keys)
- **certThumbprint:** Certificate thumbprint
## Microsoft.Windows.Security.Certificates.PinRulesCheckedAnalytics
The Microsoft.Windows.Security.Certificates.Pin\*Analytics events summarize which server certificates the client encounters. By using this event with Windows Analytics, organizations can use this to determine potential scope and impact of pending certificate revocations or expirations.
The following fields are available:
- **caThumbprints:** Intermediate certificate thumbprints
- **rootThumbprint:** Root certificate thumbprint
- **serverName:** Server name associated with the certificate
- **serverThumbprint:** Server certificate thumbprint
- **statusBits:** Certificate status
## Microsoft.Windows.Security.Certificates.PinRulesServerCertUsedAnalytics
The Microsoft.Windows.Security.Certificates.Pin\*Analytics events summarize which server certificates the client encounters. By using this event with Windows Analytics, organizations can use this to determine potential scope and impact of pending certificate revocations or expirations.
The following fields are available:
- **certBinary:** Binary blob of public certificate as presented to the client (does not include any private keys)
- **certThumbprint:** Certificate thumbprint
## Microsoft.Windows.Security.Winlogon.SystemBootStop ## Microsoft.Windows.Security.Winlogon.SystemBootStop
System boot has completed. System boot has completed.
@ -437,5 +410,8 @@ A previous revision of this list stated that a field named PartA_UserSid was a m
### Office events added ### Office events added
In Windows 10, version 1809 (also applies to versions 1709 and 1803 starting with [KB 4462932](https://support.microsoft.com/help/4462932/windows-10-update-kb4462932) and [KB 4462933](https://support.microsoft.com/help/4462933/windows-10-update-kb4462933) respectively), 16 events were added, describing Office app launch and availability. These events were added to improve the precision of Office data in Windows Analytics. In Windows 10, version 1809 (also applies to versions 1709 and 1803 starting with [KB 4462932](https://support.microsoft.com/help/4462932/windows-10-update-kb4462932) and [KB 4462933](https://support.microsoft.com/help/4462933/windows-10-update-kb4462933) respectively), 16 events were added, describing Office app launch and availability. These events were added to improve the precision of Office data in Windows Analytics.
### CertAnalytics events removed
In Windows 10, version 1809 (also applies to versions 1709 and 1803 starting with [KB 4462932](https://support.microsoft.com/help/4462932/windows-10-update-kb4462932) and [KB 4462933](https://support.microsoft.com/help/4462933/windows-10-update-kb4462933) respectively), 3 "CertAnalytics" events were removed, as they are no longer required for Windows Analytics.
>[!NOTE] >[!NOTE]
>You can use the Windows Diagnostic Data Viewer to observe and review events and their fields as described in this topic. >You can use the Windows Diagnostic Data Viewer to observe and review events and their fields as described in this topic.

12
windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
View File

@ -10,7 +10,7 @@ ms.sitesec: library
ms.pagetype: security ms.pagetype: security
author: mjcaparas author: mjcaparas
ms.localizationpriority: medium ms.localizationpriority: medium
ms.date: 11/02/2018 ms.date: 12/14/2018
--- ---
# Onboard servers to the Windows Defender ATP service # Onboard servers to the Windows Defender ATP service
@ -109,7 +109,15 @@ Agent Resource | Ports
| winatp-gw-aue.microsoft.com |443 | | winatp-gw-aue.microsoft.com |443 |
## Windows Server, version 1803 and Windows Server 2019 ## Windows Server, version 1803 and Windows Server 2019
To onboard Windows Server, version 1803 or Windows Server 2019, use the same method used when onboarding Windows 10 machines. For more information, see [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md). Support for Windows Server, version 1803 and Windows 2019 provides deeper insight into activities happening on the server, coverage for kernel and memory attack detection, and enables response actions on Windows Server endpoint as well. To onboard Windows Server, version 1803 or Windows Server 2019, use the same method used when onboarding Windows 10 machines.
Supported tools include:
- Local script
- Group Policy
- System Center Configuration Manager 2012 / 2012 R2 1511 / 1602
- VDI onboarding scripts for non-persistent machines
For more information, see [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md). Support for Windows Server, version 1803 and Windows 2019 provides deeper insight into activities happening on the server, coverage for kernel and memory attack detection, and enables response actions on Windows Server endpoint as well.
1. Configure Windows Defender ATP onboarding settings on the server. For more information, see [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md). 1. Configure Windows Defender ATP onboarding settings on the server. For more information, see [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md).