diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json index 5d581c9574..70cc3d7d3b 100644 --- a/.openpublishing.publish.config.json +++ b/.openpublishing.publish.config.json @@ -510,6 +510,9 @@ "notification_subscribers": [ "elizapo@microsoft.com" ], + "sync_notification_subscribers": [ + "daniha@microsoft.com" + ], "branches_to_filter": [ "" ], @@ -518,6 +521,7 @@ "skip_source_output_uploading": false, "need_preview_pull_request": true, "resolve_user_profile_using_github": true, + "contribution_branch_mappings": {}, "dependent_repositories": [ { "path_to_root": "_themes.pdf", diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 8f3ea8a965..3e1b8abf95 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -13929,5 +13929,15 @@ "redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", "redirect_document_id": false }, +{ +"source_path": "windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis", +"redirect_document_id": false +}, +{ +"source_path": "windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-atp/threat-analytics", +"redirect_document_id": true +}, ] } diff --git a/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md b/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md index 72e501af4b..808a874dba 100644 --- a/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/add-employees-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how to add employees to the Enterprise Mode Site List Portal. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Add employees to the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md index 595d31fa6f..877885d8e6 100644 --- a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md +++ b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-1-schema-and-enterprise-mode-tool.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: You can add multiple sites to your Enterprise Mode site list by creating a custom text (TXT) or Extensible Markup Language (XML) file of problematic sites and then adding it in the Bulk add from file area of the Enterprise Mode Site List Manager. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 20aF07c4-051a-451f-9c46-5a052d9Ae27c title: Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.1) (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md index c8077d0f92..4cdf9fe53e 100644 --- a/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md +++ b/browsers/enterprise-mode/add-multiple-sites-to-enterprise-mode-site-list-using-the-version-2-schema-and-enterprise-mode-tool.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Add multiple sites to your Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2). -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: da659ff5-70d5-4852-995e-4df67c4871dd title: Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2) (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md index 6ebdd65d65..49b19fe506 100644 --- a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md +++ b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-1-enterprise-mode-tool.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that's designed to emulate either Windows Internet Explorer 7 or Windows Internet Explorer 8, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 042e44e8-568d-4717-8fd3-69dd198bbf26 title: Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.1) (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md index 4c6531c174..59729cbde1 100644 --- a/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md +++ b/browsers/enterprise-mode/add-single-sites-to-enterprise-mode-site-list-using-the-version-2-enterprise-mode-tool.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Enterprise Mode is a compatibility mode that runs on Internet Explorer 11, letting websites render using a modified browser configuration that''s designed to emulate either Windows Internet Explorer 8 or Windows Internet Explorer 7, avoiding the common compatibility problems associated with web apps written and tested on older versions of Internet Explorer. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 513e8f3b-fedf-4d57-8d81-1ea4fdf1ac0b title: Add sites to the Enterprise Mode site list using the Enterprise Mode Site List Manager (schema v.2) (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/administrative-templates-and-ie11.md b/browsers/enterprise-mode/administrative-templates-and-ie11.md index 8f22d23808..6adfc06b58 100644 --- a/browsers/enterprise-mode/administrative-templates-and-ie11.md +++ b/browsers/enterprise-mode/administrative-templates-and-ie11.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: security description: Administrative templates and Internet Explorer 11 -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 2b390786-f786-41cc-bddc-c55c8a4c5af3 title: Administrative templates and Internet Explorer 11 (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md b/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md index 24078753c7..d6f1772b59 100644 --- a/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/approve-change-request-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how Approvers can approve open change requests in the Enterprise Mode Site List Portal. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Approve a change request using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md b/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md index cf0a576c0e..417dc77cad 100644 --- a/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md +++ b/browsers/enterprise-mode/check-for-new-enterprise-mode-site-list-xml-file.md @@ -6,8 +6,8 @@ ms.prod: ie11 ms.mktglfcycl: deploy ms.pagetype: appcompat ms.sitesec: library -author: eross-msft -ms.author: lizross +author: jdeckerms +ms.author: dougkim ms.date: 08/14/2017 ms.localizationpriority: low --- diff --git a/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md b/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md index 4752275c43..5329325698 100644 --- a/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md +++ b/browsers/enterprise-mode/collect-data-using-enterprise-site-discovery.md @@ -2,7 +2,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy description: Use Internet Explorer to collect data on computers running Windows Internet Explorer 8 through Internet Explorer 11 on Windows 10, Windows 8.1, or Windows 7. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: a145e80f-eb62-4116-82c4-3cc35fd064b6 title: Collect data using Enterprise Site Discovery diff --git a/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md b/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md index 36066de055..290b39d09d 100644 --- a/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/configure-settings-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how the Administrator can use the Settings page to set up Groups and roles, the Enterprise Mode Site List Portal environment, and the freeze dates for production changes. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Use the Settings page to finish setting up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md b/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md index 4dfb16435c..771b794761 100644 --- a/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/create-change-request-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how to create a change request within the Enterprise Mode Site List Portal. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Create a change request using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md index 13fd5539cd..04ba74d178 100644 --- a/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md +++ b/browsers/enterprise-mode/delete-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md @@ -3,7 +3,7 @@ ms.localizationpriority: low description: Delete a single site from your global Enterprise Mode site list. ms.pagetype: appcompat ms.mktglfcycl: deploy -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 41413459-b57f-48da-aedb-4cbec1e2981a title: Delete sites from your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md index c6e03cadc0..f19c3e402a 100644 --- a/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md +++ b/browsers/enterprise-mode/edit-the-enterprise-mode-site-list-using-the-enterprise-mode-site-list-manager.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: You can use Internet Explorer 11 and the Enterprise Mode Site List Manager to change whether page rendering should use Enterprise Mode or the default Internet Explorer browser configuration. You can also add, remove, or delete associated comments. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 76aa9a85-6190-4c3a-bc25-0f914de228ea title: Edit the Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md b/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md index b7d9399d77..30ded77dda 100644 --- a/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md +++ b/browsers/enterprise-mode/enterprise-mode-overview-for-ie11.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Use the topics in this section to learn how to set up and use Enterprise Mode, Enterprise Mode Site List Manager, and the Enterprise Mode Site List Portal for your company. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: d52ba8ba-b3c7-4314-ba14-0610e1d8456e title: Enterprise Mode for Internet Explorer 11 (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md b/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md index 52ada71083..ef400d46d7 100644 --- a/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md +++ b/browsers/enterprise-mode/enterprise-mode-schema-version-1-guidance.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 7 or Windows 8.1 Update. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 17c61547-82e3-48f2-908d-137a71938823 title: Enterprise Mode schema v.1 guidance (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md b/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md index ebc229a1db..2460a2a53d 100644 --- a/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md +++ b/browsers/enterprise-mode/enterprise-mode-schema-version-2-guidance.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Use the Enterprise Mode Site List Manager to create and update your Enterprise Mode site list for devices running Windows 10. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 909ca359-5654-4df9-b9fb-921232fc05f5 title: Enterprise Mode schema v.2 guidance (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md index 8e779574c1..929957a727 100644 --- a/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md +++ b/browsers/enterprise-mode/export-your-enterprise-mode-site-list-from-the-enterprise-mode-site-list-manager.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: After you create your Enterprise Mode site list in the Enterprise Mode Site List Manager, you can export the contents to an Enterprise Mode (.EMIE) file. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 9ee7c13d-6fca-4446-bc22-d23a0213a95d title: Export your Enterprise Mode site list from the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md index 963880eb75..7be8b574cc 100644 --- a/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md +++ b/browsers/enterprise-mode/remove-all-sites-from-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Instructions about how to clear all of the sites from your global Enterprise Mode site list. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 90f38a6c-e0e2-4c93-9a9e-c425eca99e97 title: Remove all sites from your Enterprise Mode site list using the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md b/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md index 546fe2133e..37eb813af3 100644 --- a/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md +++ b/browsers/enterprise-mode/remove-sites-from-a-local-compatibililty-view-list.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Instructions about how to remove sites from a local compatibility view list. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: f6ecaa75-ebcb-4f8d-8721-4cd6e73c0ac9 title: Remove sites from a local compatibility view list (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md b/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md index 8b15e9ddd5..ca2d5c72aa 100644 --- a/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md +++ b/browsers/enterprise-mode/remove-sites-from-a-local-enterprise-mode-site-list.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Instructions about how to remove sites from a local Enterprise Mode site list. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: c7d6dd0b-e264-42bb-8c9d-ac2f837018d2 title: Remove sites from a local Enterprise Mode site list (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md index 7ec1867c5b..e41bd71f67 100644 --- a/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md +++ b/browsers/enterprise-mode/save-your-site-list-to-xml-in-the-enterprise-mode-site-list-manager.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: You can save your current Enterprise Mode compatibility site list as an XML file, for distribution and use by your managed systems. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 254a986b-494f-4316-92c1-b089ee8b3e0a title: Save your site list to XML in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md b/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md index f49ad80a75..17ab2b26ac 100644 --- a/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/schedule-production-change-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how Administrators can schedule approved change requests for production in the Enterprise Mode Site List Portal. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Schedule approved change requests for production using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md index 5292cf3570..17eed9cd2e 100644 --- a/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md +++ b/browsers/enterprise-mode/search-your-enterprise-mode-site-list-in-the-enterprise-mode-site-list-manager.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Search to see if a specific site already appears in your global Enterprise Mode site list. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: e399aeaf-6c3b-4cad-93c9-813df6ad47f9 title: Search your Enterprise Mode site list in the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md b/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md index b67d27b563..4dff80ce73 100644 --- a/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md +++ b/browsers/enterprise-mode/set-up-enterprise-mode-logging-and-data-collection.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Set up and turn on Enterprise Mode logging and data collection in your organization. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 2e98a280-f677-422f-ba2e-f670362afcde title: Set up Enterprise Mode logging and data collection (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/set-up-enterprise-mode-portal.md b/browsers/enterprise-mode/set-up-enterprise-mode-portal.md index fe5fe752fc..a3ec81f18b 100644 --- a/browsers/enterprise-mode/set-up-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/set-up-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how to set up the Enterprise Mode Site List Portal for your organization. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Set up the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/turn-off-enterprise-mode.md b/browsers/enterprise-mode/turn-off-enterprise-mode.md index 12a4ee7ffd..31c3feec2f 100644 --- a/browsers/enterprise-mode/turn-off-enterprise-mode.md +++ b/browsers/enterprise-mode/turn-off-enterprise-mode.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: How to turn Enteprrise Mode off temporarily while testing websites and how to turn it off completely if you no longer want to to use it. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 5027c163-71e0-49b8-9dc0-f0a7310c7ae3 title: Turn off Enterprise Mode (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md b/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md index 5781fe3fc0..74225acded 100644 --- a/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md +++ b/browsers/enterprise-mode/turn-on-local-control-and-logging-for-enterprise-mode.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Turn on local user control and logging for Enterprise Mode. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 6622ecce-24b1-497e-894a-e1fd5a8a66d1 title: Turn on local control and logging for Enterprise Mode (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md b/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md index fbe6ddff8f..b85478da24 100644 --- a/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md +++ b/browsers/enterprise-mode/use-the-enterprise-mode-site-list-manager.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Use the topics in this section to learn about how to use the Enterprise Mode Site List Manager. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: f4dbed4c-08ff-40b1-ab3f-60d3b6e8ec9b title: Use the Enterprise Mode Site List Manager (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/using-enterprise-mode.md b/browsers/enterprise-mode/using-enterprise-mode.md index 313a07e8e8..244e102f38 100644 --- a/browsers/enterprise-mode/using-enterprise-mode.md +++ b/browsers/enterprise-mode/using-enterprise-mode.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: security description: Use this section to learn about how to turn on and use IE7 Enterprise Mode or IE8 Enterprise Mode. -author: eross-msft +author: jdeckerms ms.prod: ie11 ms.assetid: 238ead3d-8920-429a-ac23-02f089c4384a title: Using IE7 Enterprise Mode or IE8 Enterprise Mode (Internet Explorer 11 for IT Pros) diff --git a/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md b/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md index 94de88ee4e..9ceeafb141 100644 --- a/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/verify-changes-preprod-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how to make sure your change request info is accurate within the pre-production environment of the Enterprise Mode Site List Portal. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Verify your changes using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md b/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md index 00fb099e3f..5ec5b93f66 100644 --- a/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md +++ b/browsers/enterprise-mode/verify-changes-production-enterprise-mode-portal.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how the Requester makes sure that the change request update is accurate within the production environment using the Enterprise Mode Site List Portal. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: Verify the change request update in the production environment using the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md b/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md index 29d1d8afe9..8ed5e12491 100644 --- a/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md +++ b/browsers/enterprise-mode/view-apps-enterprise-mode-site-list.md @@ -3,7 +3,7 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: appcompat description: Details about how to view the active Enterprise Mode Site List from the Enterprise Mode Site List Portal. -author: eross-msft +author: jdeckerms ms.prod: ie11 title: View the apps included in the active Enterprise Mode Site List from the Enterprise Mode Site List Portal (Internet Explorer 11 for IT Pros) ms.sitesec: library diff --git a/devices/hololens/hololens-install-localized.md b/devices/hololens/hololens-install-localized.md index 8e5a72150a..e3729388c3 100644 --- a/devices/hololens/hololens-install-localized.md +++ b/devices/hololens/hololens-install-localized.md @@ -28,6 +28,7 @@ In order to switch to the Chinese or Japanese version of HoloLens, you’ll need 8. Select **Install software** and follow the instructions to finish installing. 9. Once the build is installed, HoloLens setup will start automatically. Put on the device and follow the setup directions. +When you’re done with setup, go to **Settings -> Update & Security -> Windows Insider Program** and check that you’re configured to receive the latest preview builds. The Chinese/Japanese version of HoloLens will be kept up-to-date with the latest preview builds via the Windows Insider Program the same way the English version is. ## Note for language support diff --git a/devices/surface-hub/TOC.md b/devices/surface-hub/TOC.md index f4df822a14..d24333f170 100644 --- a/devices/surface-hub/TOC.md +++ b/devices/surface-hub/TOC.md @@ -32,7 +32,7 @@ #### [Wireless network management](wireless-network-management-for-surface-hub.md) ### [Install apps on your Surface Hub](install-apps-on-surface-hub.md) ### [Configure Surface Hub Start menu](surface-hub-start-menu.md) -### [Set up and use Whiteboard to Whiteboard collaboration](whiteboard-collaboration.md) +### [Set up and use Microsoft Whiteboard](whiteboard-collaboration.md) ### [End a Surface Hub meeting with End session](i-am-done-finishing-your-surface-hub-meeting.md) ### [Sign in to Surface Hub with Microsoft Authenticator](surface-hub-authenticator-app.md) ### [Save your BitLocker key](save-bitlocker-key-surface-hub.md) diff --git a/devices/surface-hub/create-a-device-account-using-office-365.md b/devices/surface-hub/create-a-device-account-using-office-365.md index dc313f8f5d..2d52e698c0 100644 --- a/devices/surface-hub/create-a-device-account-using-office-365.md +++ b/devices/surface-hub/create-a-device-account-using-office-365.md @@ -190,15 +190,15 @@ Enable the device account with Skype for Business. In order to enable Skype for Business, your environment will need to meet the following prerequisites: -- You'll need to have Lync Online (Plan 2) or higher in your O365 plan. The plan needs to support conferencing capability. -- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Lync Online (Plan 3). +- You'll need to have Skype for Business Online Standalone Plan 2 or higher in your O365 plan. The plan needs to support conferencing capability. +- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Skype for Business Online Standalone Plan 3. - Your tenant users must have Exchange mailboxes. -- Your Surface Hub account does require a Lync Online (Plan 2) or Lync Online (Plan 3) license, but it does not require an Exchange Online license. +- Your Surface Hub account does require a Skype for Business Online Standalone Plan 2 or Skype for Business Online Standalone Plan 3 license, but it does not require an Exchange Online license. 1. Start by creating a remote PowerShell session from a PC. ```PowerShell - Import-Module LyncOnlineConnector + Import-Module SkypeOnlineConnector $cssess=New-CsOnlineSession -Credential $cred Import-PSSession $cssess -AllowClobber ``` @@ -348,15 +348,15 @@ Enable the device account with Skype for Business. In order to enable Skype for Business, your environment will need to meet the following prerequisites: -- You'll need to have Lync Online (Plan 2) or higher in your O365 plan. The plan needs to support conferencing capability. -- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Lync Online (Plan 3). +- You'll need to have Skype for Business Online Standalone Plan 2 or higher in your O365 plan. The plan needs to support conferencing capability. +- If you need Enterprise Voice (PSTN telephony) using telephony service providers for the Surface Hub, you need Skype for Business Online Standalone Plan 3. - Your tenant users must have Exchange mailboxes. -- Your Surface Hub account does require a Lync Online (Plan 2) or Lync Online (Plan 3) license, but it does not require an Exchange Online license. +- Your Surface Hub account does require a Skype for Business Online Standalone Plan 2 or Skype for Business Online Standalone Plan 3 license, but it does not require an Exchange Online license. 1. Start by creating a remote PowerShell session from a PC. ```PowerShell - Import-Module LyncOnlineConnector + Import-Module SkypeOnlineConnector $cssess=New-CsOnlineSession -Credential $cred Import-PSSession $cssess -AllowClobber ``` @@ -372,8 +372,7 @@ If you aren't sure what value to use for the `RegistrarPool` parameter in your e 3. To enable your Surface Hub account for Skype for Business Server, run this cmdlet: ```PowerShell - Enable-CsMeetingRoom -Identity $strEmail -RegistrarPool - "sippoolbl20a04.infra.lync.com" -SipAddressType EmailAddress + Enable-CsMeetingRoom -Identity $strEmail -RegistrarPool "sippoolbl20a04.infra.lync.com" -SipAddressType EmailAddress ``` diff --git a/devices/surface-hub/manage-surface-hub.md b/devices/surface-hub/manage-surface-hub.md index 9518232b8b..da29b06c9d 100644 --- a/devices/surface-hub/manage-surface-hub.md +++ b/devices/surface-hub/manage-surface-hub.md @@ -32,7 +32,7 @@ Learn about managing and updating Surface Hub. | [Manage Surface Hub settings](manage-surface-hub-settings.md) |Topics related to managing Surface Hub settings: accessibility, device account, device reset, fully qualified domain name, Windows Update settings, and wireless network | | [Install apps on your Surface Hub]( https://technet.microsoft.com/itpro/surface-hub/install-apps-on-surface-hub) | Admins can install apps can from either the Microsoft Store or the Microsoft Store for Business.| [Configure Surface Hub Start menu](surface-hub-start-menu.md) | Use MDM to customize the Start menu for Surface Hub. -| [Set up and use Whiteboard to Whiteboard collaboration](whiteboard-collaboration.md) | Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board. | +| [Set up and use Microsoft Whiteboard](whiteboard-collaboration.md) | Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board. | | [End a meeting with End session](https://technet.microsoft.com/itpro/surface-hub/i-am-done-finishing-your-surface-hub-meeting) | At the end of a meeting, users can tap **End session** to clean up any sensitive data and prepare the device for the next meeting.| | [Sign in to Surface Hub with Microsoft Authenticator](surface-hub-authenticator-app.md) | You can sign in to a Surface Hub without a password using the Microsoft Authenticator app, available on Android and iOS. | | [Save your BitLocker key](https://technet.microsoft.com/itpro/surface-hub/save-bitlocker-key-surface-hub) | Every Surface Hub is automatically set up with BitLocker drive encryption software. Microsoft strongly recommends that you make sure you back up your BitLocker recovery keys.| diff --git a/devices/surface-hub/provisioning-packages-for-surface-hub.md b/devices/surface-hub/provisioning-packages-for-surface-hub.md index ad3c3d7d7e..5698f985b0 100644 --- a/devices/surface-hub/provisioning-packages-for-surface-hub.md +++ b/devices/surface-hub/provisioning-packages-for-surface-hub.md @@ -8,7 +8,7 @@ ms.sitesec: library author: jdeckerms ms.author: jdecker ms.topic: article -ms.date: 07/27/2017 +ms.date: 03/16/2019 ms.localizationpriority: medium --- @@ -267,13 +267,13 @@ If your build is successful, the name of the provisioning package, output direct ## Apply a provisioning package to Surface Hub -There are two options for deploying provisioning packages to a Surface Hub. You can apply a provisioning packing [during the first run wizard](#apply-a-provisioning-package-during-first-run), or using [Settings](#apply-a-package-using-settings). +There are two options for deploying provisioning packages to a Surface Hub. [During the first run wizard](#apply-a-provisioning-package-during-first-run), you can apply a provisioning package that installs certificates, or after the first-run program is complete, you can apply a provisioning package that configures settings, apps, and certificates by using [Settings](#apply-a-package-using-settings). ### Apply a provisioning package during first run > [!IMPORTANT] -> Only use provisioning packages to install certificates during first run. Use the **Settings** app to install apps and apply other settings. +> During the first-run program, you can only use provisioning packages to install certificates. Use the **Settings** app to install apps and apply other settings. 1. When you turn on the Surface Hub for the first time, the first-run program will display the [**Hi there page**](first-run-program-surface-hub.md#first-page). Make sure that the settings are properly configured before proceeding. diff --git a/devices/surface-hub/surface-hub-recovery-tool.md b/devices/surface-hub/surface-hub-recovery-tool.md index 262bcc5d2a..e6e0eeb5c1 100644 --- a/devices/surface-hub/surface-hub-recovery-tool.md +++ b/devices/surface-hub/surface-hub-recovery-tool.md @@ -46,9 +46,9 @@ If the tool is unsuccessful in reimaging your drive, please contact [Surface Hub ## Download Surface Hub Recovery Tool -Surface Hub Recovery Tool is available for download from [Surface Hub Tools for IT](https://www.microsoft.com/download/details.aspx?id=52210) under the file name **SurfaceHub_Recovery_v1.4.137.0.msi**. +Surface Hub Recovery Tool is available for download from [Surface Hub Tools for IT](https://www.microsoft.com/download/details.aspx?id=52210) under the file name **SurfaceHub_Recovery_v1.14.137.0.msi**. -To start the download, click **Download**, choose **SurfaceHub_Recovery_v1.4.137.0.msi** from the list, and click **Next**. From the pop-up, choose one of the following: +To start the download, click **Download**, choose **SurfaceHub_Recovery_v1.14.137.0.msi** from the list, and click **Next**. From the pop-up, choose one of the following: - Click **Run** to start the installation immediately. - Click **Save** to copy the download to your computer for later installation. @@ -96,4 +96,4 @@ The reimaging process appears halted/frozen | It is safe to close and restart th The drive isn’t recognized by the tool | Verify that the Surface Hub SSD is enumerated as a Lite-On drive, "LITEON L CH-128V2S USB Device". If the drive is recognized as another named device, your current cable isn’t compatible. Try another cable or one of the tested cable listed above. Error: -2147024809 | Open Disk Manager and remove the partitions on the Surface Hub drive. Disconnect and reconnect the drive to the host machine. Restart the imaging tool again. -If the tool is unsuccessful in reimaging your drive, please contact [Surface Hub Support](https://support.microsoft.com/help/4037644/surface-contact-surface-warranty-and-software-support). \ No newline at end of file +If the tool is unsuccessful in reimaging your drive, please contact [Surface Hub Support](https://support.microsoft.com/help/4037644/surface-contact-surface-warranty-and-software-support). diff --git a/devices/surface-hub/whiteboard-collaboration.md b/devices/surface-hub/whiteboard-collaboration.md index 10f086f358..9a68506147 100644 --- a/devices/surface-hub/whiteboard-collaboration.md +++ b/devices/surface-hub/whiteboard-collaboration.md @@ -1,27 +1,29 @@ --- -title: Set up and use Whiteboard to Whiteboard collaboration +title: Set up and use Microsoft Whiteboard description: Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board. ms.prod: surface-hub ms.sitesec: library author: jdeckerms ms.author: jdecker ms.topic: article -ms.date: 07/12/2018 +ms.date: 03/18/2019 ms.localizationpriority: medium --- -# Set up and use Whiteboard to Whiteboard collaboration (Surface Hub) +# Set up and use Microsoft Whiteboard + -The Microsoft Whiteboard app includes the capability for two Surface Hubs to collaborate in real time on the same board. >[!IMPORTANT] ->A new Microsoft Whiteboard app was released on July 12, 2018. The existing Whiteboard app that comes installed on Surface Hub and is pinned to the Welcome screen cannot collaborate with the new version that can be installed on the PC. If people in your organization install the new Whiteboard on their PCs, you must install the new Whiteboard on Surface Hub to enable collaboration. To learn more about installing the new Whiteboard on your Surface Hub, see [Whiteboard on Surface Hub opt-in](https://go.microsoft.com/fwlink/p/?LinkId=2004277). +>A new Microsoft Whiteboard app was released on July 12, 2018. The existing Whiteboard app that comes installed on Surface Hub and is pinned to the Welcome screen has been renamed **Microsoft Whiteboard 2016**. Microsoft Whiteboard 2016 will be automatically upgraded by May 21, 2019, and the collaboration service for the legacy app will stop functioning after June 7, 2019. For more details, see [Enable Microsoft Whiteboard on Surface Hub](https://support.office.com/article/enable-microsoft-whiteboard-on-surface-hub-b5df4539-f735-42ff-b22a-0f5e21be7627?ui=en-US&rs=en-US&ad=US). + +The Microsoft Whiteboard app includes the capability for two Surface Hubs to collaborate in real time on the same board. By ensuring that your organization meets the prerequisites, users can then ink, collaborate, and ideate together. ![example of a whiteboard with collaborative inking](images/wb-collab-example.png) -## Prerequisites for Whiteboard to Whiteboard collaboration +## Prerequisites for Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016) To get Whiteboard to Whiteboard collaboration up and running, you’ll need to make sure your organization meets the following requirements: @@ -36,7 +38,7 @@ To get Whiteboard to Whiteboard collaboration up and running, you’ll need to m >[!NOTE] >Collaborative sessions can only take place between users within the same tenant, so users outside of your organization won’t be able to join even if they have a Surface Hub. -## Using Whiteboard to Whiteboard collaboration +## Using Whiteboard to Whiteboard collaboration (Microsoft Whiteboard 2016) To start a collaboration session: diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md index df57cb2c6d..c83a77a2bd 100644 --- a/devices/surface/TOC.md +++ b/devices/surface/TOC.md @@ -24,6 +24,7 @@ ## [Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices](enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md) ## [Manage Surface UEFI settings](manage-surface-uefi-settings.md) ### [Advanced UEFI security features for Surface Pro 3](advanced-uefi-security-features-for-surface-pro-3.md) +### [Surface System SKU reference](surface-system-sku-reference.md) ## [Surface Enterprise Management Mode](surface-enterprise-management-mode.md) ### [Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md) ### [Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md) diff --git a/devices/surface/change-history-for-surface.md b/devices/surface/change-history-for-surface.md index 9c34783c79..271b1cc5e2 100644 --- a/devices/surface/change-history-for-surface.md +++ b/devices/surface/change-history-for-surface.md @@ -13,6 +13,13 @@ ms.topic: article This topic lists new and updated topics in the Surface documentation library. +## March 2019 + +New or changed topic | Description +--- | --- +[Surface System SKU reference](surface-system-sku-reference.md) | New + + ## February 2019 New or changed topic | Description diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md index 7f519a64e2..d0e16a8292 100644 --- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md +++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md @@ -9,234 +9,59 @@ ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library author: brecords +ms.date: 11/15/2018 ms.author: jdecker ms.topic: article --- -# Download the latest firmware and drivers for Surface devices +# Deploying the latest firmware and drivers for Surface devices +Although Surface devices are typically automatically updated with the latest device drivers and firmware via Windows Update, sometimes it's necessary to download and install updates manually, such as during a Windows deployment. +## Downloading MSI files +To download MSI files, refer to the following Microsoft Support page: + +- [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware-for-surface)
+Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices. -This article provides a list of the available downloads for Surface devices and links to download the drivers and firmware for your device. +## Deploying MSI files +Driver and firmware updates for Surface devices containing all required cumulative updates are packaged in separate MSI files for specific versions of Windows 10. +In the name of each of these files you will find a Windows build number, this number indicates the minimum supported build required to install the drivers and firmware contained within. Refer to [Windows 10 release information](https://docs.microsoft.com/windows/windows-10/release-information) for a list of the build numbers for each version. For example, to install the drivers contained in SurfacePro6_Win10_16299_1900307_0.msi file you must have Windows 10 Fall Creators Update version 1709, or newer installed on your Surface Pro 6. -Although Surface devices are typically automatically updated with the latest device drivers and firmware via Windows Update, sometimes it's necessary to download and install updates manually, such as during a Windows deployment. If you need to install drivers and firmware separately from Windows Update, you can find the requisite files on the Microsoft Download Center. -On the Microsoft Download Center page for your device, you will find several files available. These files allow you to deploy drivers and firmware in various ways. You can read more about the different deployment methods for Surface drivers and firmware in [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md). +### Surface MSI naming convention +Each .MSI file is named in accordance with a formula that begins with the product and Windows release information, followed by the Windows build number and version number, and ending with the revision of version number. SurfacePro6_Win10_16299_1900307_0.msi is classified as follows: -Driver and firmware updates for Surface devices are **cumulative updates** which provide comprehensive roundups of all of the latest files for the Surface device running that version of Windows. +**Example:** +SurfacePro6_Win10_16299_1900307_0.msi : -Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices and are detailed here in this article. +| Product | Windows release | Build | Version | Revision of version | +| --- | --- | --- | --- | --- | +| SurfacePro6 | Win10 | 16299 | 1900307 | 0 | +| | | | Indicates key date and sequence information | Indicates release history of the MSI file | +| | | | **19:** Signifies the year (2019)
**003**: Signifies that it’s the third release of 2019
**07**: Signifies the product version number. (Surface Pro 6 is officially the seventh version of Surface Pro.) | **0:** Signifies it's the first release of version 1900307 and has not been re-released for any reason. | ->[!NOTE] ->Many of the filenames contain a placeholder denoted with *xxxxxx*, representing the latest version number listed in the Microsoft Download Center. A battery charge of 40 percent or greater is required before you install firmware to a Surface device. See [Microsoft Support article KB2909710](https://go.microsoft.com/fwlink/p/?LinkId=618106) for more information. +Look to the **version** number to determine the latest files that contain the most recent security updates. For example, you might need to install the newest file from the following list: -## Surface Laptop 2 -Download the following updates for [Surface Laptop 2 from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57515). -* SurfaceLaptop2_Win10_xxxxx_xxxxxxx_x.msi – Cumulative firmware and driver update package for Windows 10 +- SurfacePro6_Win10_16299_1900307_0.msi +- SurfacePro6_Win10_17134_1808507_3.msi +- SurfacePro6_Win10_17763_1808707_3.msi -## Surface Pro 6 +The first file — SurfacePro6_Win10_16299_1900307_0.msi — is the newest because its VERSION field has the newest build in 2019; the other files are from 2018. -Download the following updates for [Surface Pro 6 from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57514). - -* SurfacePro6_Win10_xxxxx_xxxxxxx_x.msi – Cumulative firmware and driver update package for Windows 10 - -## Surface Go - -Download the following updates for [Surface Go from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57439). -* SurfaceGO_Win10_xxxxx_xxxxxxx_x.msi - Cumulative firmware and driver update package for Windows 10 - -## Surface Go with LTE Advanced - -Download the following updates for [Surface Go with LTE Advanced from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57601). - -* SurfaceGo_Win10_xxxxx_xxxxxxx_LTE_1.msi - Cumulative firmware and driver update package for Windows 10 including optional WinTab drivers. - -## Surface Book 2 - -Download the following updates for [Surface Book 2 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=56261). -* SurfaceBook2_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -## Surface Laptop - -Download the following updates for [Surface Laptop from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55489). -* SurfaceLaptop_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -## Surface Pro - -Download the following updates for [Surface Pro (Model 1796) from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55484). - -* SurfacePro_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -## Surface Pro with LTE Advanced - -Download the following updates for [Surface Pro with LTE Advanced from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=56278). - -* SurfacePro_LTE_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -## Surface Pro 6 - -Download the following updates for [Surface Pro 6 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=57514). - -* SurfacePro6_Win10_xxxxx_xxxxxxx_x.msi - -## Surface Studio - - -Download the following updates for [Surface Studio from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=54311). - -* SurfaceStudio_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -## Surface Studio 2 - -Download the following updates for [Surface Studio 2 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=57593). - -* SurfaceStudio2_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -## Surface Book - - -Download the following updates [for Surface Book from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49497). - -- SurfaceBook_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -- SurfaceBook_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10 - -- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1 - -## Surface Pro 4 - - -Download the following updates for [Surface Pro 4 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49498). - -- SurfacePro4_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -- SurfacePro4_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10 - -- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1 - -## Surface Pro 3 - - -Download the following updates [for Surface Pro 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=38826). - -- SurfacePro3_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -- SurfacePro3_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10 - -- SurfacePro3_Win8x_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 8.1 Pro - -- SurfacePro3_Win8x_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro - -- Surface Firmware Tool.msi – Firmware tools for UEFI management - -- Surface Pro 3 AssetTag.zip – UEFI Asset Tag management tool - -- Surface Pro 3 KB2978002.zip – Update for Quick Note-Taking Experience feature in Windows 8.1 - -- Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1 - -- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1 - -## Surface 3 - - -Download the following updates [for Surface 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49040). - -- Surface3_WiFi_Win10_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 10 - -- Surface3_WiFi_Win10_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10 - -- Surface3_WiFi_Win8x_xxxxx_xxxxxx.msi – Cumulative firmware and driver update package for Windows 8.1 Pro - -- Surface3_WiFi_Win8x_xxxxx_xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro - -- Surface 3 AssetTag.zip – UEFI Asset Tag management tool - -- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1 - -## Surface 3 LTE - - -Download the following updates [for AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49039). - -- Surface3_4GLTE-ATT_Win10_xxxxx_xxxxxx.msi – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 10 - -- Surface3_4GLTE-ATT_Win10_xxxxx_xxxxxx.zip – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 10 - -- Surface3_4GLTE-ATT_Win8x_xxxxx_xxxxxx.msi – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 8.1 Pro - -- Surface3_4GLTE-ATT_Win8x_xxxxx_xxxxxx.zip – Surface 3 LTE AT&T - Cumulative firmware and driver update for locked carrier dependent AT&T devices in the US, running Windows 8.1 Pro - -- Surface 3 AssetTag.zip – UEFI Asset Tag management tool - -- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1 - -Download the following updates [for non-AT&T 4G LTE versions of Surface 3 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49037). - -- Surface3_4GLTE-NorthAmericaUnlocked_Win10_xxxxx_xxxxxx.msi – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 10 - -- Surface3_4GLTE-NorthAmericaUnlocked_Win10_xxxxx_xxxxxx.zip – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 10 - -- Surface3_4GLTE-NorthAmericaUnlocked_Win8x_xxxxx_xxxxxx.msi – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 8.1 Pro - -- Surface3_4GLTE-NorthAmericaUnlocked_Win8x_xxxxx_xxxxxx.zip – Surface 3 LTE North America - Cumulative firmware and driver update for unlocked carrier independent devices in the US, running Windows 8.1 Pro - -- Surface 3 AssetTag.zip – UEFI Asset Tag management tool - -- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1 - -Download the following updates [for 4G LTE Surface 3 versions for regions outside North America from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49041). - -- Surface3_4GLTE-RestOfTheWorld_Win10_xxxxx_xxxxxx.msi – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 10 - -- Surface3_4GLTE-RestOfTheWorld_Win10_xxxxx_xxxxxx.zip – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 10 - -- Surface3_4GLTE-RestOfTheWorld_Win8x_xxxxx_xxxxxx.msi – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 8.1 Pro - -- Surface3_4GLTE-RestOfTheWorld_Win8x_xxxxx_xxxxxx.zip – Surface 3 LTE rest of the world cumulative - Cumulative firmware and driver update for carrier independent devices outside of the US, as well as for Japan, running Windows 8.1 Pro - -- Surface 3 AssetTag.zip – UEFI Asset Tag management tool - -- Wintab-xxxxx-64-bit.zip – Tablet driver update for all supported x64-based versions of Windows 8.1 - -## Surface Pro 2 - - -Download the following updates [for Surface Pro 2 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49042). - -- SurfacePro2\_Win10\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10 - -- SurfacePro2\_Win8x\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro - -- Surface Ethernet Adapter.zip – x64 Ethernet adapter drivers - -- Surface Gigabit Ethernet Adapter.zip – x64 Ethernet adapter drivers - -- Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1 - -## Surface Pro - - -Download the following updates [for Surface Pro (Model 1514) from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=49038). - -- SurfacePro\_Win10\_xxxxxx.zip – Cumulative firmware and driver update package for Windows 10 - -- Surface Pro 1 - xxxxxx.zip – Cumulative firmware and driver update package for Windows 8.1 Pro - -- Surface Ethernet Adapter.zip – x64 Ethernet adapter drivers - -- Surface Gigabit Ethernet Adapter.zip – x64 Ethernet adapter drivers - -- Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1 - -## Surface devices with Windows RT +## Supported devices +Downloadable MSI files are available for Surface devices from Surface Pro 2 and later. +[!NOTE] There are no downloadable firmware or driver updates available for Surface devices with Windows RT, including Surface RT and Surface 2. Updates can only be applied using Windows Update. -If you have additional questions on the driver pack and updates, please contact [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business). +For more information about deploying Surface drivers and firmware, refer to: + +- [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates). + +- [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business). -    diff --git a/devices/surface/surface-system-sku-reference.md b/devices/surface/surface-system-sku-reference.md new file mode 100644 index 0000000000..ca870c7065 --- /dev/null +++ b/devices/surface/surface-system-sku-reference.md @@ -0,0 +1,59 @@ +--- +title: System SKU reference (Surface) +description: See a reference of System Model and System SKU names. +keywords: uefi, configure, firmware, secure, semm +ms.prod: w10 +ms.mktglfcycl: manage +ms.pagetype: surface, devices, security +ms.sitesec: library +author: coveminer +ms.author: v-jokai +ms.topic: article +ms.date: 03/20/2019 +--- + +# System SKU reference + +This document provides a reference of System Model and System SKU names that you can use to quickly determine the machine state of a specific device using PowerShell, WMI, + +System Model and System SKU are variables stored in System Management BIOS (SMBIOS) tables in the UEFI layer of Surface devices. The System SKU name is required to differentiate between devices with the same System Model name, such as Surface Pro and Surface Pro with LTE Advanced. + +| Device | System Model | System SKU | +| ---------- | ----------- | -------------- | +| Surface 3 WiFI | Surface 3 | Surface_3 | +| Surface 3 LTE AT&T | Surface 3 | Surface_3_US1 | +| Surface 3 LTE Verizon | Surface 3 | Surface_3_US2 | +| Surface 3 LTE North America | Surface 3 | Surface_3_NAG | +| Surface 3 LTE Outside of North America and T-Mobile In Japan | Surface 3 | Surface_3_ROW | +| Surface Pro | Surface Pro | Surface_Pro_1796 | +| Surface Pro with LTE Advanced | Surface Pro | Surface_Pro_1807 | +| Surface Book 2 13inch | Surface Book 2 | Surface_Book_1832 | +| Surface Book 2 15inch | Surface Book 2 | Surface_Book_1793 | +| Surface Go Consumer | Surface Go | Surface_Go_1824_Consumer | +| Surface Go Commercial | Surface Go | Surface_Go_1824_Commercial | +| Surface Pro 6 Consumer | Surface Pro 6 | Surface_Pro_6_1796_Consumer | +| Surface Pro 6 Commercial | Surface Pro 6 | Surface_Pro_6_1796_Commercial | +| Surface Laptop 2 Consumer | Surface Laptop 2 | Surface_Laptop_2_1769_Consumer | +| Surface Laptop 2 Commercial | Surface Laptop 2 | Surface_Laptop_2_1769_Commercial | + +## Examples + +**PowerShell** + Use the following PowerShell command to pull System SKU: + + ``` +gwmi -namespace root\wmi -class MS_SystemInformation | select SystemSKU +``` + +**System Information** +You can also find the System SKU and System Model for a device in System Information. + +- Go to **Start** > **MSInfo32**. + +One example of how you could use this in Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager is as part of a Task Sequence WMI Condition. For example: + +**Task Sequence WMI Condition** + + + - WMI Namespace – Root\WMI + - WQL Query – SELECT * FROM MS_SystemInformation WHERE SystemSKU = "Surface_Pro_1796" \ No newline at end of file diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index 08390d3c46..baef69db7c 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -52,6 +52,9 @@ Enrolling Surface devices in Windows Autopilot at the time of purchase is a capa When you purchase Surface devices from a Surface partner enabled for Windows Autopilot, your new devices can be enrolled in your Windows Autopilot deployment for you by the partner. Surface partners enabled for Windows Autopilot include: -- [SHI](https://www.shi.com/Surface) -- [Insight](https://www.insight.com/en_US/buy/partner/microsoft/surface/windows-autopilot.html) - [Atea](https://www.atea.com/) +- [Connection](https://www.connection.com/brand/microsoft/microsoft-surface) +- [Insight](https://www.insight.com/en_US/buy/partner/microsoft/surface/windows-autopilot.html) +- [SHI](https://www.shi.com/Surface) + + diff --git a/education/windows/get-minecraft-for-education.md b/education/windows/get-minecraft-for-education.md index b4d1febe79..2f77a266c0 100644 --- a/education/windows/get-minecraft-for-education.md +++ b/education/windows/get-minecraft-for-education.md @@ -34,7 +34,7 @@ Teachers and IT administrators can now get early access to **Minecraft: Educatio - **Minecraft: Education Edition** requires Windows 10. - Trials or subscriptions of **Minecraft: Education Edition** are offered to education tenants that are managed by Azure Active Directory (Azure AD). - If your school doesn't have an Azure AD tenant, the [IT administrator can set one up](school-get-minecraft.md) as part of the process of getting **Minecraft: Education Edition**. - * Office 365 Education, which includes online versions of Office apps plus 1 TB online storage and [Microsoft Classroom](https://classroom.microsoft.com/), is free for teachers and students. [Sign up your school for Office 365 Education.](https://products.office.com/academic/office-365-education-plan) + * Office 365 Education, which includes online versions of Office apps plus 1 TB online storage. [Sign up your school for Office 365 Education.](https://products.office.com/academic/office-365-education-plan) * If your school has an Office 365 Education subscription, it includes a free Azure AD subscription. [Register your free Azure AD subscription.](https://msdn.microsoft.com/library/windows/hardware/mt703369%28v=vs.85%29.aspx) diff --git a/mdop/appv-v5/about-app-v-50-dynamic-configuration.md b/mdop/appv-v5/about-app-v-50-dynamic-configuration.md index 1ab5778707..87c3a92fd0 100644 --- a/mdop/appv-v5/about-app-v-50-dynamic-configuration.md +++ b/mdop/appv-v5/about-app-v-50-dynamic-configuration.md @@ -862,10 +862,10 @@ For more information about how to create the file using the App-V 5.0 Management To create the file manually, the information above in previous sections can be combined into a single file. We recommend you use files generated by the sequencer. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-app-v-50-reporting.md b/mdop/appv-v5/about-app-v-50-reporting.md index 42275f2c12..e8d03cb385 100644 --- a/mdop/appv-v5/about-app-v-50-reporting.md +++ b/mdop/appv-v5/about-app-v-50-reporting.md @@ -302,10 +302,10 @@ To retrieve report information and create reports using App-V 5.0 you must use o You should also ensure that the reporting server web service’s **Maximum Concurrent Connections** is set to a value that the server will be able to manage without impacting availability. The recommended number of **Maximum Concurrent Connections** for the **Reporting Web Service** is **10,000**. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-app-v-50-sp1.md b/mdop/appv-v5/about-app-v-50-sp1.md index f33f2f2a6c..7abef85fc1 100644 --- a/mdop/appv-v5/about-app-v-50-sp1.md +++ b/mdop/appv-v5/about-app-v-50-sp1.md @@ -36,10 +36,10 @@ This service pack contains the following changes: App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-app-v-50-sp2.md b/mdop/appv-v5/about-app-v-50-sp2.md index 0ea35eb3dd..bf06ad558b 100644 --- a/mdop/appv-v5/about-app-v-50-sp2.md +++ b/mdop/appv-v5/about-app-v-50-sp2.md @@ -160,10 +160,10 @@ App-V 5.0 SP2 provides updated documentation for the following scenarios: App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-app-v-50-sp3.md b/mdop/appv-v5/about-app-v-50-sp3.md index 6aa8082174..17c1fbf0a3 100644 --- a/mdop/appv-v5/about-app-v-50-sp3.md +++ b/mdop/appv-v5/about-app-v-50-sp3.md @@ -819,10 +819,10 @@ Client-Catalog Client-Integration Client-Orchestration Client-PackageConfig Clie App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-app-v-50.md b/mdop/appv-v5/about-app-v-50.md index c6818b20c0..53a5118e94 100644 --- a/mdop/appv-v5/about-app-v-50.md +++ b/mdop/appv-v5/about-app-v-50.md @@ -90,10 +90,10 @@ The following table displays some of the differences between App-V 4.6 and App-V App-V 5.0 is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049) (https://go.microsoft.com/fwlink/?LinkId=322049). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-app-v-51-dynamic-configuration.md b/mdop/appv-v5/about-app-v-51-dynamic-configuration.md index 45009f6404..b208eda474 100644 --- a/mdop/appv-v5/about-app-v-51-dynamic-configuration.md +++ b/mdop/appv-v5/about-app-v-51-dynamic-configuration.md @@ -960,7 +960,7 @@ You can create the dynamic configuration file using one of three methods: either To create the file manually, the information above in previous sections can be combined into a single file. We recommend you use files generated by the sequencer. -## Got a suggestion for App-V? + - Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). - For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). diff --git a/mdop/appv-v5/about-app-v-51-reporting.md b/mdop/appv-v5/about-app-v-51-reporting.md index 531f168a70..f4114c9174 100644 --- a/mdop/appv-v5/about-app-v-51-reporting.md +++ b/mdop/appv-v5/about-app-v-51-reporting.md @@ -302,10 +302,10 @@ To retrieve report information and create reports using App-V 5.1 you must use o You should also ensure that the reporting server web service’s **Maximum Concurrent Connections** is set to a value that the server will be able to manage without impacting availability. The recommended number of **Maximum Concurrent Connections** for the **Reporting Web Service** is **10,000**. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-app-v-51.md b/mdop/appv-v5/about-app-v-51.md index 700251df9c..c942fd6e40 100644 --- a/mdop/appv-v5/about-app-v-51.md +++ b/mdop/appv-v5/about-app-v-51.md @@ -506,10 +506,10 @@ Previously, the 4.6 root folder was not recognized and could not be accessed by App-V is a part of the Microsoft Desktop Optimization Pack (MDOP). MDOP is part of Microsoft Software Assurance. For more information about Microsoft Software Assurance and acquiring MDOP, see [How Do I Get MDOP](https://go.microsoft.com/fwlink/?LinkId=322049). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-client-configuration-settings.md b/mdop/appv-v5/about-client-configuration-settings.md index c39c867dbe..11e4f02114 100644 --- a/mdop/appv-v5/about-client-configuration-settings.md +++ b/mdop/appv-v5/about-client-configuration-settings.md @@ -460,10 +460,10 @@ The following table displays information about the App-V 5.0 client configuratio   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-client-configuration-settings51.md b/mdop/appv-v5/about-client-configuration-settings51.md index f26c4e4016..8ec20efe37 100644 --- a/mdop/appv-v5/about-client-configuration-settings51.md +++ b/mdop/appv-v5/about-client-configuration-settings51.md @@ -62,10 +62,10 @@ The following table displays information about the App-V 5.1 client configuratio | HideUI
**Important**  This setting is available only with App-V 5.0 SP2.| Not available. | Hides the publishing refresh progress bar. | 1 (Enabled), 0 (Disabled) | | | | ProcessesUsingVirtualComponents | Not available. | Specifies a list of process paths (that may contain wildcards), which are candidates for using dynamic virtualization (supported shell extensions, browser helper objects, and ActiveX controls). Only processes whose full path matches one of these items can use dynamic virtualization. | String | Virtualization\ProcessesUsingVirtualComponents | Empty string. | -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-the-connection-group-file.md b/mdop/appv-v5/about-the-connection-group-file.md index 38e84d391f..3719b1a019 100644 --- a/mdop/appv-v5/about-the-connection-group-file.md +++ b/mdop/appv-v5/about-the-connection-group-file.md @@ -273,10 +273,10 @@ The virtual application Microsoft Outlook is running in virtual environment **XY   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-the-connection-group-file51.md b/mdop/appv-v5/about-the-connection-group-file51.md index dc7e869f7d..4d840f5286 100644 --- a/mdop/appv-v5/about-the-connection-group-file51.md +++ b/mdop/appv-v5/about-the-connection-group-file51.md @@ -273,10 +273,10 @@ The virtual application Microsoft Outlook is running in virtual environment **XY   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-the-connection-group-virtual-environment.md b/mdop/appv-v5/about-the-connection-group-virtual-environment.md index b49f47a051..d53f043ea0 100644 --- a/mdop/appv-v5/about-the-connection-group-virtual-environment.md +++ b/mdop/appv-v5/about-the-connection-group-virtual-environment.md @@ -91,10 +91,10 @@ In the example above, when a virtualized application tries to find a specific fi - If a file named **bar.txt** exists in the virtual folder hierarchy of one application package, but not in the other, the first matching file is used. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/about-the-connection-group-virtual-environment51.md b/mdop/appv-v5/about-the-connection-group-virtual-environment51.md index 5a2e93ea4c..860efa5550 100644 --- a/mdop/appv-v5/about-the-connection-group-virtual-environment51.md +++ b/mdop/appv-v5/about-the-connection-group-virtual-environment51.md @@ -91,10 +91,10 @@ In the example above, when a virtualized application tries to find a specific fi - If a file named **bar.txt** exists in the virtual folder hierarchy of one application package, but not in the other, the first matching file is used. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md b/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md index 81060373c9..9a03e5912d 100644 --- a/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md +++ b/mdop/appv-v5/administering-app-v-50-virtual-applications-by-using-the-management-console.md @@ -94,10 +94,10 @@ The main elements of the App-V 5.0 Management Console are:   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for this App-V 5.0 deployment diff --git a/mdop/appv-v5/administering-app-v-51-by-using-powershell.md b/mdop/appv-v5/administering-app-v-51-by-using-powershell.md index 3afbaf333b..9bc74c04be 100644 --- a/mdop/appv-v5/administering-app-v-51-by-using-powershell.md +++ b/mdop/appv-v5/administering-app-v-51-by-using-powershell.md @@ -120,10 +120,10 @@ Use the following table for information about App-V 5.1 PowerShell error handlin   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md b/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md index f96d69ce14..cdba1e3c73 100644 --- a/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md +++ b/mdop/appv-v5/administering-app-v-51-virtual-applications-by-using-the-management-console.md @@ -93,10 +93,10 @@ JavaScript must be enabled on the browser that opens the Web Management Console.   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for this App-V 5.1 deployment diff --git a/mdop/appv-v5/administering-app-v-by-using-powershell.md b/mdop/appv-v5/administering-app-v-by-using-powershell.md index 05699ac77a..2e57a49140 100644 --- a/mdop/appv-v5/administering-app-v-by-using-powershell.md +++ b/mdop/appv-v5/administering-app-v-by-using-powershell.md @@ -115,10 +115,10 @@ Use the following table for information about App-V 5.0 PowerShell error handlin   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-50-capacity-planning.md b/mdop/appv-v5/app-v-50-capacity-planning.md index 58d36ab88f..f390bd34b8 100644 --- a/mdop/appv-v5/app-v-50-capacity-planning.md +++ b/mdop/appv-v5/app-v-50-capacity-planning.md @@ -936,10 +936,10 @@ Ignoring scaling requirements, the minimum number of servers necessary to provid Although there are a number of fault-tolerance strategies and technologies available, not all are applicable to a given service. Additionally, if App-V 5.0 roles are combined, certain fault-tolerance options may no longer apply due to incompatibilities. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-50-deployment-checklist.md b/mdop/appv-v5/app-v-50-deployment-checklist.md index 54ba7ffcdf..07e3aaa3b1 100644 --- a/mdop/appv-v5/app-v-50-deployment-checklist.md +++ b/mdop/appv-v5/app-v-50-deployment-checklist.md @@ -72,10 +72,10 @@ This checklist outlines the recommended steps and a high-level list of items to   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-50-planning-checklist.md b/mdop/appv-v5/app-v-50-planning-checklist.md index 4a26aa963b..58eeb4965b 100644 --- a/mdop/appv-v5/app-v-50-planning-checklist.md +++ b/mdop/appv-v5/app-v-50-planning-checklist.md @@ -78,10 +78,10 @@ This checklist outlines the recommended steps and a high-level list of items to   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-50-prerequisites.md b/mdop/appv-v5/app-v-50-prerequisites.md index 986a0450c7..122f51ecd4 100644 --- a/mdop/appv-v5/app-v-50-prerequisites.md +++ b/mdop/appv-v5/app-v-50-prerequisites.md @@ -422,10 +422,10 @@ The installation of the App-V 5.0 server on a computer that runs any previous ve   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-50-security-considerations.md b/mdop/appv-v5/app-v-50-security-considerations.md index 70bcefc977..bc02f92332 100644 --- a/mdop/appv-v5/app-v-50-security-considerations.md +++ b/mdop/appv-v5/app-v-50-security-considerations.md @@ -145,10 +145,10 @@ During App-V 5.0 Setup, setup log files are created in the **%temp%** folder of []() -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/app-v-50-sp3-prerequisites.md b/mdop/appv-v5/app-v-50-sp3-prerequisites.md index da61af1bfa..b3b1e67d35 100644 --- a/mdop/appv-v5/app-v-50-sp3-prerequisites.md +++ b/mdop/appv-v5/app-v-50-sp3-prerequisites.md @@ -635,10 +635,10 @@ Install the following prerequisite software for the App-V Remote Desktop Service   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-50-sp3-supported-configurations.md b/mdop/appv-v5/app-v-50-sp3-supported-configurations.md index fdd9c0c8ac..92d0906da7 100644 --- a/mdop/appv-v5/app-v-50-sp3-supported-configurations.md +++ b/mdop/appv-v5/app-v-50-sp3-supported-configurations.md @@ -442,10 +442,10 @@ The App-V client supports the following versions of System Center Configuration For more information about how Configuration Manager integrates with App-V, see [Planning for App-V Integration with Configuration Manager](https://technet.microsoft.com/library/jj822982.aspx). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-50-supported-configurations.md b/mdop/appv-v5/app-v-50-supported-configurations.md index c45a8eda10..f2e59289eb 100644 --- a/mdop/appv-v5/app-v-50-supported-configurations.md +++ b/mdop/appv-v5/app-v-50-supported-configurations.md @@ -510,10 +510,10 @@ You can use Microsoft System Center 2012 Configuration Manager or System Cen For more information about how Configuration Manager integrates with App-V, see [Planning for App-V Integration with Configuration Manager](https://technet.microsoft.com/library/jj822982.aspx). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-51-capacity-planning.md b/mdop/appv-v5/app-v-51-capacity-planning.md index bde914dcfc..7a95357504 100644 --- a/mdop/appv-v5/app-v-51-capacity-planning.md +++ b/mdop/appv-v5/app-v-51-capacity-planning.md @@ -936,10 +936,10 @@ Ignoring scaling requirements, the minimum number of servers necessary to provid Although there are a number of fault-tolerance strategies and technologies available, not all are applicable to a given service. Additionally, if App-V 5.1 roles are combined, certain fault-tolerance options may no longer apply due to incompatibilities. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-51-deployment-checklist.md b/mdop/appv-v5/app-v-51-deployment-checklist.md index 6758574cd0..2ba65578f0 100644 --- a/mdop/appv-v5/app-v-51-deployment-checklist.md +++ b/mdop/appv-v5/app-v-51-deployment-checklist.md @@ -72,10 +72,10 @@ This checklist outlines the recommended steps and a high-level list of items to   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-51-planning-checklist.md b/mdop/appv-v5/app-v-51-planning-checklist.md index 9de676494e..e5b4625455 100644 --- a/mdop/appv-v5/app-v-51-planning-checklist.md +++ b/mdop/appv-v5/app-v-51-planning-checklist.md @@ -78,10 +78,10 @@ This checklist outlines the recommended steps and a high-level list of items to   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-51-prerequisites.md b/mdop/appv-v5/app-v-51-prerequisites.md index f8078582a5..d1b12390d3 100644 --- a/mdop/appv-v5/app-v-51-prerequisites.md +++ b/mdop/appv-v5/app-v-51-prerequisites.md @@ -642,10 +642,10 @@ Install the following prerequisite software for the App-V Remote Desktop Service   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-51-security-considerations.md b/mdop/appv-v5/app-v-51-security-considerations.md index a1e53028bc..0129e9c720 100644 --- a/mdop/appv-v5/app-v-51-security-considerations.md +++ b/mdop/appv-v5/app-v-51-security-considerations.md @@ -127,10 +127,10 @@ The following will help you plan how to ensure that virtualized packages are sec During App-V 5.1 Setup, setup log files are created in the **%temp%** folder of the installing user. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/app-v-51-supported-configurations.md b/mdop/appv-v5/app-v-51-supported-configurations.md index b60c43d593..edb7f51bfb 100644 --- a/mdop/appv-v5/app-v-51-supported-configurations.md +++ b/mdop/appv-v5/app-v-51-supported-configurations.md @@ -520,10 +520,10 @@ The following App-V and System Center Configuration Manager version matrix shows For more information about how Configuration Manager integrates with App-V, see [Planning for App-V Integration with Configuration Manager](https://technet.microsoft.com/library/jj822982.aspx). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/application-publishing-and-client-interaction.md b/mdop/appv-v5/application-publishing-and-client-interaction.md index b3bd9b1dbb..8671541943 100644 --- a/mdop/appv-v5/application-publishing-and-client-interaction.md +++ b/mdop/appv-v5/application-publishing-and-client-interaction.md @@ -1617,10 +1617,10 @@ There are three specific categories of events recorded described below. **Virtual Application**: Logs virtual application launches and use of virtualization subsystems. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/application-publishing-and-client-interaction51.md b/mdop/appv-v5/application-publishing-and-client-interaction51.md index dfaa56d9c0..0f95287f8c 100644 --- a/mdop/appv-v5/application-publishing-and-client-interaction51.md +++ b/mdop/appv-v5/application-publishing-and-client-interaction51.md @@ -1617,10 +1617,10 @@ There are three specific categories of events recorded described below. **Virtual Application**: Logs virtual application launches and use of virtualization subsystems. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md b/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md index 69af0d0e77..354f623a8c 100644 --- a/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md +++ b/mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md @@ -321,10 +321,10 @@ The App-V 5.0 Sequencer can detect common sequencing issues during sequencing. T You can also find additional information about sequencing errors using the Windows Event Viewer. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for the App-V 5.0 sequencer diff --git a/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md b/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md index 74f663cc7c..ff5df535b5 100644 --- a/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md +++ b/mdop/appv-v5/deploying-app-v-50-packages-by-using-electronic-software-distribution--esd-.md @@ -32,10 +32,10 @@ Explains how to configure the App-V client to enable only administrators to publ [How to Enable Only Administrators to Publish Packages by Using an ESD](how-to-enable-only-administrators-to-publish-packages-by-using-an-esd.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for using an ESD and App-V 5.0 diff --git a/mdop/appv-v5/deploying-app-v-50.md b/mdop/appv-v5/deploying-app-v-50.md index 19b19dfd9a..770bd500c6 100644 --- a/mdop/appv-v5/deploying-app-v-50.md +++ b/mdop/appv-v5/deploying-app-v-50.md @@ -44,10 +44,10 @@ Microsoft Application Virtualization (App-V) 5.0 (App-V 5.0) supports a number o - [Troubleshooting App-V 5.0](troubleshooting-app-v-50.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md b/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md index 567d2252a3..04909d257a 100644 --- a/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md +++ b/mdop/appv-v5/deploying-app-v-51-packages-by-using-electronic-software-distribution--esd-.md @@ -32,10 +32,10 @@ Explains how to configure the App-V client to enable only administrators to publ [How to Enable Only Administrators to Publish Packages by Using an ESD](how-to-enable-only-administrators-to-publish-packages-by-using-an-esd51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for using an ESD and App-V 5.1 diff --git a/mdop/appv-v5/deploying-app-v-51.md b/mdop/appv-v5/deploying-app-v-51.md index c3f71fdcd4..0ba705d646 100644 --- a/mdop/appv-v5/deploying-app-v-51.md +++ b/mdop/appv-v5/deploying-app-v-51.md @@ -46,10 +46,10 @@ Microsoft Application Virtualization (App-V) 5.1 supports a number of different - [Technical Reference for App-V 5.1](technical-reference-for-app-v-51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md index c948d0f95e..b079ba6b69 100644 --- a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md +++ b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v.md @@ -297,10 +297,10 @@ The following table provides a full list of supported integration points for Off [About App-V 5.0 Dynamic Configuration](about-app-v-50-dynamic-configuration.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md index 25b2005356..add55ebcc0 100644 --- a/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md +++ b/mdop/appv-v5/deploying-microsoft-office-2010-by-using-app-v51.md @@ -298,10 +298,10 @@ The following table provides a full list of supported integration points for Off [About App-V 5.1 Dynamic Configuration](about-app-v-51-dynamic-configuration.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md index 6a30148ca3..4563729fa2 100644 --- a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md +++ b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v.md @@ -875,10 +875,10 @@ The following table describes the requirements and options for deploying Visio 2 [About App-V 5.0 Dynamic Configuration](about-app-v-50-dynamic-configuration.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md index 8b3ad7e937..8ff13f6470 100644 --- a/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md +++ b/mdop/appv-v5/deploying-microsoft-office-2013-by-using-app-v51.md @@ -881,10 +881,10 @@ The following table describes the requirements and options for deploying Visio 2 [About App-V 5.1 Dynamic Configuration](about-app-v-51-dynamic-configuration.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v.md b/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v.md index f45c3a42c9..dc3be9799d 100644 --- a/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v.md +++ b/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v.md @@ -785,7 +785,7 @@ The following table describes the requirements and options for deploying Visio 2 [About App-V 5.1 Dynamic Configuration](about-app-v-51-dynamic-configuration.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + diff --git a/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v51.md b/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v51.md index 3cf91ddf99..be3dcbac56 100644 --- a/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v51.md +++ b/mdop/appv-v5/deploying-microsoft-office-2016-by-using-app-v51.md @@ -784,7 +784,7 @@ The following table describes the requirements and options for deploying Visio 2 [About App-V 5.1 Dynamic Configuration](about-app-v-51-dynamic-configuration.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + diff --git a/mdop/appv-v5/deploying-the-app-v-50-sequencer-and-client.md b/mdop/appv-v5/deploying-the-app-v-50-sequencer-and-client.md index 8004f0026d..9124dd0305 100644 --- a/mdop/appv-v5/deploying-the-app-v-50-sequencer-and-client.md +++ b/mdop/appv-v5/deploying-the-app-v-50-sequencer-and-client.md @@ -107,10 +107,10 @@ In App-V 5.0 SP3, some logs have been consolidated. See [About App-V 5.0 SP3](ab [Planning for App-V 5.0](planning-for-app-v-50-rc.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-the-app-v-50-server.md b/mdop/appv-v5/deploying-the-app-v-50-server.md index 4d086c9b5e..5381037f48 100644 --- a/mdop/appv-v5/deploying-the-app-v-50-server.md +++ b/mdop/appv-v5/deploying-the-app-v-50-server.md @@ -111,10 +111,10 @@ Use the following link for more information [About App-V 5.0 Reporting](about-ap [Deploying App-V 5.0](deploying-app-v-50.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-the-app-v-51-sequencer-and-client.md b/mdop/appv-v5/deploying-the-app-v-51-sequencer-and-client.md index 13f68827b2..4e19a4e5ab 100644 --- a/mdop/appv-v5/deploying-the-app-v-51-sequencer-and-client.md +++ b/mdop/appv-v5/deploying-the-app-v-51-sequencer-and-client.md @@ -105,10 +105,10 @@ You can use the App-V 5.1 Sequencer log information to help troubleshoot the Seq [Planning for App-V 5.1](planning-for-app-v-51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/deploying-the-app-v-51-server.md b/mdop/appv-v5/deploying-the-app-v-51-server.md index 95deacfadd..aff7bdb99b 100644 --- a/mdop/appv-v5/deploying-the-app-v-51-server.md +++ b/mdop/appv-v5/deploying-the-app-v-51-server.md @@ -111,10 +111,10 @@ Use the following link for more information [About App-V 5.1 Reporting](about-ap [Deploying App-V 5.1](deploying-app-v-51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/evaluating-app-v-50.md b/mdop/appv-v5/evaluating-app-v-50.md index ff10fbf937..972342d307 100644 --- a/mdop/appv-v5/evaluating-app-v-50.md +++ b/mdop/appv-v5/evaluating-app-v-50.md @@ -45,10 +45,10 @@ Use the following link for more information about creating and managing virtuali - [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](how-to-configure-the-client-to-receive-package-and-connection-groups-updates-from-the-publishing-server-beta.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/evaluating-app-v-51.md b/mdop/appv-v5/evaluating-app-v-51.md index 11ce2c4b97..41aad1077c 100644 --- a/mdop/appv-v5/evaluating-app-v-51.md +++ b/mdop/appv-v5/evaluating-app-v-51.md @@ -45,10 +45,10 @@ Use the following link for more information about creating and managing virtuali - [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](how-to-configure-the-client-to-receive-package-and-connection-groups-updates-from-the-publishing-server-51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/getting-started-with-app-v-50--rtm.md b/mdop/appv-v5/getting-started-with-app-v-50--rtm.md index bb9c37193f..621eb9a3f4 100644 --- a/mdop/appv-v5/getting-started-with-app-v-50--rtm.md +++ b/mdop/appv-v5/getting-started-with-app-v-50--rtm.md @@ -132,10 +132,10 @@ This section of the App-V 5.0 Administrator’s Guide includes high-level inform - [Troubleshooting App-V 5.0](troubleshooting-app-v-50.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/getting-started-with-app-v-51.md b/mdop/appv-v5/getting-started-with-app-v-51.md index 7c6e9d1eaf..5729e3b1ac 100644 --- a/mdop/appv-v5/getting-started-with-app-v-51.md +++ b/mdop/appv-v5/getting-started-with-app-v-51.md @@ -122,10 +122,10 @@ This section of the App-V 5.1 Administrator’s Guide includes high-level inform - [Technical Reference for App-V 5.1](technical-reference-for-app-v-51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/high-level-architecture-for-app-v-50.md b/mdop/appv-v5/high-level-architecture-for-app-v-50.md index 468e3cd99e..3f7b38c37a 100644 --- a/mdop/appv-v5/high-level-architecture-for-app-v-50.md +++ b/mdop/appv-v5/high-level-architecture-for-app-v-50.md @@ -68,10 +68,10 @@ If you are using App-V 5.0 with Electronic Software Distribution (ESD) you are n   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/high-level-architecture-for-app-v-51.md b/mdop/appv-v5/high-level-architecture-for-app-v-51.md index bad74e4444..dc5140b458 100644 --- a/mdop/appv-v5/high-level-architecture-for-app-v-51.md +++ b/mdop/appv-v5/high-level-architecture-for-app-v-51.md @@ -68,10 +68,10 @@ If you are using App-V 5.1 with Electronic Software Distribution (ESD) you are n   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version.md b/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version.md index cb834b9255..ab28dd48a0 100644 --- a/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version.md +++ b/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version.md @@ -89,10 +89,10 @@ To upgrade a package in earlier versions of App-V, you had to perform several st   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version51.md b/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version51.md index 7ad72e75ea..13df4fafc6 100644 --- a/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version51.md +++ b/mdop/appv-v5/how-to-make-a-connection-group-ignore-the-package-version51.md @@ -89,10 +89,10 @@ To upgrade a package in some earlier versions of App-V, you had to perform sever   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md index c441baefdb..91b56c8a74 100644 --- a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md +++ b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups.md @@ -278,10 +278,10 @@ Review the following requirements before using optional packages in connection g   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md index 8cc9502a28..c43e18358d 100644 --- a/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md +++ b/mdop/appv-v5/how-to-use-optional-packages-in-connection-groups51.md @@ -277,10 +277,10 @@ Review the following requirements before using optional packages in connection g   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/index.md b/mdop/appv-v5/index.md index 9ffe0cc1ce..ca33b4be38 100644 --- a/mdop/appv-v5/index.md +++ b/mdop/appv-v5/index.md @@ -44,10 +44,10 @@ Learn about the latest MDOP information and resources. [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com) or learn about updates by following us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447). -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/maintaining-app-v-50.md b/mdop/appv-v5/maintaining-app-v-50.md index 48aa786de9..0abd36efa4 100644 --- a/mdop/appv-v5/maintaining-app-v-50.md +++ b/mdop/appv-v5/maintaining-app-v-50.md @@ -30,10 +30,10 @@ Independent software vendors (ISV) who want to determine if an application is ru Additionally, ISV’s who want to explicitly virtualize or not virtualize calls on specific API’s with App-V 5.0 and above, can use the **VirtualizeCurrentThread()** and **CurrentThreadIsVirtualized()** functions implemented in the AppEntSubsystems32.dll module. These provide a way of hinting at a downstream component that the call should or should not be virtualized. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for maintaining App-V 5.0 diff --git a/mdop/appv-v5/maintaining-app-v-51.md b/mdop/appv-v5/maintaining-app-v-51.md index cbacf9759a..94b2057911 100644 --- a/mdop/appv-v5/maintaining-app-v-51.md +++ b/mdop/appv-v5/maintaining-app-v-51.md @@ -30,10 +30,10 @@ Independent software vendors (ISV) who want to determine if an application is ru Additionally, ISV’s who want to explicitly virtualize or not virtualize calls on specific API’s with App-V 5.1 and above, can use the **VirtualizeCurrentThread()** and **CurrentThreadIsVirtualized()** functions implemented in the AppEntSubsystems32.dll module. These provide a way of hinting at a downstream component that the call should or should not be virtualized. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for maintaining App-V 5.1 diff --git a/mdop/appv-v5/managing-connection-groups.md b/mdop/appv-v5/managing-connection-groups.md index 241719b9c7..a1c4180e77 100644 --- a/mdop/appv-v5/managing-connection-groups.md +++ b/mdop/appv-v5/managing-connection-groups.md @@ -58,10 +58,10 @@ In previous versions of App-V 5.0, connection groups were referred to as Dynamic   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for App-V 5.0 connection groups diff --git a/mdop/appv-v5/managing-connection-groups51.md b/mdop/appv-v5/managing-connection-groups51.md index 90eb98b154..c325456217 100644 --- a/mdop/appv-v5/managing-connection-groups51.md +++ b/mdop/appv-v5/managing-connection-groups51.md @@ -58,10 +58,10 @@ In some previous versions of App-V, connection groups were referred to as Dynami   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for App-V 5.1 connection groups diff --git a/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md b/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md index e00d2cedd0..a1be89fa9a 100644 --- a/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md +++ b/mdop/appv-v5/microsoft-application-virtualization-50-administrators-guide.md @@ -49,7 +49,7 @@ The Microsoft Application Virtualization (App-V) 5.0 Administrator’s Guide pro - [Viewing App-V Server Publishing Metadata](viewing-app-v-server-publishing-metadata.md) - [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md) -### Got a suggestion for App-V? +# - Add or vote on suggestions on the ["Microsoft Application Virtualization" forum on UserVoice.com](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). - For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). diff --git a/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md b/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md index 887c215967..4df47b66b2 100644 --- a/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md +++ b/mdop/appv-v5/microsoft-application-virtualization-51-administrators-guide.md @@ -45,7 +45,7 @@ The Microsoft Application Virtualization (App-V) 5.1 Administrator’s Guide pro - [Viewing App-V Server Publishing Metadata](viewing-app-v-server-publishing-metadata51.md) - [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md) -### Got a suggestion for App-V? +# - Add or vote on suggestions on the ["Microsoft Application Virtualization" forum on UserVoice.com](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). - For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). diff --git a/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md b/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md index f4488ba203..210fd210db 100644 --- a/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md +++ b/mdop/appv-v5/migrating-from-a-previous-version-app-v-50.md @@ -174,10 +174,10 @@ You can also perform additional migration tasks such as reconfiguring end points [How to Revert Extension Points From an App-V 5.0 Package to an App-V 4.6 Package for a Specific User](how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-a-specific-user.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for performing App-V migration tasks diff --git a/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md b/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md index 9a943e6330..325d571bbf 100644 --- a/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md +++ b/mdop/appv-v5/migrating-to-app-v-51-from-a-previous-version.md @@ -310,10 +310,10 @@ You can also perform additional migration tasks such as reconfiguring end points [How to Revert Extension Points From an App-V 5.1 Package to an App-V 4.6 Package for a Specific User](how-to-revert-extension-points-from-an-app-v-51-package-to-an-app-v-46-package-for-a-specific-user.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for performing App-V migration tasks diff --git a/mdop/appv-v5/operations-for-app-v-50.md b/mdop/appv-v5/operations-for-app-v-50.md index 86e639c9bc..c5bd02a3de 100644 --- a/mdop/appv-v5/operations-for-app-v-50.md +++ b/mdop/appv-v5/operations-for-app-v-50.md @@ -47,10 +47,10 @@ This section of the App-V 5.0 Administrator’s Guide includes information about Describes the set of Windows PowerShell cmdlets available for administrators performing various App-V 5.0 server tasks. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other Resources for App-V Operations diff --git a/mdop/appv-v5/operations-for-app-v-51.md b/mdop/appv-v5/operations-for-app-v-51.md index 981269ffe0..e289af08ec 100644 --- a/mdop/appv-v5/operations-for-app-v-51.md +++ b/mdop/appv-v5/operations-for-app-v-51.md @@ -47,10 +47,10 @@ This section of the Microsoft Application Virtualization (App-V) 5.1 Administrat Describes the set of Windows PowerShell cmdlets available for administrators performing various App-V 5.1 server tasks. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other Resources for App-V Operations diff --git a/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md b/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md index bbc5378d44..538d1e5db2 100644 --- a/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md +++ b/mdop/appv-v5/performance-guidance-for-application-virtualization-50.md @@ -736,10 +736,10 @@ The following terms are used when describing concepts and actions related to App - **User Profile Management** – The controlled and structured approach to managing user components associated with the environment. For example, user profiles, preference and policy management, application control and application deployment. You can use scripting or third-party solutions configure the environment as needed. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md b/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md index 2f09ab6f22..978deed7ea 100644 --- a/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md +++ b/mdop/appv-v5/performance-guidance-for-application-virtualization-51.md @@ -743,10 +743,10 @@ The following terms are used when describing concepts and actions related to App - **User Profile Management** – The controlled and structured approach to managing user components associated with the environment. For example, user profiles, preference and policy management, application control and application deployment. You can use scripting or third-party solutions configure the environment as needed. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/planning-for-app-v-50-rc.md b/mdop/appv-v5/planning-for-app-v-50-rc.md index 2546435ca5..79444cbce4 100644 --- a/mdop/appv-v5/planning-for-app-v-50-rc.md +++ b/mdop/appv-v5/planning-for-app-v-50-rc.md @@ -31,10 +31,10 @@ Use this information to plan how to deploy Microsoft Application Virtualization Planning checklist that can be used to assist in App-V 5.0 deployment planning. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for App-V 5.0 Planning diff --git a/mdop/appv-v5/planning-for-app-v-51.md b/mdop/appv-v5/planning-for-app-v-51.md index 321373b383..d42ae9c0bf 100644 --- a/mdop/appv-v5/planning-for-app-v-51.md +++ b/mdop/appv-v5/planning-for-app-v-51.md @@ -31,10 +31,10 @@ Use this information to plan how to deploy Microsoft Application Virtualization Planning checklist that can be used to assist in App-V 5.1 deployment planning. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for App-V 5.1 Planning diff --git a/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md b/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md index 89efccc8de..f6b15844ca 100644 --- a/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md +++ b/mdop/appv-v5/planning-for-high-availability-with-app-v-51.md @@ -138,10 +138,10 @@ Click any of the following links for more information: The App-V 5.1 management server database supports deployments to computers running Microsoft SQL Server with the **Always On** configuration. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md index 111265456f..054ef35b28 100644 --- a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md +++ b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v.md @@ -122,10 +122,10 @@ Before migrating a package, created using App-V 4.6 SP3 or earlier, to App-V 5 For more information about using the package converter to convert a package, see [How to Convert a Package Created in a Previous Version of App-V](how-to-convert-a-package-created-in-a-previous-version-of-app-v.md). After you convert the file, you can deploy it to target computers that run the App-V 5.0 client. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md index ccdd275962..231df856fe 100644 --- a/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md +++ b/mdop/appv-v5/planning-for-migrating-from-a-previous-version-of-app-v51.md @@ -127,10 +127,10 @@ Before migrating a package, created using App- 4.6 SP2 or earlier, to App-V 5. For more information about using the package converter to convert a package, see [How to Convert a Package Created in a Previous Version of App-V](how-to-convert-a-package-created-in-a-previous-version-of-app-v51.md). After you convert the file, you can deploy it to target computers that run the App-V 5.1 client. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md b/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md index 73ddf67a18..04f45a5dbf 100644 --- a/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md +++ b/mdop/appv-v5/planning-for-the-app-v-50-sequencer-and-client-deployment.md @@ -84,10 +84,10 @@ The following list displays some of the benefits of using the App-V 5.0 shared c [How to Install the App-V 5.0 Client for Shared Content Store Mode](how-to-install-the-app-v-50-client-for-shared-content-store-mode.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for the App-V 5.0 deployment diff --git a/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md b/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md index 661dfcedd4..9099adcfe8 100644 --- a/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md +++ b/mdop/appv-v5/planning-for-the-app-v-50-server-deployment.md @@ -96,10 +96,10 @@ The following displays information about server-related protocols used by the Ap   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md b/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md index 078f827126..c99f940821 100644 --- a/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md +++ b/mdop/appv-v5/planning-for-the-app-v-51-sequencer-and-client-deployment.md @@ -76,10 +76,10 @@ The following list displays some of the benefits of using the App-V 5.1 shared c - Simplified profile management -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for the App-V 5.1 deployment diff --git a/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md b/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md index 86dada8179..89bcb718f8 100644 --- a/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md +++ b/mdop/appv-v5/planning-for-the-app-v-51-server-deployment.md @@ -96,10 +96,10 @@ The following displays information about server-related protocols used by the Ap   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/planning-for-using-app-v-with-office.md b/mdop/appv-v5/planning-for-using-app-v-with-office.md index 83ae379e97..e294521ae9 100644 --- a/mdop/appv-v5/planning-for-using-app-v-with-office.md +++ b/mdop/appv-v5/planning-for-using-app-v-with-office.md @@ -380,10 +380,10 @@ The Office 2013 App-V package supports the following integration points with the   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/planning-for-using-app-v-with-office51.md b/mdop/appv-v5/planning-for-using-app-v-with-office51.md index 2058a48f3a..7dc75eda7b 100644 --- a/mdop/appv-v5/planning-for-using-app-v-with-office51.md +++ b/mdop/appv-v5/planning-for-using-app-v-with-office51.md @@ -317,10 +317,10 @@ The Office 2013 App-V package supports the following integration points with the   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md b/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md index 27127d430e..094d3b8da9 100644 --- a/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md +++ b/mdop/appv-v5/planning-to-deploy-app-v-50-with-an-electronic-software-distribution-system.md @@ -44,10 +44,10 @@ Review the following component and architecture requirements options that apply   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md b/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md index ab36ff9ab2..4379f770b5 100644 --- a/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md +++ b/mdop/appv-v5/planning-to-deploy-app-v-51-with-an-electronic-software-distribution-system.md @@ -44,10 +44,10 @@ Review the following component and architecture requirements options that apply   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md index a1f34fddf2..965c5d7d71 100644 --- a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md +++ b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v.md @@ -176,10 +176,10 @@ The following table describes how folder redirection works when %AppData% is red   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md index 83456b984c..1da6047c3f 100644 --- a/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md +++ b/mdop/appv-v5/planning-to-use-folder-redirection-with-app-v51.md @@ -176,10 +176,10 @@ The following table describes how folder redirection works when %AppData% is red   -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/preparing-your-environment-for-app-v-50.md b/mdop/appv-v5/preparing-your-environment-for-app-v-50.md index 1b60134351..3bc788d92f 100644 --- a/mdop/appv-v5/preparing-your-environment-for-app-v-50.md +++ b/mdop/appv-v5/preparing-your-environment-for-app-v-50.md @@ -37,10 +37,10 @@ There are a number of different deployment configurations and prerequisites that Describes accounts, groups, log files, and other considerations for securing your App-V environment. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for App-V 5.0 Planning diff --git a/mdop/appv-v5/preparing-your-environment-for-app-v-51.md b/mdop/appv-v5/preparing-your-environment-for-app-v-51.md index f34fb1f8f6..b72ed1d762 100644 --- a/mdop/appv-v5/preparing-your-environment-for-app-v-51.md +++ b/mdop/appv-v5/preparing-your-environment-for-app-v-51.md @@ -30,10 +30,10 @@ There are a number of different deployment configurations and prerequisites that Describes accounts, groups, log files, and other considerations for securing your App-V environment. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Other resources for App-V 5.1 Planning diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp1.md b/mdop/appv-v5/release-notes-for-app-v-50-sp1.md index 6c2b2934d8..6074975fb7 100644 --- a/mdop/appv-v5/release-notes-for-app-v-50-sp1.md +++ b/mdop/appv-v5/release-notes-for-app-v-50-sp1.md @@ -51,10 +51,10 @@ Microsoft, Active Directory, ActiveX, Bing, Excel, Silverlight, SQL Server, Win -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp2.md b/mdop/appv-v5/release-notes-for-app-v-50-sp2.md index d4e5afaf67..c5b1e8f26c 100644 --- a/mdop/appv-v5/release-notes-for-app-v-50-sp2.md +++ b/mdop/appv-v5/release-notes-for-app-v-50-sp2.md @@ -147,10 +147,10 @@ Microsoft, Active Directory, ActiveX, Bing, Excel, Silverlight, SQL Server, Win -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/release-notes-for-app-v-50-sp3.md b/mdop/appv-v5/release-notes-for-app-v-50-sp3.md index 2fcfd69810..10f588bb25 100644 --- a/mdop/appv-v5/release-notes-for-app-v-50-sp3.md +++ b/mdop/appv-v5/release-notes-for-app-v-50-sp3.md @@ -36,10 +36,10 @@ When you receive updated packages by querying Active Directory Domain Services f **Workaround**: Wait until the user logs off and then logs back on before you query for updated group memberships. Do not use the registry key, described in [Hotfix Package 2 for Microsoft Application Virtualization 5.0 Service Pack 1](https://support.microsoft.com/kb/2897087), to query for updated group memberships. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/release-notes-for-app-v-50.md b/mdop/appv-v5/release-notes-for-app-v-50.md index 6ea5039162..53b1e5ba8b 100644 --- a/mdop/appv-v5/release-notes-for-app-v-50.md +++ b/mdop/appv-v5/release-notes-for-app-v-50.md @@ -63,10 +63,10 @@ Microsoft, Active Directory, ActiveX, Bing, Excel, Silverlight, SQL Server, Win -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/release-notes-for-app-v-51.md b/mdop/appv-v5/release-notes-for-app-v-51.md index 846068b26f..e74981af10 100644 --- a/mdop/appv-v5/release-notes-for-app-v-51.md +++ b/mdop/appv-v5/release-notes-for-app-v-51.md @@ -182,10 +182,10 @@ Occassionally when mounting a package, a "File Not Found" (0x80070002) error is -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md index 951a544882..09f1efd097 100644 --- a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md +++ b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications.md @@ -172,10 +172,10 @@ If you don’t know the exact name of your package, use the command line **Get-A This method lets you launch any command within the context of an App-V package, regardless of whether the package is currently running. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md index 8a9e026051..2dfb9a76cf 100644 --- a/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md +++ b/mdop/appv-v5/running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md @@ -172,10 +172,10 @@ If you don’t know the exact name of your package, use the command line **Get-A This method lets you launch any command within the context of an App-V package, regardless of whether the package is currently running. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/technical-reference-for-app-v-50.md b/mdop/appv-v5/technical-reference-for-app-v-50.md index 9e0cc51619..0d8c094017 100644 --- a/mdop/appv-v5/technical-reference-for-app-v-50.md +++ b/mdop/appv-v5/technical-reference-for-app-v-50.md @@ -27,10 +27,10 @@ This section provides reference information related to managing App-V 5.0. Describes how the following App-V client operations affect the local operating system: App-V files and data storage locations, package registry, package store behavior, roaming registry and data, client application lifecycle management, integration of App-V packages, dynamic configuration, side-by-side assemblies, and client logging. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/technical-reference-for-app-v-51.md b/mdop/appv-v5/technical-reference-for-app-v-51.md index 0f766d73fa..54e325ba1a 100644 --- a/mdop/appv-v5/technical-reference-for-app-v-51.md +++ b/mdop/appv-v5/technical-reference-for-app-v-51.md @@ -27,10 +27,10 @@ This section provides reference information related to managing App-V 5.1. Describes how the following App-V client operations affect the local operating system: App-V files and data storage locations, package registry, package store behavior, roaming registry and data, client application lifecycle management, integration of App-V packages, dynamic configuration, side-by-side assemblies, and client logging. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/troubleshooting-app-v-50.md b/mdop/appv-v5/troubleshooting-app-v-50.md index 76f24b7d03..6e168ec818 100644 --- a/mdop/appv-v5/troubleshooting-app-v-50.md +++ b/mdop/appv-v5/troubleshooting-app-v-50.md @@ -79,10 +79,10 @@ If you have a troubleshooting tip or a best practice to share that is not alread - [Operations for App-V 5.0](operations-for-app-v-50.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/troubleshooting-app-v-51.md b/mdop/appv-v5/troubleshooting-app-v-51.md index 32614aa840..98f87e4069 100644 --- a/mdop/appv-v5/troubleshooting-app-v-51.md +++ b/mdop/appv-v5/troubleshooting-app-v-51.md @@ -79,10 +79,10 @@ If you have a troubleshooting tip or a best practice to share that is not alread - [Operations for App-V 5.1](operations-for-app-v-51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + +   diff --git a/mdop/appv-v5/using-the-app-v-50-client-management-console.md b/mdop/appv-v5/using-the-app-v-50-client-management-console.md index 947ee41302..5895a83355 100644 --- a/mdop/appv-v5/using-the-app-v-50-client-management-console.md +++ b/mdop/appv-v5/using-the-app-v-50-client-management-console.md @@ -73,10 +73,10 @@ The client management console contains the following described main tabs. [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](how-to-configure-the-client-to-receive-package-and-connection-groups-updates-from-the-publishing-server-beta.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/using-the-app-v-51-client-management-console.md b/mdop/appv-v5/using-the-app-v-51-client-management-console.md index 2e7da99787..a7c2241534 100644 --- a/mdop/appv-v5/using-the-app-v-51-client-management-console.md +++ b/mdop/appv-v5/using-the-app-v-51-client-management-console.md @@ -73,10 +73,10 @@ The client management console contains the following described main tabs. [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](how-to-configure-the-client-to-receive-package-and-connection-groups-updates-from-the-publishing-server-51.md) -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md b/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md index 3f5111ff89..512ce4468b 100644 --- a/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md +++ b/mdop/appv-v5/viewing-app-v-server-publishing-metadata.md @@ -236,10 +236,10 @@ The Publishing server communicates with the Management server to determine which You can view the metadata for each request in an Internet browser by using a query that is in the context of the specific user or computer. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md b/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md index cdafcc2360..f1506ca3e6 100644 --- a/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md +++ b/mdop/appv-v5/viewing-app-v-server-publishing-metadata51.md @@ -246,10 +246,10 @@ The Publishing server communicates with the Management server to determine which You can view the metadata for each request in an Internet browser by using a query that is in the context of the specific user or computer. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/whats-new-in-app-v-50-sp1.md b/mdop/appv-v5/whats-new-in-app-v-50-sp1.md index ebd0974f59..d2f510a0eb 100644 --- a/mdop/appv-v5/whats-new-in-app-v-50-sp1.md +++ b/mdop/appv-v5/whats-new-in-app-v-50-sp1.md @@ -40,10 +40,10 @@ The following list contains more information about the new Language Packs: **Microsoft Office 2010 Sequencing Kit for Application Virtualization 5.0** – helps provide users with a consistent experience using a virtualized version of Microsoft Office 2010. The **Microsoft Office 2010 Sequencing Kit for Application Virtualization 5.0** is used in conjunction with the **Microsoft Office 2010 Deployment Kit for App-V** and also provides the required Microsoft Office 2010 licensing service. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/appv-v5/whats-new-in-app-v-50.md b/mdop/appv-v5/whats-new-in-app-v-50.md index 4102a04796..6b82f04ffb 100644 --- a/mdop/appv-v5/whats-new-in-app-v-50.md +++ b/mdop/appv-v5/whats-new-in-app-v-50.md @@ -151,10 +151,10 @@ The application and licensing functionality has been removed in App-V 5.0. The a There is no file or application cache available with App-V 5.0. -## Got a suggestion for App-V? -Add or vote on suggestions [here](http://appv.uservoice.com/forums/280448-microsoft-application-virtualization). For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopappv). + + ## Related topics diff --git a/mdop/uev-v1/index.md b/mdop/uev-v1/index.md index 0eacccc566..49e6e8a74c 100644 --- a/mdop/uev-v1/index.md +++ b/mdop/uev-v1/index.md @@ -13,6 +13,9 @@ ms.date: 04/19/2017 # Microsoft User Experience Virtualization (UE-V) 1.0 +>[!NOTE] +>This documentation is a for version of UE-V that was included in the Microsoft Desktop Optimization Pack (MDOP). For information about the latest version of UE-V which is included in Windows 10 Enterprise, see [Get Started with UE-V](https://docs.microsoft.com/windows/configuration/ue-v/uev-getting-started). + Microsoft User Experience Virtualization (UE-V) captures and centralizes application settings and Windows operating system settings for the user. These settings are then applied to the different computers that are accessed by the user, including desktop computers, laptop computers, and virtual desktop infrastructure (VDI) sessions. diff --git a/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md index 783e1c769e..7c04b3654e 100644 --- a/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/accessibility-for-ue-v-2x-both-uevv2.md @@ -81,10 +81,10 @@ Microsoft Support Services are subject to the prices, terms, and conditions in p For more information about how accessible technology for computers can help to improve the lives of people with disabilities, see the [Microsoft Accessibility website](https://go.microsoft.com/fwlink/p/?linkid=8431). -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/administering-ue-v-2x-new-uevv2.md b/mdop/uev-v2/administering-ue-v-2x-new-uevv2.md index d94d580f24..117459cd87 100644 --- a/mdop/uev-v2/administering-ue-v-2x-new-uevv2.md +++ b/mdop/uev-v2/administering-ue-v-2x-new-uevv2.md @@ -71,10 +71,10 @@ You can use UE-V with Microsoft Application Virtualization (App-V) to share sett - [Technical Reference for UE-V 2.x](technical-reference-for-ue-v-2x-both-uevv2.md) -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md b/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md index f2eaf57cca..d714ca370b 100644 --- a/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md +++ b/mdop/uev-v2/administering-ue-v-2x-with-windows-powershell-and-wmi-both-uevv2.md @@ -35,10 +35,10 @@ After you create and deploy UE-V settings location templates, you can manage tho [Managing UE-V 2.x Settings Location Templates Using Windows PowerShell and WMI](managing-ue-v-2x-settings-location-templates-using-windows-powershell-and-wmi-both-uevv2.md) -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/application-template-schema-reference-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/application-template-schema-reference-for-ue-v-2x-both-uevv2.md index 5178ad8c46..951b805b9f 100644 --- a/mdop/uev-v2/application-template-schema-reference-for-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/application-template-schema-reference-for-ue-v-2x-both-uevv2.md @@ -1865,10 +1865,10 @@ Here is the SettingsLocationTemplate.xsd file showing its elements, child elemen ``` -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md b/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md index bb9871946c..917cdf3a2b 100644 --- a/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md +++ b/mdop/uev-v2/changing-the-frequency-of-ue-v-2x-scheduled-tasks-both-uevv2.md @@ -312,10 +312,10 @@ The following additional information applies to UE-V scheduled tasks: - The Monitor Application Settings scheduled task will update Windows app (AppX) settings in real time, based on Windows app program setting triggers built into each app. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md index 11cc48b9b5..545c246391 100644 --- a/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/configuring-the-company-settings-center-for-ue-v-2x-both-uevv2.md @@ -75,10 +75,10 @@ The Company Settings Center can include a hyperlink that users can click to get 3. Deploy settings to users’ computers by using the management tool. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md b/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md index 112b193c14..951fd1dd2e 100644 --- a/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md +++ b/mdop/uev-v2/configuring-ue-v-2x-with-system-center-configuration-manager-2012-both-uevv2.md @@ -225,10 +225,10 @@ To distribute a new Notepad template, you would perform these steps: The UE-V Configuration Pack for Configuration Manager 2012 SP1 or later can be downloaded [here](https://go.microsoft.com/fwlink/?LinkId=317263). -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/deploy-required-features-for-ue-v-2x-new-uevv2.md b/mdop/uev-v2/deploy-required-features-for-ue-v-2x-new-uevv2.md index 80cd44d2e9..2917322ed7 100644 --- a/mdop/uev-v2/deploy-required-features-for-ue-v-2x-new-uevv2.md +++ b/mdop/uev-v2/deploy-required-features-for-ue-v-2x-new-uevv2.md @@ -436,10 +436,10 @@ msiexec.exe /f "" /quiet /norestart /l*v "%temp%\UE-VAgentInst You can then retry the uninstall process or upgrade by installing the newer version of the UE-V Agent. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/deploy-ue-v-2x-for-custom-applications-new-uevv2.md b/mdop/uev-v2/deploy-ue-v-2x-for-custom-applications-new-uevv2.md index 6d433b417b..f1bafcb23e 100644 --- a/mdop/uev-v2/deploy-ue-v-2x-for-custom-applications-new-uevv2.md +++ b/mdop/uev-v2/deploy-ue-v-2x-for-custom-applications-new-uevv2.md @@ -319,10 +319,10 @@ Templates that are deployed by using an ESD system or Group Policy Objects must   -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md b/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md index 70d85ed710..2c31ff321d 100644 --- a/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md +++ b/mdop/uev-v2/get-started-with-ue-v-2x-new-uevv2.md @@ -251,10 +251,10 @@ You can change the settings in Computer B back to the original Computer A settin - [Technical Reference for UE-V 2.x](technical-reference-for-ue-v-2x-both-uevv2.md) -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/index.md b/mdop/uev-v2/index.md index 8932147ff3..cf1d9adb63 100644 --- a/mdop/uev-v2/index.md +++ b/mdop/uev-v2/index.md @@ -13,6 +13,9 @@ ms.date: 04/19/2017 # Microsoft User Experience Virtualization (UE-V) 2.x +>[!NOTE] +>This documentation is a for version of UE-V that was included in the Microsoft Desktop Optimization Pack (MDOP). For information about the latest version of UE-V which is included in Windows 10 Enterprise, see [Get Started with UE-V](https://docs.microsoft.com/windows/configuration/ue-v/uev-getting-started). + Capture and centralize your users’ application settings and Windows OS settings by implementing Microsoft User Experience Virtualization (UE-V) 2.0 or 2.1. Then, apply these settings to the devices users access in your enterprise, like desktop computers, laptops, or virtual desktop infrastructure (VDI) sessions. @@ -307,10 +310,10 @@ Learn about the latest MDOP information and resources. [MDOP Information Experience](https://go.microsoft.com/fwlink/p/?LinkId=236032) Find documentation, videos, and other resources for MDOP technologies. You can also [send us feedback](mailto:MDOPDocs@microsoft.com) or learn about updates by following us on [Facebook](https://go.microsoft.com/fwlink/p/?LinkId=242445) or [Twitter](https://go.microsoft.com/fwlink/p/?LinkId=242447). -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/manage-administrative-backup-and-restore-in-ue-v-2x-new-topic-for-21.md b/mdop/uev-v2/manage-administrative-backup-and-restore-in-ue-v-2x-new-topic-for-21.md index b0d0ef4e43..2ce8a8a4cf 100644 --- a/mdop/uev-v2/manage-administrative-backup-and-restore-in-ue-v-2x-new-topic-for-21.md +++ b/mdop/uev-v2/manage-administrative-backup-and-restore-in-ue-v-2x-new-topic-for-21.md @@ -160,10 +160,10 @@ WMI and Windows PowerShell commands let you restore application and Windows sett   -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/manage-configurations-for-ue-v-2x-new-uevv2.md b/mdop/uev-v2/manage-configurations-for-ue-v-2x-new-uevv2.md index c20f2c7664..7158058f74 100644 --- a/mdop/uev-v2/manage-configurations-for-ue-v-2x-new-uevv2.md +++ b/mdop/uev-v2/manage-configurations-for-ue-v-2x-new-uevv2.md @@ -71,10 +71,10 @@ Here are some examples of UE-V configuration settings: - **Custom Contact IT Hyperlink:** Defines the path, text, and description for the **Contact IT** hyperlink in the Company Settings Center. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md index 681806fa2d..9c23328285 100644 --- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md +++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--20-release-notesuevv2.md @@ -32,55 +32,55 @@ This section contains release notes for User Experience Virtualization. When a computer has an application that is installed through both Application Virtualization (App-V) and a locally with a Windows Installer (.msi) file, the registry-based settings do not synchronize between the technologies. -WORKAROUND: To resolve this problem, run the application by selecting one of the two technologies, but not both. +**WORKAROUND:** To resolve this problem, run the application by selecting one of the two technologies, but not both. ### Settings do not synchronization when network share is outside user’s domain When Windows® 8 attempts operating system settings synchronization, the synchronization fails with the following error message: **boost::filesystem::exists::Incorrect user name or password**. This error can indicate that the network share is outside the user’s domain or a domain with a trust relationship to that domain. To check for operational log events, open the **Event Viewer** and navigate to **Applications and Services Logs** / **Microsoft** / **User Experience Virtualization** / **Logging** / **Operational**. Network shares that are used for UE-V settings storage locations should reside in the same Active Directory domain as the user or a trusted domain of the user’s domain. -WORKAROUND: Use network shares from the same Active Directory domain as the user. +**WORKAROUND:** Use network shares from the same Active Directory domain as the user. ### Unpredictable results with both Office 2010 and Office 2013 installed When a user has both Office 2010 and Office 2013 installed, any common settings between the two versions of Office are roamed by UE-V. This could cause the Office 2010 package size to be quite large or result in unpredictable conflicts with 2013, particularly if Office 365 is used. -WORKAROUND: Install only one version of Office or limit which settings are synchronized by UE-V. +**WORKAROUND:** Install only one version of Office or limit which settings are synchronized by UE-V. ### Uninstall and re-install of Windows 8 app reverts settings to initial state While using UE-V settings synchronization for a Windows 8 app, if the user uninstalls the app and then reinstalls the app, the app’s settings revert to their default values.  This happens because the uninstall removes the local (cached) copy of the app’s settings but does not remove the local UE-V settings package.  When the app is reinstalled and launched, UE-V gather the app settings that were reset to the app defaults and then uploads the default settings to the central storage location.  Other computers running the app then download the default settings.  This behavior is identical to the behavior of desktop applications. -WORKAROUND: None. +**WORKAROUND:** None. ### Email signature roaming for Outlook 2010 UE-V will roam the Outlook 2010 signature files between devices. However, the default signature options for new messages and replies or forwards are not synchronized. These two settings are stored in the Outlook profile, which UE-V does not roam. -WORKAROUND: None. +**WORKAROUND:** None. ### UE-V does not support roaming settings between 32-bit and 64-bit versions of Microsoft Office -We recommend that you install the 32-bit version of Microsoft Office for both 32-bit and 64-bit operating systems. To choose the Microsoft Office version that you need, click here. ([http://office.microsoft.com/word-help/choose-the-32-bit-or-64-bit-version-of-microsoft-office-HA010369476.aspx](https://go.microsoft.com/fwlink/?LinkID=247623)). UE-V supports roaming settings between identical architecture versions of Office. For example, 32-bit Office settings will roam between all 32-bit Office instances. UE-V does not support roaming settings between 32-bit and 64-bit versions of Office. +We recommend that you install the 64-bit version of Microsoft Office for modern computers. To determine which version you you need, [click here](https://support.office.com/article/choose-between-the-64-bit-or-32-bit-version-of-office-2dee7807-8f95-4d0c-b5fe-6c6f49b8d261?ui=en-US&rs=en-US&ad=US#32or64Bit=Newer_Versions). -WORKAROUND: None +**WORKAROUND:** None ### MSI’s are not localized UE-V 2.0 includes a localized setup program for both the UE-V Agent and UE-V generator. These MSI files are still available but the user interface is minimized and the MSI’s only display in English. Despite the file being in English, the setup program installs all supported languages during the installation. -WORKAROUND: None +**WORKAROUND:** None ### Favicons that are associated with Internet Explorer 9 favorites do not roam The favicons that are associated with Internet Explorer 9 favorites are not roamed by User Experience Virtualization and do not appear when the favorites first appear on a new computer. -WORKAROUND: Favicons will appear with their associated favorites once the bookmark is used and cached in the Internet Explorer 9 browser. +**WORKAROUND:** Favicons will appear with their associated favorites once the bookmark is used and cached in the Internet Explorer 9 browser. ### File settings paths are stored in registry Some application settings store the paths of their configuration and settings files as values in the registry. The files that are referenced as paths in the registry must be synchronized when settings are roamed between computers. -WORKAROUND: Use folder redirection or some other technology to ensure that any files that are referenced as file settings paths are present and placed in the same location on all computers where settings roam. +**WORKAROUND:** Use folder redirection or some other technology to ensure that any files that are referenced as file settings paths are present and placed in the same location on all computers where settings roam. ### Long Settings Storage Paths could cause an error @@ -90,25 +90,25 @@ Keep settings storage paths as short as possible. Long paths could prevent resol To check the operational log events, open the Event Viewer and navigate to Applications and Services Logs / Microsoft / User Experience Virtualization / Logging / Operational. -WORKAROUND: None. +**WORKAROUND:** None. ### Some operating system settings only roam between like operating system versions Operating system settings for Narrator and currency characters specific to the locale (i.e. language and regional settings) will only roam across like operating system versions of Windows. For example, currency characters will not roam between Windows 7 and Windows 8. -WORKAROUND: None +**WORKAROUND:** None ### Windows 8 apps do not sync settings when the app restarts after closing unexpectedly If a Windows 8 app closes unexpectedly soon after startup, settings for the application may not be synchronized when the application is restarted. -WORKAROUND: Close the Windows 8 app, close and restart the UevAppMonitor.exe application (can use TaskManager), and then restart the Windows 8 app. +**WORKAROUND:** Close the Windows 8 app, close and restart the UevAppMonitor.exe application (can use TaskManager), and then restart the Windows 8 app. ### UE-V 1 agent generates errors when running UE-V 2 templates If a UE-V 2 settings location template is distributed to a computer installed with a UE-V 1 agent, some settings fail to synchronize between computers and the agent reports errors in the event log. -WORKAROUND: When migrating from UE-V 1 to UE-V 2 and it is likely you’ll have computers running the previous version of the agent, create a separate UE-V 2.0 catalog to support the UE-V 2.0 Agent and templates. +**WORKAROUND:** When migrating from UE-V 1 to UE-V 2 and it is likely you’ll have computers running the previous version of the agent, create a separate UE-V 2.0 catalog to support the UE-V 2.0 Agent and templates. ## Hotfixes and Knowledge Base articles for UE-V 2.0 diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md index fda04bf393..c59140995e 100644 --- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md +++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-release-notesuevv21.md @@ -215,10 +215,10 @@ This section contains hotfixes and KB articles for UE-V 2.1.   -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md index f14cbf3910..de4f1b1e7b 100644 --- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md +++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md @@ -226,10 +226,10 @@ This section contains hotfixes and KB articles for UE-V 2.1 SP1.   -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md b/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md index 8c8ee9c750..8c85680256 100644 --- a/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md +++ b/mdop/uev-v2/prepare-a-ue-v-2x-deployment-new-uevv2.md @@ -790,10 +790,10 @@ The UE-V Generator must be installed on a computer that uses an NTFS file system - [Technical Reference for UE-V 2.x](technical-reference-for-ue-v-2x-both-uevv2.md) -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md index d82e263f02..be09b357cf 100644 --- a/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/security-considerations-for-ue-v-2x-both-uevv2.md @@ -120,10 +120,10 @@ We strongly recommend that you do not pre-create folders. Instead, let the UE-V If you redirect UE-V settings to a user’s home directory or a custom Active Directory (AD) directory, ensure that the permissions on the directory are set appropriately for your organization. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/sync-methods-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/sync-methods-for-ue-v-2x-both-uevv2.md index 752d0190eb..095f82e79c 100644 --- a/mdop/uev-v2/sync-methods-for-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/sync-methods-for-ue-v-2x-both-uevv2.md @@ -87,10 +87,10 @@ You can configure the sync method in these ways: - After installation of the UE-V Agent, by using [Windows PowerShell or Windows Management Instrumentation (WMI)](https://technet.microsoft.com/library/dn458937.aspx) -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/sync-trigger-events-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/sync-trigger-events-for-ue-v-2x-both-uevv2.md index 349fdff40a..c58d24cbd9 100644 --- a/mdop/uev-v2/sync-trigger-events-for-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/sync-trigger-events-for-ue-v-2x-both-uevv2.md @@ -105,10 +105,10 @@ The following table explains the trigger events for classic applications and Win   -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md b/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md index f81fd70279..62fd122e29 100644 --- a/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md +++ b/mdop/uev-v2/synchronizing-office-2013-with-ue-v-20-both-uevv2.md @@ -115,10 +115,10 @@ You can deploy UE-V settings location template with the following methods: - **Registering template via Configuration Manager**. If you use Configuration Manager to manage your UE-V settings storage templates, then recreate the Template Baseline CAB, import it into Configuration Manager, and then deploy the baseline to your clients. For more information, see the guidance provided in the documentation for the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2](https://go.microsoft.com/fwlink/?LinkId=317263). -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/technical-reference-for-ue-v-2x-both-uevv2.md b/mdop/uev-v2/technical-reference-for-ue-v-2x-both-uevv2.md index 8e0a8b28f2..3f0dd6974e 100644 --- a/mdop/uev-v2/technical-reference-for-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/technical-reference-for-ue-v-2x-both-uevv2.md @@ -56,10 +56,10 @@ This technical reference section includes additional technical documentation abo - [Troubleshooting UE-V 2.x](troubleshooting-ue-v-2x-both-uevv2.md) -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md b/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md index 0d9717a68a..2bc7e08ad1 100644 --- a/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md +++ b/mdop/uev-v2/troubleshooting-ue-v-2x-both-uevv2.md @@ -77,10 +77,10 @@ If you have a troubleshooting tip or a best practice to share that is not alread - [Technical Reference for UE-V 2.x](technical-reference-for-ue-v-2x-both-uevv2.md) -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + +   diff --git a/mdop/uev-v2/using-ue-v-2x-with-application-virtualization-applications-both-uevv2.md b/mdop/uev-v2/using-ue-v-2x-with-application-virtualization-applications-both-uevv2.md index bf222f4c11..9a038522f3 100644 --- a/mdop/uev-v2/using-ue-v-2x-with-application-virtualization-applications-both-uevv2.md +++ b/mdop/uev-v2/using-ue-v-2x-with-application-virtualization-applications-both-uevv2.md @@ -36,10 +36,10 @@ UE-V monitors when an application opens by the program name and, optionally, by 4. Start the App-V package. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/whats-new-in-ue-v-20-new-uevv2.md b/mdop/uev-v2/whats-new-in-ue-v-20-new-uevv2.md index f619670ed4..7f84bd8f45 100644 --- a/mdop/uev-v2/whats-new-in-ue-v-20-new-uevv2.md +++ b/mdop/uev-v2/whats-new-in-ue-v-20-new-uevv2.md @@ -61,10 +61,10 @@ You can provide your users with some control over which settings are synchronize Company Settings Center displays which settings are synchronized and lets users see the synchronization status of UE-V. If you let them, users can use Company Settings Center to select which settings to synchronize. They can also click the **Sync Now** button to synchronize all settings immediately. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md b/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md index 881a2d0c8b..d9d06dbd1b 100644 --- a/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md +++ b/mdop/uev-v2/whats-new-in-ue-v-21-new-uevv2.md @@ -87,10 +87,10 @@ You can restore additional settings when a user adopts a new device by putting a UE-V now synchronizes touch keyboard personalization, the spelling dictionary, and enables the App Switching for recent apps and screen edge settings to synchronize between Windows 8 and Windows 8.1 devices. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md b/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md index 6677e1864c..b90480b137 100644 --- a/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md +++ b/mdop/uev-v2/whats-new-in-ue-v-21-sp1uevv21-sp1.md @@ -75,10 +75,10 @@ To enable settings synchronization using UE-V 2.1, do one of the following: UE-V 2.1 ships [Office 2013 and Office 2010 templates](https://technet.microsoft.com/library/dn458932.aspx#autosyncsettings). This release removes the Office 2007 templates. Users can still use Office 2007 templates from UE-V 2.0 or earlier and can still get the templates from the UE-V template gallery located [here](https://go.microsoft.com/fwlink/p/?LinkID=246589). -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md b/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md index 1bfb3b6b04..b1b19388d5 100644 --- a/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md +++ b/mdop/uev-v2/working-with-custom-ue-v-2x-templates-and-the-ue-v-2x-generator-new-uevv2.md @@ -150,10 +150,10 @@ Before you share a settings location template on the UE-V template gallery, ensu Before you deploy any settings location template that you have downloaded from the UE-V gallery, you should first test the template to ensure that the application settings synchronize settings correctly in a test environment. -## Got a suggestion for UE-V? -Add or vote on suggestions [here](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization). For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/home?forum=mdopuev). + + ## Related topics diff --git a/store-for-business/update-microsoft-store-for-business-account-settings.md b/store-for-business/update-microsoft-store-for-business-account-settings.md index 46dd73d807..212b62ecf0 100644 --- a/store-for-business/update-microsoft-store-for-business-account-settings.md +++ b/store-for-business/update-microsoft-store-for-business-account-settings.md @@ -1,6 +1,6 @@ --- -title: Update Microsoft Store for Business and Microsoft Store for Education billing account settings (Windows 10) -description: The billing account page in Microsoft Store for Business and Microsoft Store for Education shows information about your organization that you can update, including country or region, organization contact info, agreements with Microsoft and admin approvals. +title: Update your Billing account settings +description: The billing account page in Microsoft Store for Business and Microsoft Store for Education, and M365 admin center shows information about your organization that you can update, including country or region, organization contact info, agreements with Microsoft and admin approvals. keywords: billing accounts, organization info ms.prod: w10 ms.mktglfcycl: manage @@ -10,10 +10,10 @@ author: TrudyHa ms.author: TrudyHa ms.topic: conceptual ms.localizationpriority: medium -ms.date: 03/01/2019 +ms.date: 03/18/2019 --- -# Update Microsoft Store for Business and Microsoft Store for Education account settings +# Update Billing account settings A billing account contains defining information about your organization. >[!NOTE] diff --git a/windows/application-management/app-v/appv-about-appv.md b/windows/application-management/app-v/appv-about-appv.md index 49f117a030..ed9e7d1801 100644 --- a/windows/application-management/app-v/appv-about-appv.md +++ b/windows/application-management/app-v/appv-about-appv.md @@ -1,7 +1,7 @@ --- title: What's new in App-V for Windows 10, version 1703 and earlier (Windows 10) description: Information about what's new in App-V for Windows 10, version 1703 and earlier. -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -60,9 +60,9 @@ For more information about how to configure an existing App-V installation after App-V supports System Center 2016 and System Center 2012 R2 Configuration Manager SP1. See [Planning for App-V Integration with Configuration Manager](https://technet.microsoft.com/library/jj822982.aspx) to learn more about how to integrate your App-V environment with Configuration Manager. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md index 45c7caa713..dc50a4c884 100644 --- a/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md +++ b/windows/application-management/app-v/appv-add-or-remove-an-administrator-with-the-management-console.md @@ -26,9 +26,9 @@ Use the following procedures to add or remove an administrator on the Microsoft 1. Open the Microsoft Application Virtualization (App-V) Management Console and select **Administrators** in the navigation pane. The navigation pane displays a list of AD users and groups that currently have administrative access to the Microsoft Application Virtualization (App-V) server. 2. Right-click the account to be removed from the list of administrators and select **Remove**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md index 45e9e679e6..65e751d061 100644 --- a/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md +++ b/windows/application-management/app-v/appv-add-or-upgrade-packages-with-the-management-console.md @@ -36,9 +36,9 @@ You can use the following procedure to add or upgrade a package to the App-V Man 5. Select **Close** to close the **Add or Upgrade Packages** page. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-administering-appv-with-powershell.md b/windows/application-management/app-v/appv-administering-appv-with-powershell.md index 59464baca3..e56d2e0b3a 100644 --- a/windows/application-management/app-v/appv-administering-appv-with-powershell.md +++ b/windows/application-management/app-v/appv-administering-appv-with-powershell.md @@ -45,9 +45,9 @@ The following table describes Windows PowerShell error handling for App-V. |Using the **RollbackOnError** attribute with embedded scripts|When you use the **RollbackOnError** attribute with embedded scripts, the attribute is ignored for the following events:
- Removing a package
- Unpublishing a package
- Terminating a virtual environment
- Terminating a process| |Package name contains **$**|If a package name contains the character \$\, you must use a single-quote ( **'** ).
For example:
```Add-AppvClientPackage 'Contoso$App.appv'```| -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md index c416a2e63e..496cc0b738 100644 --- a/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md +++ b/windows/application-management/app-v/appv-administering-virtual-applications-with-the-management-console.md @@ -51,9 +51,9 @@ The main elements of the App-V Management Console are: >[!IMPORTANT] >The browser you're using to open the Web Management Console must have JavaScript enabled. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Other resources for this App-V deployment diff --git a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md index 2c586765ad..cee9f0a966 100644 --- a/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md +++ b/windows/application-management/app-v/appv-allow-administrators-to-enable-connection-groups.md @@ -25,9 +25,9 @@ Use one of the following methods to allow only administrators to enable or disab |Group Policy setting|Enable the “Require publish as administrator” Group Policy setting, which is located in the following Group Policy Object node:

**Computer Configuration** > **Administrative Templates** > **System** > **App-V** > **Publishing**| |Windows PowerShell cmdlet|Run the **Set-AppvClientConfiguration** cmdlet with the *-RequirePublishAsAdmin* parameter.

Parameter values:
- **0** – False
- **1** – True

Example: ```Set-AppvClientConfiguration -RequirePublishAsAdmin 1```| -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md index a1ee5bf107..54a2eb8da6 100644 --- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md +++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md @@ -894,6 +894,5 @@ There are three specific categories of events recorded: - **Operational** logs the general App-V execution and usage of individual components, creating an audit log of the App-V Client's completed App-V operations. - **Virtual Application** logs virtual application launches and use of virtualization subsystems. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md b/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md index 9526ab4f81..457b84aa95 100644 --- a/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md +++ b/windows/application-management/app-v/appv-apply-the-deployment-configuration-file-with-powershell.md @@ -38,9 +38,9 @@ Add-AppVClientPackage -Path C:\Packages\Contoso\MyApp.appv -DynamicDeploymentCon > Set-AppVClientPackage -Name Myapp -Path C:\Packages\Contoso\MyApp.appv -DynamicDeploymentConfiguration C:\Packages\Contoso\DynamicConfigurations\deploymentconfig.xml > ``` -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-apply-the-user-configuration-file-with-powershell.md b/windows/application-management/app-v/appv-apply-the-user-configuration-file-with-powershell.md index e92a8ab78e..8b1e2d8168 100644 --- a/windows/application-management/app-v/appv-apply-the-user-configuration-file-with-powershell.md +++ b/windows/application-management/app-v/appv-apply-the-user-configuration-file-with-powershell.md @@ -37,9 +37,9 @@ Here's how to specify a user-specific configuration file: Publish-AppVClientPackage $pkg -DynamicUserConfigurationPath C:\Packages\Contoso\config.xml ``` -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-auto-batch-sequencing.md b/windows/application-management/app-v/appv-auto-batch-sequencing.md index 66325824b5..d40b868aa0 100644 --- a/windows/application-management/app-v/appv-auto-batch-sequencing.md +++ b/windows/application-management/app-v/appv-auto-batch-sequencing.md @@ -1,7 +1,7 @@ --- title: Automatically sequence multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer) (Windows 10) description: How to automatically sequence multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer). -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -100,6 +100,6 @@ There are 3 types of log files that occur when you sequence multiple apps at the - [Automatically update multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer)](appv-auto-batch-updating.md) - [Automatically clean up unpublished packages on the App-V client](appv-auto-clean-unpublished-packages.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + diff --git a/windows/application-management/app-v/appv-auto-batch-updating.md b/windows/application-management/app-v/appv-auto-batch-updating.md index 74df442757..6a74d97208 100644 --- a/windows/application-management/app-v/appv-auto-batch-updating.md +++ b/windows/application-management/app-v/appv-auto-batch-updating.md @@ -1,7 +1,7 @@ --- title: Automatically update multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer) (Windows 10) description: How to automatically update multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer). -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -154,6 +154,6 @@ There are three types of log files that occur when you sequence multiple apps at - [Automatically sequence multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer)](appv-auto-batch-sequencing.md) - [Automatically cleanup unpublished packages on the App-V client](appv-auto-clean-unpublished-packages.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + diff --git a/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md b/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md index 63067bd3b6..acf707a514 100644 --- a/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md +++ b/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md @@ -1,7 +1,7 @@ --- title: Automatically clean up unpublished packages on the App-V client (Windows 10) description: How to automatically clean up any unpublished packages on your App-V client devices. -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -52,9 +52,9 @@ Using Group Policy, you can turn on the **Enable automatic cleanup of unused App After your Group Policy updates and you reset the client, the setting will clean up any unpublished App-V packages on the App-V client. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-auto-provision-a-vm.md b/windows/application-management/app-v/appv-auto-provision-a-vm.md index ec2a3b80d2..53a38b3f05 100644 --- a/windows/application-management/app-v/appv-auto-provision-a-vm.md +++ b/windows/application-management/app-v/appv-auto-provision-a-vm.md @@ -1,7 +1,7 @@ --- title: Automatically provision your sequencing environment using Microsoft Application Virtualization Sequencer (App-V Sequencer) (Windows 10) description: How to automatically provision your sequencing environment using Microsoft Application Virtualization Sequencer (App-V Sequencer) PowerShell cmdlet or the user interface. -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -126,6 +126,5 @@ After you sequence your packages, you can automatically clean up any unpublished - [How to install the App-V Sequencer](appv-install-the-sequencer.md) - [Learn about Hyper-V on Windows Server 2016](https://technet.microsoft.com/windows-server-docs/compute/hyper-v/hyper-v-on-windows-server) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-available-mdm-settings.md b/windows/application-management/app-v/appv-available-mdm-settings.md index 202aeda39b..3429a4b616 100644 --- a/windows/application-management/app-v/appv-available-mdm-settings.md +++ b/windows/application-management/app-v/appv-available-mdm-settings.md @@ -1,7 +1,7 @@ --- title: Available Mobile Device Management (MDM) settings for App-V (Windows 10) description: A list of the available MDM settings for App-V on Windows 10. -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library diff --git a/windows/application-management/app-v/appv-capacity-planning.md b/windows/application-management/app-v/appv-capacity-planning.md index d4ff60ca44..250809b68c 100644 --- a/windows/application-management/app-v/appv-capacity-planning.md +++ b/windows/application-management/app-v/appv-capacity-planning.md @@ -185,9 +185,9 @@ Ignoring scaling requirements, the minimum number of servers that a fault-tolera Although there are many fault-tolerance strategies and technologies you can use, not all are applicable to a given service. Additionally, if App-V roles are combined, the resulting incompatibilities could cause certain fault-tolerance options to stop working. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-client-configuration-settings.md b/windows/application-management/app-v/appv-client-configuration-settings.md index 41663d81b1..983ad32d49 100644 --- a/windows/application-management/app-v/appv-client-configuration-settings.md +++ b/windows/application-management/app-v/appv-client-configuration-settings.md @@ -105,9 +105,9 @@ The following table provides information about App-V client configuration settin | **HidePublishingRefreshUI**
1 (Enabled), 0 (Disabled) | | | | **ProcessesUsingVirtualComponents**
String | Virtualization\\ProcessesUsingVirtualComponents | Empty string. | -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-configure-access-to-packages-with-the-management-console.md b/windows/application-management/app-v/appv-configure-access-to-packages-with-the-management-console.md index edd87bf73b..df14d062d7 100644 --- a/windows/application-management/app-v/appv-configure-access-to-packages-with-the-management-console.md +++ b/windows/application-management/app-v/appv-configure-access-to-packages-with-the-management-console.md @@ -52,9 +52,9 @@ Use the following procedure to configure access to virtualized packages. 3. Select **Close**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-configure-connection-groups-to-ignore-the-package-version.md b/windows/application-management/app-v/appv-configure-connection-groups-to-ignore-the-package-version.md index 150105c699..2c4f458795 100644 --- a/windows/application-management/app-v/appv-configure-connection-groups-to-ignore-the-package-version.md +++ b/windows/application-management/app-v/appv-configure-connection-groups-to-ignore-the-package-version.md @@ -57,9 +57,9 @@ For more about adding or upgrading packages, see [How to add or upgrade packages For more information, see [How to manage App-V packages running on a stand-alone computer by using Windows PowerShell](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md). -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md b/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md index 488a1f7a7a..ac9673baaf 100644 --- a/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md +++ b/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md @@ -55,9 +55,9 @@ This article will tell you how to configure the App-V client to receive updates This cmdlet will query the publishing server for which packages and connection groups need to be added or removed for this particular client based on your configured entitlements for the packages and connection groups on the management server. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-connect-to-the-management-console.md b/windows/application-management/app-v/appv-connect-to-the-management-console.md index 9f43bc0593..d19cfb0658 100644 --- a/windows/application-management/app-v/appv-connect-to-the-management-console.md +++ b/windows/application-management/app-v/appv-connect-to-the-management-console.md @@ -21,9 +21,9 @@ Use the following procedure to connect to the App-V Management Console. 2. To view different sections of the console, select your desired section in the navigation pane. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-connection-group-file.md b/windows/application-management/app-v/appv-connection-group-file.md index 9a7745ec8f..284057363a 100644 --- a/windows/application-management/app-v/appv-connection-group-file.md +++ b/windows/application-management/app-v/appv-connection-group-file.md @@ -134,9 +134,9 @@ App-V supports the following application connection configurations. After deployment, you can either create a single new Microsoft Office 2010 + Microsoft Lync 2010 package or keep and maintain them as separate packages and deploy them with a connection group. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-connection-group-virtual-environment.md b/windows/application-management/app-v/appv-connection-group-virtual-environment.md index aa850efd33..99932f11be 100644 --- a/windows/application-management/app-v/appv-connection-group-virtual-environment.md +++ b/windows/application-management/app-v/appv-connection-group-virtual-environment.md @@ -61,9 +61,9 @@ When a virtualized application tries to find a specific file, App-V will first f - If a file named **test.txt** exists in the same virtual folder hierarchy in both application packages, App-V will use the first matching file. - If a file named **bar.txt** exists in the virtual folder hierarchy of one application package, but not in the other, App-V will use the first matching file. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-convert-a-package-created-in-a-previous-version-of-appv.md b/windows/application-management/app-v/appv-convert-a-package-created-in-a-previous-version-of-appv.md index 83e309f4df..36dcf56ffe 100644 --- a/windows/application-management/app-v/appv-convert-a-package-created-in-a-previous-version-of-appv.md +++ b/windows/application-management/app-v/appv-convert-a-package-created-in-a-previous-version-of-appv.md @@ -85,9 +85,9 @@ The App-V package converter will save the App-V 4.6 installation root folder and - Other functionality—Windows PowerShell has other built-in functionality for features such as aliases, lazy-binding, .NET Object, and many others. These features can help you create advanced scenarios for the Package Converter. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-create-a-connection-group-with-user-published-and-globally-published-packages.md b/windows/application-management/app-v/appv-create-a-connection-group-with-user-published-and-globally-published-packages.md index a362c6b960..2ecf79eaaf 100644 --- a/windows/application-management/app-v/appv-create-a-connection-group-with-user-published-and-globally-published-packages.md +++ b/windows/application-management/app-v/appv-create-a-connection-group-with-user-published-and-globally-published-packages.md @@ -55,9 +55,9 @@ Here are some important things to know before you get started: 3. Follow the instructions in [How to create a connection group](appv-create-a-connection-group.md) to create the connection group and add the user-published and globally published packages. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-create-a-connection-group.md b/windows/application-management/app-v/appv-create-a-connection-group.md index 06cb2f3b61..f5353a4be2 100644 --- a/windows/application-management/app-v/appv-create-a-connection-group.md +++ b/windows/application-management/app-v/appv-create-a-connection-group.md @@ -38,9 +38,9 @@ When you place packages in a connection group, their package root paths merge. I 6. After adding all the applications and configuring Active Directory access, select **Apply**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-create-a-custom-configuration-file-with-the-management-console.md b/windows/application-management/app-v/appv-create-a-custom-configuration-file-with-the-management-console.md index 64d7613d73..e27f48c14a 100644 --- a/windows/application-management/app-v/appv-create-a-custom-configuration-file-with-the-management-console.md +++ b/windows/application-management/app-v/appv-create-a-custom-configuration-file-with-the-management-console.md @@ -30,9 +30,9 @@ You can create a dynamic user configuration file with the App-V Management Conso >[!NOTE]   >If you want to export a configuration while running on Windows Server, make sure to disable the IE Enhanced Security Configuration setting. If this setting is enabled and set to block downloads, you won't be able to download anything from the App-V Server. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-create-a-package-accelerator-with-powershell.md b/windows/application-management/app-v/appv-create-a-package-accelerator-with-powershell.md index 71b489d69b..c9e6680de7 100644 --- a/windows/application-management/app-v/appv-create-a-package-accelerator-with-powershell.md +++ b/windows/application-management/app-v/appv-create-a-package-accelerator-with-powershell.md @@ -39,9 +39,9 @@ App-V Package Accelerators automatically sequence large, complex applications. A - *AcceleratorDescriptionFile* specifies the path to user-created package accelerator instructions. The package accelerator instructions are **.txt** or **.rtf** description files that will be included in the package created by the package accelerator. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-create-a-package-accelerator.md b/windows/application-management/app-v/appv-create-a-package-accelerator.md index 233f4e609b..1aa2fa75c3 100644 --- a/windows/application-management/app-v/appv-create-a-package-accelerator.md +++ b/windows/application-management/app-v/appv-create-a-package-accelerator.md @@ -68,9 +68,9 @@ Use the following procedure to create a package accelerator. >[!IMPORTANT] >You should always digitally sign the package accelerator to ensure that it is secure and can be verified by a publisher during application. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-create-a-virtual-application-package-package-accelerator.md b/windows/application-management/app-v/appv-create-a-virtual-application-package-package-accelerator.md index 9d91c8e08e..48dfcaf890 100644 --- a/windows/application-management/app-v/appv-create-a-virtual-application-package-package-accelerator.md +++ b/windows/application-management/app-v/appv-create-a-virtual-application-package-package-accelerator.md @@ -68,9 +68,9 @@ Use the following procedure to create a virtual application package with the App The package is now available in the Sequencer. To edit the package properties, select **Edit \[Package Name\]**. For more information about how to modify a package, see [How to modify an existing virtual application package](appv-modify-an-existing-virtual-application-package.md). -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-create-and-use-a-project-template.md b/windows/application-management/app-v/appv-create-and-use-a-project-template.md index d573e61940..762a8c3837 100644 --- a/windows/application-management/app-v/appv-create-and-use-a-project-template.md +++ b/windows/application-management/app-v/appv-create-and-use-a-project-template.md @@ -1,7 +1,7 @@ --- title: Create and apply an App-V project template to a sequenced App-V package (Windows 10) description: Steps for how to create and apply an App-V project template (.appvt) to a sequenced App-V package. -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -55,6 +55,6 @@ After creating the template, you can apply it to all of your new virtual app pac - [Automatically update multiple apps at the same time using Microsoft Application Virtualization Sequencer (App-V Sequencer)](appv-auto-batch-updating.md) - [Manually sequence a new app using Microsoft Application Virtualization Sequencer (App-V Sequencer)](appv-sequence-a-new-application.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + diff --git a/windows/application-management/app-v/appv-creating-and-managing-virtualized-applications.md b/windows/application-management/app-v/appv-creating-and-managing-virtualized-applications.md index f5123c4f06..dca1b3b048 100644 --- a/windows/application-management/app-v/appv-creating-and-managing-virtualized-applications.md +++ b/windows/application-management/app-v/appv-creating-and-managing-virtualized-applications.md @@ -153,9 +153,9 @@ The App-V Sequencer can detect common sequencing issues during sequencing. The * You can also find additional information about sequencing errors using the Windows Event Viewer. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-customize-virtual-application-extensions-with-the-management-console.md b/windows/application-management/app-v/appv-customize-virtual-application-extensions-with-the-management-console.md index c6ca02e169..b6239f823f 100644 --- a/windows/application-management/app-v/appv-customize-virtual-application-extensions-with-the-management-console.md +++ b/windows/application-management/app-v/appv-customize-virtual-application-extensions-with-the-management-console.md @@ -29,9 +29,9 @@ Use the following procedure to customize the virtual application extensions for 5. To edit additional application extensions, modify the configuration file and select **Import and Overwrite this Configuration**. Select the modified file and select **Open**. In the dialog, select **Overwrite** to complete the process. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-delete-a-connection-group.md b/windows/application-management/app-v/appv-delete-a-connection-group.md index 34472e93e8..28ece19e12 100644 --- a/windows/application-management/app-v/appv-delete-a-connection-group.md +++ b/windows/application-management/app-v/appv-delete-a-connection-group.md @@ -21,9 +21,9 @@ Use the following procedure to delete an existing App-V connection group. 2. Right-click the connection group to be removed and select **delete**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-delete-a-package-with-the-management-console.md b/windows/application-management/app-v/appv-delete-a-package-with-the-management-console.md index ab6f7f440c..c1da202df9 100644 --- a/windows/application-management/app-v/appv-delete-a-package-with-the-management-console.md +++ b/windows/application-management/app-v/appv-delete-a-package-with-the-management-console.md @@ -21,9 +21,9 @@ Use the following procedure to delete an App-V package. 2. Select or right-click the package, then select **Delete** to remove the package. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md b/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md index 0f4e382de6..c0a29eb10f 100644 --- a/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md +++ b/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md @@ -176,9 +176,9 @@ Steps to install "AppVReporting" schema in SQL SERVER. ScheduleReportingJob.sql ``` -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-deploy-appv-packages-with-electronic-software-distribution-solutions.md b/windows/application-management/app-v/appv-deploy-appv-packages-with-electronic-software-distribution-solutions.md index 1486989e1b..8dde4cdf22 100644 --- a/windows/application-management/app-v/appv-deploy-appv-packages-with-electronic-software-distribution-solutions.md +++ b/windows/application-management/app-v/appv-deploy-appv-packages-with-electronic-software-distribution-solutions.md @@ -37,9 +37,9 @@ Use one of the following methods to publish packages to App-V client computers w 3. After you create the virtual application, deploy the package by using your ESD solution. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md b/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md index 4112bf670f..52f16c2759 100644 --- a/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md +++ b/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md @@ -514,9 +514,9 @@ To use a custom instance of Microsoft SQL Server, use these parameters: | */EXISTING_MANAGEMENT_DB_CUSTOM_SQLINSTANCE* | Specifies the name of the custom SQL instance that will be used. For example, ```/EXISTING_MANAGEMENT_DB_CUSTOM_SQLINSTANCE="AppVManagement"```. If **/DB_PREDEPLOY_MANAGEMENT** isn't specified, this will be ignored. | | */EXISTING_MANAGEMENT_DB_NAME* | Specifies the name of the existing management database that should be used. For example, ```/EXISTING_MANAGEMENT_DB_NAME="AppVMgmtDB"```. If **/DB_PREDEPLOY_MANAGEMENT** isn't specified, this will be ignored. | -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-deploying-appv.md b/windows/application-management/app-v/appv-deploying-appv.md index 8b77d6c841..b90d7a848e 100644 --- a/windows/application-management/app-v/appv-deploying-appv.md +++ b/windows/application-management/app-v/appv-deploying-appv.md @@ -42,6 +42,6 @@ The following sections describe how to use App-V to deliver Microsoft Office as * [Troubleshooting App-V](appv-troubleshooting.md) * [Technical reference for App-V](appv-technical-reference.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md index de89bc130c..42f86ce251 100644 --- a/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md +++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2010-wth-appv.md @@ -96,6 +96,5 @@ The following table provides a full list of supported integration points for Off * [About App-V Dynamic Configuration](appv-dynamic-configuration.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md index d075713777..40ac8858c6 100644 --- a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md +++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md @@ -433,6 +433,5 @@ This section describes the requirements and options for deploying Visio 2013 and * [About App-V Dynamic Configuration](appv-dynamic-configuration.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md index ce10d0918e..f2caa3c9f0 100644 --- a/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md +++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md @@ -379,6 +379,5 @@ The following table describes the requirements and options for deploying Visio 2 * [Deploying Microsoft Office 2010 by using App-V](appv-deploying-microsoft-office-2010-wth-appv.md) * [Office 2016 Deployment Tool for Click-to-Run](https://www.microsoft.com/download/details.aspx?id=49117) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-deploying-packages-with-electronic-software-distribution-solutions.md b/windows/application-management/app-v/appv-deploying-packages-with-electronic-software-distribution-solutions.md index 31abfd0d2d..4f205bf71e 100644 --- a/windows/application-management/app-v/appv-deploying-packages-with-electronic-software-distribution-solutions.md +++ b/windows/application-management/app-v/appv-deploying-packages-with-electronic-software-distribution-solutions.md @@ -30,6 +30,5 @@ To learn how to configure the App-V client to enable only administrators to publ - [App-V and Citrix integration](https://www.microsoft.com/en-us/download/details.aspx?id=40885) - [Operations for App-V](appv-operations.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-deploying-the-appv-sequencer-and-client.md b/windows/application-management/app-v/appv-deploying-the-appv-sequencer-and-client.md index 11e2b14e5e..c50de9053a 100644 --- a/windows/application-management/app-v/appv-deploying-the-appv-sequencer-and-client.md +++ b/windows/application-management/app-v/appv-deploying-the-appv-sequencer-and-client.md @@ -89,6 +89,5 @@ You can use the App-V Sequencer log information to troubleshoot Sequencer instal >[!NOTE] >Sequencer-related events are prepended with **AppV\_Sequencer**. Client-related events are prepended with **AppV\_Client**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-deploying-the-appv-server.md b/windows/application-management/app-v/appv-deploying-the-appv-server.md index 5ce5fff75c..a8483ea6cb 100644 --- a/windows/application-management/app-v/appv-deploying-the-appv-server.md +++ b/windows/application-management/app-v/appv-deploying-the-appv-server.md @@ -106,6 +106,6 @@ For more information, see [About App-V reporting](appv-reporting.md) and [How to * [Deploying App-V](appv-deploying-appv.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + diff --git a/windows/application-management/app-v/appv-deployment-checklist.md b/windows/application-management/app-v/appv-deployment-checklist.md index bd1d3d9802..dbb94bed87 100644 --- a/windows/application-management/app-v/appv-deployment-checklist.md +++ b/windows/application-management/app-v/appv-deployment-checklist.md @@ -24,9 +24,9 @@ This checklist outlines the recommended steps and items to consider when deployi >[!NOTE] >Keep track of server names and associated URLs you create during installation. You'll need this information throughout the installation process. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-dynamic-configuration.md b/windows/application-management/app-v/appv-dynamic-configuration.md index 45421f8951..3e900c1a4b 100644 --- a/windows/application-management/app-v/appv-dynamic-configuration.md +++ b/windows/application-management/app-v/appv-dynamic-configuration.md @@ -603,9 +603,9 @@ For more information about how to create the file using the App-V Management Con To create the file manually, you can combine the components listed in the previous sections into a single file. However, we recommend you use files generated by the sequencer instead of manually created ones. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-enable-administrators-to-publish-packages-with-electronic-software-distribution-solutions.md b/windows/application-management/app-v/appv-enable-administrators-to-publish-packages-with-electronic-software-distribution-solutions.md index db2bc9e287..ed48d628a2 100644 --- a/windows/application-management/app-v/appv-enable-administrators-to-publish-packages-with-electronic-software-distribution-solutions.md +++ b/windows/application-management/app-v/appv-enable-administrators-to-publish-packages-with-electronic-software-distribution-solutions.md @@ -25,6 +25,6 @@ Here's how to enable only administrators to publish or unpublish packages: To instead use Windows PowerShell to set this item, see [Understanding pending packages: UserPending and GlobalPending](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md#about-pending-packages-userpending-and-globalpending). -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + diff --git a/windows/application-management/app-v/appv-enable-reporting-on-the-appv-client-with-powershell.md b/windows/application-management/app-v/appv-enable-reporting-on-the-appv-client-with-powershell.md index 810b13884f..9aa52bfd1c 100644 --- a/windows/application-management/app-v/appv-enable-reporting-on-the-appv-client-with-powershell.md +++ b/windows/application-management/app-v/appv-enable-reporting-on-the-appv-client-with-powershell.md @@ -79,9 +79,9 @@ Use the following procedure to configure the App-V for reporting. Additionally, administrators can manually send the data back in an on-demand manner using the **Send-AppvClientReport** cmdlet. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-enable-the-app-v-desktop-client.md b/windows/application-management/app-v/appv-enable-the-app-v-desktop-client.md index 621cc25ef8..29f36ee761 100644 --- a/windows/application-management/app-v/appv-enable-the-app-v-desktop-client.md +++ b/windows/application-management/app-v/appv-enable-the-app-v-desktop-client.md @@ -38,6 +38,5 @@ Check out these articles for more information about how to configure the App-V c * [Using the client management console](appv-using-the-client-management-console.md) * [How to configure the client to receive package and connection group updates from the Publishing server](appv-configure-the-client-to-receive-updates-from-the-publishing-server.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-evaluating-appv.md b/windows/application-management/app-v/appv-evaluating-appv.md index d055f0c12d..c17263348d 100644 --- a/windows/application-management/app-v/appv-evaluating-appv.md +++ b/windows/application-management/app-v/appv-evaluating-appv.md @@ -45,9 +45,6 @@ Use the following links for more information about creating and managing virtual - [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server](appv-configure-the-client-to-receive-updates-from-the-publishing-server.md) -## Have a suggestion for App-V? - -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-for-windows.md b/windows/application-management/app-v/appv-for-windows.md index 297983a412..efac1526d5 100644 --- a/windows/application-management/app-v/appv-for-windows.md +++ b/windows/application-management/app-v/appv-for-windows.md @@ -62,6 +62,5 @@ The topics in this section provide information and instructions to help you admi - [Viewing App-V Server publishing metadata](appv-viewing-appv-server-publishing-metadata.md) - [Running a locally installed application inside a virtual environment with virtualized applications](appv-running-locally-installed-applications-inside-a-virtual-environment.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md b/windows/application-management/app-v/appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md index efc8ef2948..24405d012e 100644 --- a/windows/application-management/app-v/appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md +++ b/windows/application-management/app-v/appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md @@ -137,9 +137,9 @@ Before attempting this procedure, you should read and understand the information **.\\ConvertToSID.ps1 $accountsArray | Write-Output -FilePath .\\SIDs.txt -Width 200”** -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-install-the-management-and-reporting-databases-on-separate-computers.md b/windows/application-management/app-v/appv-install-the-management-and-reporting-databases-on-separate-computers.md index 4f23037b26..a67f0ea3de 100644 --- a/windows/application-management/app-v/appv-install-the-management-and-reporting-databases-on-separate-computers.md +++ b/windows/application-management/app-v/appv-install-the-management-and-reporting-databases-on-separate-computers.md @@ -69,9 +69,9 @@ Use the following procedure to install the database server and management server >For more information about modifying the required SIDs contained in the scripts see, [How to Install the App-V Databases and Convert the Associated Security Identifiers by Using Windows PowerShell](appv-install-the-appv-databases-and-convert-the-associated-security-identifiers-with-powershell.md). 5. Run the scripts on the computer running Microsoft SQL Server. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-install-the-management-server-on-a-standalone-computer.md b/windows/application-management/app-v/appv-install-the-management-server-on-a-standalone-computer.md index f08f9c8408..7e82f64b5b 100644 --- a/windows/application-management/app-v/appv-install-the-management-server-on-a-standalone-computer.md +++ b/windows/application-management/app-v/appv-install-the-management-server-on-a-standalone-computer.md @@ -31,9 +31,9 @@ To install the management server on a standalone computer and connect it to the 8. Select **Install**. 9. To confirm that the setup has completed successfully, open a web browser and enter the following URL: https://managementserver:portnumber/Console. If the installation was successful, you should see the **Management Console** appear without any error messages or warnings displayed. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md index dd6d2b1fe4..a4d4a8ed1a 100644 --- a/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md +++ b/windows/application-management/app-v/appv-install-the-publishing-server-on-a-remote-computer.md @@ -53,9 +53,9 @@ Use the following procedure to install the publishing server on a separate compu ``` -## Have a suggestion for App-V? + + -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). ## Related topics diff --git a/windows/application-management/app-v/appv-install-the-reporting-server-on-a-standalone-computer.md b/windows/application-management/app-v/appv-install-the-reporting-server-on-a-standalone-computer.md index 2ccbaac2b2..9c1a1b5066 100644 --- a/windows/application-management/app-v/appv-install-the-reporting-server-on-a-standalone-computer.md +++ b/windows/application-management/app-v/appv-install-the-reporting-server-on-a-standalone-computer.md @@ -35,9 +35,9 @@ Use the following procedure to install the reporting server on a standalone comp * For the **Port binding**, specify a unique, five-digit port number for App-V to use, such as **55555**. Make sure that the specified port isn't being used by another website. 8. Select **Install**. -## Have a suggestion for App-V? + + -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). ## Related topics diff --git a/windows/application-management/app-v/appv-install-the-sequencer.md b/windows/application-management/app-v/appv-install-the-sequencer.md index 42ab339a2b..59f1199d00 100644 --- a/windows/application-management/app-v/appv-install-the-sequencer.md +++ b/windows/application-management/app-v/appv-install-the-sequencer.md @@ -49,9 +49,9 @@ You can also use the command line to install the App-V sequencer. The following For more information regarding the sequencer installation, you can view the error log in the **%temp%** folder. To review the log files, click **Start**, type **%temp%**, and then look for the **appv\_ log**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md b/windows/application-management/app-v/appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md index 81fc2c61b2..ae78cb69e8 100644 --- a/windows/application-management/app-v/appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md +++ b/windows/application-management/app-v/appv-load-the-powershell-cmdlets-and-get-cmdlet-help.md @@ -91,6 +91,5 @@ To display help for a specific Windows PowerShell cmdlet: Get-Help Publish-AppvClientPackage ``` -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-maintaining-appv.md b/windows/application-management/app-v/appv-maintaining-appv.md index f8af0d895a..eab387ff9a 100644 --- a/windows/application-management/app-v/appv-maintaining-appv.md +++ b/windows/application-management/app-v/appv-maintaining-appv.md @@ -27,9 +27,9 @@ For example, let's say the process ID is 4052. If you can successfully open a na Additionally, ISVs who want to explicitly virtualize or not virtualize calls on specific APIs with App-V 5.1 and later can use the **VirtualizeCurrentThread()** and **CurrentThreadIsVirtualized()** functions implemented in the AppEntSubsystems32.dll module to hint to a downstream component whether the call should be virtualized or not. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Other resources for maintaining App-V diff --git a/windows/application-management/app-v/appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md b/windows/application-management/app-v/appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md index e72efbfcca..4482877876 100644 --- a/windows/application-management/app-v/appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md +++ b/windows/application-management/app-v/appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md @@ -162,9 +162,9 @@ The pending task will run later, according to the following rules: For more information about pending tasks, see [Upgrading an in-use App-V package](appv-application-publishing-and-client-interaction.md#upgrading-an-in-use-app-v-package). -## Have a suggestion for App-V? + + -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). ## Related topics diff --git a/windows/application-management/app-v/appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md b/windows/application-management/app-v/appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md index 42df49b2c7..9e50ad3f0c 100644 --- a/windows/application-management/app-v/appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md +++ b/windows/application-management/app-v/appv-manage-connection-groups-on-a-stand-alone-computer-with-powershell.md @@ -126,9 +126,9 @@ This topic explains the following procedures: -## Have a suggestion for App-V? + -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-managing-connection-groups.md b/windows/application-management/app-v/appv-managing-connection-groups.md index 3f69438c95..db17fbe2a0 100644 --- a/windows/application-management/app-v/appv-managing-connection-groups.md +++ b/windows/application-management/app-v/appv-managing-connection-groups.md @@ -64,10 +64,10 @@ In some previous versions of App-V, connection groups were referred to as Dynami   -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Other resources for App-V connection groups diff --git a/windows/application-management/app-v/appv-migrating-to-appv-from-a-previous-version.md b/windows/application-management/app-v/appv-migrating-to-appv-from-a-previous-version.md index e74aecb295..3776b26829 100644 --- a/windows/application-management/app-v/appv-migrating-to-appv-from-a-previous-version.md +++ b/windows/application-management/app-v/appv-migrating-to-appv-from-a-previous-version.md @@ -247,10 +247,10 @@ There is no direct method to upgrade to a full App-V infrastructure. Use the inf -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Other resources for performing App-V migration tasks diff --git a/windows/application-management/app-v/appv-modify-an-existing-virtual-application-package.md b/windows/application-management/app-v/appv-modify-an-existing-virtual-application-package.md index c3c5a98cac..e5e1aae356 100644 --- a/windows/application-management/app-v/appv-modify-an-existing-virtual-application-package.md +++ b/windows/application-management/app-v/appv-modify-an-existing-virtual-application-package.md @@ -145,9 +145,9 @@ This topic explains how to: 13. On the **Completion** page, click **Close**. The package is now available in the sequencer. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-modify-client-configuration-with-powershell.md b/windows/application-management/app-v/appv-modify-client-configuration-with-powershell.md index 894c51e025..9f0295e52a 100644 --- a/windows/application-management/app-v/appv-modify-client-configuration-with-powershell.md +++ b/windows/application-management/app-v/appv-modify-client-configuration-with-powershell.md @@ -28,9 +28,9 @@ Use the following procedure to configure the App-V client configuration. `Set-AppVClientConfiguration –Name1 MyConfig –Name2 "xyz"` -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-move-the-appv-server-to-another-computer.md b/windows/application-management/app-v/appv-move-the-appv-server-to-another-computer.md index fc39d7dc05..9cee0ac02c 100644 --- a/windows/application-management/app-v/appv-move-the-appv-server-to-another-computer.md +++ b/windows/application-management/app-v/appv-move-the-appv-server-to-another-computer.md @@ -26,9 +26,9 @@ Follow these steps to create a new management server console: 2. After you have completed the installation, use the following link to connect it to the App-V database - [How to install the Management Server on a Standalone Computer and Connect it to the Database](appv-install-the-management-server-on-a-standalone-computer.md). -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-operations.md b/windows/application-management/app-v/appv-operations.md index ae54d9cb00..13775f5a7a 100644 --- a/windows/application-management/app-v/appv-operations.md +++ b/windows/application-management/app-v/appv-operations.md @@ -48,6 +48,5 @@ This section of the Microsoft Application Virtualization (App-V) Administrator - [Troubleshooting App-V](appv-troubleshooting.md) - [Technical Reference for App-V](appv-technical-reference.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). \ No newline at end of file + diff --git a/windows/application-management/app-v/appv-performance-guidance.md b/windows/application-management/app-v/appv-performance-guidance.md index 1d0c56f4bd..7c9215a248 100644 --- a/windows/application-management/app-v/appv-performance-guidance.md +++ b/windows/application-management/app-v/appv-performance-guidance.md @@ -733,9 +733,9 @@ The following terms are used when describing concepts and actions related to App - **User Profile Management** – The controlled and structured approach to managing user components associated with the environment. For example, user profiles, preference and policy management, application control and application deployment. You can use scripting or third-party solutions configure the environment as needed. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-planning-checklist.md b/windows/application-management/app-v/appv-planning-checklist.md index 9550cb45b9..fd5a908035 100644 --- a/windows/application-management/app-v/appv-planning-checklist.md +++ b/windows/application-management/app-v/appv-planning-checklist.md @@ -27,9 +27,9 @@ This checklist can be used to help you plan for preparing your organization for |![Checklist box](../app-v/images/checklistbox.gif)|If applicable, review the options and steps for migrating from a previous version of App-V.|[Migrating to App-V from a previous version](appv-migrating-to-appv-from-a-previous-version.md)|| |![Checklist box](../app-v/images/checklistbox.gif)|Decide whether to configure App-V clients in Shared Content Store mode.|[Deploying the App-V Sequencer and configuring the client](appv-deploying-the-appv-sequencer-and-client.md)|| -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md b/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md index d42bf68651..eb7f2408b6 100644 --- a/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md +++ b/windows/application-management/app-v/appv-planning-folder-redirection-with-appv.md @@ -57,6 +57,6 @@ The following table describes how folder redirection works when %AppData% is red |When the virtual environment starts.|The virtual file system (VFS) AppData folder is mapped to the local AppData folder (%LocalAppData%) instead of to the user’s roaming AppData folder (%AppData%).
- LocalAppData contains a local cache of the user’s roaming AppData folder for the package in use. The local cache is located under ```%LocalAppData%\Microsoft\AppV\Client\VFS\PackageGUID\AppData```
- The latest data from the user’s roaming AppData folder is copied to and replaces the data currently in the local cache.
- While the virtual environment is running, data continues to be saved to the local cache. Data is served only out of %LocalAppData% and is not moved or synchronized with %AppData% until the end user shuts down the computer.
- Entries to the AppData folder are made using the user context, not the system context.| |When the virtual environment shuts down.|The local cached data in AppData (roaming) is zipped up and copied to the “real” roaming AppData folder in %AppData%. A time stamp that indicates the last known upload is simultaneously saved as a registry key under ```HKCU\Software\Microsoft\AppV\Client\Packages\\AppDataTime```. App-V keeps the three most recent copies of the compressed data under %AppData% for redundancy.| -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + diff --git a/windows/application-management/app-v/appv-planning-for-appv-server-deployment.md b/windows/application-management/app-v/appv-planning-for-appv-server-deployment.md index 5f3e8adad0..ba19107fe3 100644 --- a/windows/application-management/app-v/appv-planning-for-appv-server-deployment.md +++ b/windows/application-management/app-v/appv-planning-for-appv-server-deployment.md @@ -50,9 +50,9 @@ The following table lists server-related protocols used by the App-V servers, an |IIS server|HTTP
HTTPS|This server-protocol combination requires a mechanism to synchronize content between the Management Server and the Streaming Server. When using HTTP or HTTPS, use an IIS server and a firewall to protect the server from exposure to the Internet.|Internal| |File|SMB|This server-protocol combination requires support to synchronize the content between the Management Server and the Streaming Server. Use a client computer that's capable of file sharing or streaming.|Internal| -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-planning-for-high-availability-with-appv.md b/windows/application-management/app-v/appv-planning-for-high-availability-with-appv.md index 3ab365a1b1..7f372f723d 100644 --- a/windows/application-management/app-v/appv-planning-for-high-availability-with-appv.md +++ b/windows/application-management/app-v/appv-planning-for-high-availability-with-appv.md @@ -97,9 +97,9 @@ Click any of the following links for more information: The App-V management server database supports deployments to computers running Microsoft SQL Server with the **Always On** configuration. For more information, see [Always On Availability Groups (SQL Server)](https://docs.microsoft.com/sql/database-engine/availability-groups/windows/always-on-availability-groups-sql-server). -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-planning-for-sequencer-and-client-deployment.md b/windows/application-management/app-v/appv-planning-for-sequencer-and-client-deployment.md index 69372b9cc7..edeffdebaf 100644 --- a/windows/application-management/app-v/appv-planning-for-sequencer-and-client-deployment.md +++ b/windows/application-management/app-v/appv-planning-for-sequencer-and-client-deployment.md @@ -47,9 +47,9 @@ The following list displays some of the benefits of using App-V SCS: * Reduced deployment risk accelerates application deployment * Simplified profile management -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Other App-V deployment resources diff --git a/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md b/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md index ddd41a422d..3a1420dd69 100644 --- a/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md +++ b/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md @@ -128,9 +128,9 @@ The Office 2013 or Office 2016 App-V package supports the following integration |Shortcuts|| |Windows Search|| -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md b/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md index e4ea799723..d8b89dd307 100644 --- a/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md +++ b/windows/application-management/app-v/appv-planning-to-deploy-appv-with-electronic-software-distribution-solutions.md @@ -22,9 +22,9 @@ Review the following component and architecture requirements options that apply | The App-V Management server, Management database, and Publishing server are not required. | These functions are handled by the implemented ESD solution. | | You can deploy the App-V Reporting server and Reporting database side-by-side with the ESD. | The side-by-side deployment lets you collect data and generate reports.
If you enable the App-V client to send report information without using the App-V Reporting server, the reporting data will be stored in associated .xml files. | -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-publish-a-connection-group.md b/windows/application-management/app-v/appv-publish-a-connection-group.md index 49cb2ca7b9..2e3e097e03 100644 --- a/windows/application-management/app-v/appv-publish-a-connection-group.md +++ b/windows/application-management/app-v/appv-publish-a-connection-group.md @@ -21,9 +21,9 @@ After you create a connection group, you must publish it to computers that run t 2. Right-click the connection group to be published, and select **publish**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md b/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md index 5e194a561a..465bd880a0 100644 --- a/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md +++ b/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md @@ -36,9 +36,9 @@ Use the following procedure to publish an App-V package. Once you publish a pack To instead use Windows PowerShell to set this item, see [Understanding pending packages: UserPending and GlobalPending](appv-manage-appv-packages-running-on-a-stand-alone-computer-with-powershell.md#about-pending-packages-userpending-and-globalpending). -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-register-and-unregister-a-publishing-server-with-the-management-console.md b/windows/application-management/app-v/appv-register-and-unregister-a-publishing-server-with-the-management-console.md index c337d9ddd7..14f6f70cad 100644 --- a/windows/application-management/app-v/appv-register-and-unregister-a-publishing-server-with-the-management-console.md +++ b/windows/application-management/app-v/appv-register-and-unregister-a-publishing-server-with-the-management-console.md @@ -37,9 +37,9 @@ Use the following procedure to register or unregister a publishing server. 3. To unregister the server, right-click the computer name and select the computer name and select **unregister server**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows-1703.md b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows-1703.md index 96cb952b96..46c2626270 100644 --- a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows-1703.md +++ b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows-1703.md @@ -1,7 +1,7 @@ --- title: Release Notes for App-V for Windows 10, version 1703 (Windows 10) description: A list of known issues and workarounds for App-V running on Windows 10, version 1703. -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -113,8 +113,8 @@ For information that can help with troubleshooting App-V for Windows 10, see: - [App-V TechNet Forum](https://social.technet.microsoft.com/forums/en-us/home?forum=mdopappv) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics - [What's new in App-V for Windows 10](appv-about-appv.md) diff --git a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md index ac04ab1fb4..0e199f9a53 100644 --- a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md +++ b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md @@ -1,7 +1,7 @@ --- title: Release Notes for App-V for Windows 10, version 1607 (Windows 10) description: A list of known issues and workarounds for App-V running on Windows 10, version 1607. -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -154,8 +154,8 @@ For information that can help with troubleshooting App-V for Windows 10, see: - [Technical Reference for App-V](https://technet.microsoft.com/itpro/windows/manage/appv-technical-reference) - [App-V TechNet Forum](https://social.technet.microsoft.com/forums/en-us/home?forum=mdopappv) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). Help us to improve diff --git a/windows/application-management/app-v/appv-reporting.md b/windows/application-management/app-v/appv-reporting.md index 11ca2264c1..e7c4fe6c64 100644 --- a/windows/application-management/app-v/appv-reporting.md +++ b/windows/application-management/app-v/appv-reporting.md @@ -205,9 +205,9 @@ To retrieve report information and create reports using App-V you must use one o You should also ensure that the reporting server web service’s **Maximum Concurrent Connections** is set to a value that the server can manage without affecting availability. The recommended number of **Maximum Concurrent Connections** for the **Reporting Web Service** is **10,000**. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-running-locally-installed-applications-inside-a-virtual-environment.md b/windows/application-management/app-v/appv-running-locally-installed-applications-inside-a-virtual-environment.md index 16285b7ef5..491c148ac7 100644 --- a/windows/application-management/app-v/appv-running-locally-installed-applications-inside-a-virtual-environment.md +++ b/windows/application-management/app-v/appv-running-locally-installed-applications-inside-a-virtual-environment.md @@ -152,10 +152,10 @@ If you don’t know the exact name of your package, use the command line For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-sequence-a-new-application.md b/windows/application-management/app-v/appv-sequence-a-new-application.md index 3db7cd75c9..7a7d54cfee 100644 --- a/windows/application-management/app-v/appv-sequence-a-new-application.md +++ b/windows/application-management/app-v/appv-sequence-a-new-application.md @@ -1,7 +1,7 @@ --- title: Manually sequence a new app using the Microsoft Application Virtualization Sequencer (App-V Sequencer) (Windows 10) description: How to manually sequence a new app using the App-V Sequencer -author: eross-msft +author: jdeckerms ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library @@ -207,9 +207,9 @@ In Windows 10, version 1607, the App-V Sequencer is included with the Windows AD >[!IMPORTANT] >After you have successfully created a virtual application package, you can't run the virtual application package on the computer that is running the sequencer. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization). + + ## Related topics diff --git a/windows/application-management/app-v/appv-sequence-a-package-with-powershell.md b/windows/application-management/app-v/appv-sequence-a-package-with-powershell.md index 8a03631883..0a7aece481 100644 --- a/windows/application-management/app-v/appv-sequence-a-package-with-powershell.md +++ b/windows/application-management/app-v/appv-sequence-a-package-with-powershell.md @@ -69,6 +69,6 @@ In Windows 10, version 1703, running the new-appvsequencerpackage or the update- - [Administering App-V by using Windows PowerShell](appv-administering-appv-with-powershell.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). \ No newline at end of file + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). \ No newline at end of file diff --git a/windows/application-management/app-v/appv-technical-reference.md b/windows/application-management/app-v/appv-technical-reference.md index d8f814afcd..74aec92cad 100644 --- a/windows/application-management/app-v/appv-technical-reference.md +++ b/windows/application-management/app-v/appv-technical-reference.md @@ -36,10 +36,10 @@ This section provides reference information related to managing App-V. Describes reasons and methods for running a locally installed application in a virtual environment, alongside applications that have been virtualized by using Application Virtualization (App-V). -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-transfer-access-and-configurations-to-another-version-of-a-package-with-the-management-console.md b/windows/application-management/app-v/appv-transfer-access-and-configurations-to-another-version-of-a-package-with-the-management-console.md index 242fdc9cf7..89e0d58328 100644 --- a/windows/application-management/app-v/appv-transfer-access-and-configurations-to-another-version-of-a-package-with-the-management-console.md +++ b/windows/application-management/app-v/appv-transfer-access-and-configurations-to-another-version-of-a-package-with-the-management-console.md @@ -27,9 +27,9 @@ Use the following procedure to transfer the access and default package configura If you select **transfer access and configurations from**, then all access permissions, as well as the configuration settings, will be copied. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-troubleshooting.md b/windows/application-management/app-v/appv-troubleshooting.md index c3011b5f88..62e8e04338 100644 --- a/windows/application-management/app-v/appv-troubleshooting.md +++ b/windows/application-management/app-v/appv-troubleshooting.md @@ -40,6 +40,6 @@ For information that can help with troubleshooting App-V for Windows 10, see: - [Operations for App-V](appv-operations.md) -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). diff --git a/windows/application-management/app-v/appv-upgrading-to-app-v-for-windows-10-from-an-existing-installation.md b/windows/application-management/app-v/appv-upgrading-to-app-v-for-windows-10-from-an-existing-installation.md index 9331c1584b..7c30f8d1f3 100644 --- a/windows/application-management/app-v/appv-upgrading-to-app-v-for-windows-10-from-an-existing-installation.md +++ b/windows/application-management/app-v/appv-upgrading-to-app-v-for-windows-10-from-an-existing-installation.md @@ -94,6 +94,6 @@ Type the following cmdlet in a Windows PowerShell window: `Unpublish-AppvClientPackage "ContosoApplication"` -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). \ No newline at end of file + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). \ No newline at end of file diff --git a/windows/application-management/app-v/appv-using-the-client-management-console.md b/windows/application-management/app-v/appv-using-the-client-management-console.md index e2244bcd6a..321ed70eaf 100644 --- a/windows/application-management/app-v/appv-using-the-client-management-console.md +++ b/windows/application-management/app-v/appv-using-the-client-management-console.md @@ -79,10 +79,10 @@ The client management console contains the following described main tabs. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-view-and-configure-applications-and-default-virtual-application-extensions-with-the-management-console.md b/windows/application-management/app-v/appv-view-and-configure-applications-and-default-virtual-application-extensions-with-the-management-console.md index fdf7299db8..64e4b04a27 100644 --- a/windows/application-management/app-v/appv-view-and-configure-applications-and-default-virtual-application-extensions-with-the-management-console.md +++ b/windows/application-management/app-v/appv-view-and-configure-applications-and-default-virtual-application-extensions-with-the-management-console.md @@ -31,9 +31,9 @@ Use the following procedure to view and configure default package extensions. 5. To edit other application extensions, modify the configuration file and click **Import and Overwrite this Configuration**. Select the modified file and click **Open**. In the dialog box, click **Overwrite** to complete the process. -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/app-v/appv-viewing-appv-server-publishing-metadata.md b/windows/application-management/app-v/appv-viewing-appv-server-publishing-metadata.md index 42f52aa7d4..3af98c9c73 100644 --- a/windows/application-management/app-v/appv-viewing-appv-server-publishing-metadata.md +++ b/windows/application-management/app-v/appv-viewing-appv-server-publishing-metadata.md @@ -152,9 +152,9 @@ In your publishing metadata query, enter the string values that correspond to th -## Have a suggestion for App-V? -Add or vote on suggestions on the [Application Virtualization feedback site](https://appv.uservoice.com/forums/280448-microsoft-application-virtualization).
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). + +
For App-V issues, use the [App-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-US/home?forum=mdopappv). ## Related topics diff --git a/windows/application-management/apps-in-windows-10.md b/windows/application-management/apps-in-windows-10.md index 70fc4d7a66..8eed696dd9 100644 --- a/windows/application-management/apps-in-windows-10.md +++ b/windows/application-management/apps-in-windows-10.md @@ -8,7 +8,6 @@ ms.pagetype: mobile ms.author: elizapo author: lizap ms.localizationpriority: medium -ms.date: 12/12/2018 ms.topic: article --- # Understand the different apps included in Windows 10 @@ -26,7 +25,7 @@ Digging into the Windows apps, there are two categories: - Installed: Installed as part of the OS. - System apps - Apps that are installed in the C:\Windows\* directory. These apps are integral to the OS. -The following tables list the system apps, installed Windows apps, and provisioned Windows apps in a standard Windows 10 Enterprise installation. (If you have a custom image, your specific apps might differ.) The tables list the app, the full name, show the app's status in Windows 10 version 1607, 1703, and 1709, and indicate whether an app can be uninstalled through the UI. +The following tables list the system apps, installed Windows apps, and provisioned Windows apps in a standard Windows 10 Enterprise installation. (If you have a custom image, your specific apps might differ.) The tables list the app, the full name, show the app's status in Windows 10 version 1709, 1803, and 1809 and indicate whether an app can be uninstalled through the UI. Some of the apps show up in multiple tables - that's because their status changed between versions. Make sure to check the version column for the version you are currently running. @@ -94,7 +93,7 @@ Here are the provisioned Windows apps in Windows 10 versions 1703, 1709, 1803 an ## System apps -System apps are integral to the operating system. Here are the typical system apps in Windows 10 versions 1703, 1709, and 1803. +System apps are integral to the operating system. Here are the typical system apps in Windows 10 versions 1709, 1803, and 1809. > [!TIP] > You can list all system apps with this PowerShell command: @@ -104,57 +103,47 @@ System apps are integral to the operating system. Here are the typical system ap
-| Name | Package Name | 1703 | 1709 | 1803 | Uninstall through UI? | +| Name | Package Name | 1709 | 1803 | 1809 |Uninstall through UI? | |----------------------------------|---------------------------------------------|:-----:|:----:|:----:|-----------------------| -| File Picker | 1527c705-839a-4832-9118-54d4Bd6a0c89 | | | x | No | -| File Explorer | c5e2524a-ea46-4f67-841f-6a9465d9d515 | | | x | No | -| App Resolver UX | E2A4F912-2574-4A75-9BB0-0D023378592B | | | x | No | -| Add Suggested Folders To Library | F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE | | | x | No | -| | InputApp | | x | x | No | -| Cortana UI | CortanaListenUIApp | x | | | No | -| | Desktop Learning | x | | | No | -| | DesktopView | x | | | No | -| | EnvironmentsApp | x | | | No | -| Mixed Reality + | HoloCamera | x | | | No | -| Mixed Reality + | HoloItemPlayerApp | x | | | No | -| Mixed Reality + | HoloShell | x | | | No | -| | Microsoft.AAD.Broker.Plugin | x | x | x | No | -| | Microsoft.AccountsControl | x | x | x | No | -| | Microsoft.AsyncTextService | | | x | No | +| File Picker | 1527c705-839a-4832-9118-54d4Bd6a0c89 | | x | x | No | +| File Explorer | c5e2524a-ea46-4f67-841f-6a9465d9d515 | | x | x | No | +| App Resolver UX | E2A4F912-2574-4A75-9BB0-0D023378592B | | x | x | No | +| Add Suggested Folders To Library | F46D4000-FD22-4DB4-AC8E-4E1DDDE828FE | | x | x | No | +| | InputApp | x | x | x | No | +| Microsoft.AAD.Broker.Plugin | Microsoft.AAD.Broker.Plugin | x | x | x | No | +| Microsoft.AccountsControl | Microsoft.AccountsControl | x | x | x | No | +| Microsoft.AsyncTextService | Microsoft.AsyncTextService | | x | x | No | | Hello setup UI | Microsoft.BioEnrollment | x | x | x | No | | | Microsoft.CredDialogHost | x | x | x | No | -| | Microsoft.ECApp | | x | x | No | +| | Microsoft.ECApp | x | x | x | No | | | Microsoft.LockApp | x | x | x | No | | Microsoft Edge | Microsoft.MicrosoftEdge | x | x | x | No | -| | Microsoft.MicrosoftEdgeDevToolsClient | | | x | No | -| | Microsoft.PPIProjection | x | x | | No | -| | Microsoft.Win32WebViewHost | | | x | No | +| | Microsoft.MicrosoftEdgeDevToolsClient | | x | x | No | +| | Microsoft.PPIProjection | x | x | x | No | +| | Microsoft.Win32WebViewHost | | x | x | No | | | Microsoft.Windows.Apprep.ChxApp | x | x | x | No | | | Microsoft.Windows.AssignedAccessLockApp | x | x | x | No | -| | Microsoft.Windows.CapturePicker | | | x | No | +| | Microsoft.Windows.CapturePicker | | x | x | No | | | Microsoft.Windows.CloudExperienceHost | x | x | x | No | | | Microsoft.Windows.ContentDeliveryManager | x | x | x | No | | Cortana | Microsoft.Windows.Cortana | x | x | x | No | | | Microsoft.Windows.Holographic.FirstRun | x | x | | No | -| | Microsoft.Windows.ModalSharePickerHost | x | | | No | | | Microsoft.Windows.OOBENetworkCaptivePort | x | x | x | No | | | Microsoft.Windows.OOBENetworkConnectionFlow | x | x | x | No | | | Microsoft.Windows.ParentalControls | x | x | x | No | -| People Hub | Microsoft.Windows.PeopleExperienceHost | | x | x | No | -| | Microsoft.Windows.PinningConfirmationDialog | | x | x | No | +| People Hub | Microsoft.Windows.PeopleExperienceHost | x | x | x | No | +| | Microsoft.Windows.PinningConfirmationDialog | x | x | x | No | | | Microsoft.Windows.SecHealthUI | x | x | x | No | -| | Microsoft.Windows.SecondaryTileExperience | x | x | | No | +| | Microsoft.Windows.SecondaryTileExperience | x | | | No | | | Microsoft.Windows.SecureAssessmentBrowser | x | x | x | No | | Start | Microsoft.Windows.ShellExperienceHost | x | x | x | No | -| Windows Feedback | Microsoft.WindowsFeedback | * | * | | No | +| Windows Feedback | Microsoft.WindowsFeedback | * | | | No | | | Microsoft.XboxGameCallableUI | x | x | x | No | -| | Windows.CBSPreview | | | x | No | -| Contact Support* | Windows.ContactSupport | x | * | | Via Settings App | +| | Windows.CBSPreview | | x | x | No | +| Contact Support* | Windows.ContactSupport | * | | | Via Settings App | | Settings | Windows.immersivecontrolpanel | x | x | x | No | -| Connect | Windows.MiracastView | x | | | No | -| Print 3D | Windows.Print3D | | x | | Yes | +| Print 3D | Windows.Print3D | | x | x | Yes | | Print UI | Windows.PrintDialog | x | x | x | No | -| Purchase UI | Windows.PurchaseDialog | | | | No | > [!NOTE] @@ -162,36 +151,34 @@ System apps are integral to the operating system. Here are the typical system ap ## Installed Windows apps -Here are the typical installed Windows apps in Windows 10 versions 1703, 1709, and 1803. +Here are the typical installed Windows apps in Windows 10 versions 1709, 1803, and 1809. -| Name | Full name | 1703 | 1709 | 1803 |Uninstall through UI? | +| Name | Full name | 1709 | 1803 | 1809 | Uninstall through UI? | |--------------------|------------------------------------------|:----:|:----:|:----:|:---------------------:| -| Remote Desktop | Microsoft.RemoteDesktop | x | x | | Yes | -| PowerBI | Microsoft.Microsoft PowerBIforWindows | x | | | Yes | -| Code Writer | ActiproSoftwareLLC.562882FEEB491 | x | x | x | Yes | -| Eclipse Manager | 46928bounde.EclipseManager | x | x | x | Yes | -| Pandora | PandoraMediaInc.29680B314EFC2 | x | x | x | Yes | -| Photoshop Express | AdobeSystemIncorporated. AdobePhotoshop | x | x | x | Yes | -| Duolingo | D5EA27B7.Duolingo- LearnLanguagesforFree | x | x | x | Yes | +| Remote Desktop | Microsoft.RemoteDesktop | x | | x | Yes | +| Code Writer | ActiproSoftwareLLC.562882FEEB491 | x | x | | Yes | +| Eclipse Manager | 46928bounde.EclipseManager | x | x | | Yes | +| Pandora | PandoraMediaInc.29680B314EFC2 | x | x | | Yes | +| Photoshop Express | AdobeSystemIncorporated. AdobePhotoshop | x | x | | Yes | +| Duolingo | D5EA27B7.Duolingo- LearnLanguagesforFree | x | x | | Yes | | Network Speed Test | Microsoft.NetworkSpeedTest | x | x | x | Yes | | News | Microsoft.BingNews | x | x | x | Yes | -| Flipboard | | | | | Yes | -| | Microsoft.Advertising.Xaml | x | x | x | Yes | -| | Microsoft.NET.Native.Framework.1.2 | x | x | x | Yes | -| | Microsoft.NET.Native.Framework.1.3 | x | x | x | Yes | -| | Microsoft.NET.Native.Framework.1.6 | | x | x | Yes | -| | Microsoft.NET.Native.Framework.1.7 | | | x | Yes | -| | Microsoft.NET.Native.Framework.2.0 | | x | x | Yes | -| | Microsoft.NET.Native.Runtime.1.1 | | x | x | Yes | -| | Microsoft.NET.Native.Runtime.1.3 | x | x | | Yes | -| | Microsoft.NET.Native.Runtime.1.4 | x | x | x | Yes | -| | Microsoft.NET.Native.Runtime.1.6 | | x | x | Yes | -| | Microsoft.NET.Native.Runtime.1.7 | | | x | Yes | -| | Microsoft.NET.Native.Runtime.2.0 | | x | x | Yes | -| | Microsoft.Services.Store.Engagement | | x | x | Yes | -| | Microsoft.VCLibs.120.00 | x | x | x | Yes | +| Sway | Microsoft.Office.Sway | x | x | x | Yes | +| Microsoft.Advertising | Microsoft.Advertising.Xaml | x | x | x | Yes | +| | Microsoft.NET.Native.Framework.1.2 | x | x | | Yes | +| | Microsoft.NET.Native.Framework.1.3 | x | x | | Yes | +| | Microsoft.NET.Native.Framework.1.6 | x | x | x | Yes | +| | Microsoft.NET.Native.Framework.1.7 | | x | x | Yes | +| | Microsoft.NET.Native.Framework.2.0 | x | x | | Yes | +| | Microsoft.NET.Native.Runtime.1.1 | x | x | | Yes | +| | Microsoft.NET.Native.Runtime.1.3 | x | | | Yes | +| | Microsoft.NET.Native.Runtime.1.4 | x | x | | Yes | +| | Microsoft.NET.Native.Runtime.1.6 | x | x | x | Yes | +| | Microsoft.NET.Native.Runtime.1.7 | x | x | x | Yes | +| | Microsoft.NET.Native.Runtime.2.0 | x | x | | Yes | +| | Microsoft.Services.Store.Engagement | x | x | | Yes | +| | Microsoft.VCLibs.120.00 | x | x | | Yes | | | Microsoft.VCLibs.140.00 | x | x | x | Yes | -| | Microsoft.VCLibs.120.00.Universal | | x | | Yes | -| | Microsoft.VCLibs.140.00.UWPDesktop | | | x | Yes | -| | Microsoft.WinJS.2.0 | x | | | Yes | +| | Microsoft.VCLibs.120.00.Universal | x | | | Yes | +| | Microsoft.VCLibs.140.00.UWPDesktop | | x | | Yes | --- \ No newline at end of file diff --git a/windows/client-management/mdm/bitlocker-csp.md b/windows/client-management/mdm/bitlocker-csp.md index 2e0b0840bd..7625ab46bb 100644 --- a/windows/client-management/mdm/bitlocker-csp.md +++ b/windows/client-management/mdm/bitlocker-csp.md @@ -101,7 +101,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -149,7 +149,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -227,7 +227,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -324,7 +324,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -393,7 +393,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -474,7 +474,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -572,7 +572,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -671,7 +671,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -733,7 +733,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark @@ -814,7 +814,7 @@ The following diagram shows the BitLocker configuration service provider in tree cross mark - cross mark + check mark check mark check mark check mark diff --git a/windows/client-management/mdm/dmclient-csp.md b/windows/client-management/mdm/dmclient-csp.md index a33799474c..0caa97871c 100644 --- a/windows/client-management/mdm/dmclient-csp.md +++ b/windows/client-management/mdm/dmclient-csp.md @@ -725,12 +725,12 @@ Required. Added in Windows 10, version 1803. This node allows the MDM to set cus Supported operations are Add, Get, Delete, and Replace. Value type is string. **Provider/*ProviderID*/FirstSyncStatus/SkipDeviceStatusPage** -Required. Device only. Added in Windows 10, version 1803. This node decides wheter or not the MDM device progress page skips after Azure AD joined or Hybrid Azure AD joined in OOBE. +Required. Device only. Added in Windows 10, version 1803. This node decides whether or not the MDM device progress page skips after Azure AD joined or Hybrid Azure AD joined in OOBE. Supported operations are Get and Replace. Value type is bool. **Provider/*ProviderID*/FirstSyncStatus/SkipUserStatusPage** -Required. Device only. Added in Windows 10, version 1803. This node decides wheter or not the MDM user progress page skips after Azure AD joined or DJ++ after user login. +Required. Device only. Added in Windows 10, version 1803. This node decides whether or not the MDM user progress page skips after Azure AD joined or DJ++ after user login. Supported operations are Get and Replace. Value type is bool. diff --git a/windows/client-management/mdm/firewall-csp.md b/windows/client-management/mdm/firewall-csp.md index 798680aa7c..f64d0cdc9d 100644 --- a/windows/client-management/mdm/firewall-csp.md +++ b/windows/client-management/mdm/firewall-csp.md @@ -277,6 +277,7 @@ Sample syncxml to provision the firewall settings to evaluate

If not specified, the default is All.

Value type is string. Supported operations are Add, Get, Replace, and Delete.

+

The tokens "Intranet", "RmtIntranet", "Internet" and "Ply2Renders" are supported on Windows 10, version 1809, and later.

**FirewallRules/_FirewallRuleName_/Description**

Specifies the description of the rule.

@@ -306,7 +307,7 @@ Sample syncxml to provision the firewall settings to evaluate

Value type is integer. Supported operations are Get and Replace.

**FirewallRules/_FirewallRuleName_/Direction** -

Comma separated list. The rule is enabled based on the traffic direction as following. Supported values:

+

The rule is enabled based on the traffic direction as following. Supported values:

  • IN - the rule applies to inbound traffic.
  • OUT - the rule applies to outbound traffic.
    • @@ -320,7 +321,6 @@ Sample syncxml to provision the firewall settings to evaluate
  • RemoteAccess
  • Wireless
  • Lan
    • -
  • MobileBroadband

If not specified, the default is All.

Value type is string. Supported operations are Get and Replace.

diff --git a/windows/client-management/mdm/oma-dm-protocol-support.md b/windows/client-management/mdm/oma-dm-protocol-support.md index 29344603d2..72df15b90d 100644 --- a/windows/client-management/mdm/oma-dm-protocol-support.md +++ b/windows/client-management/mdm/oma-dm-protocol-support.md @@ -314,13 +314,13 @@ For more information about Basic or MD5 client authentication, MD5 server authen ## User targeted vs. Device targeted configuration -For CSPs and policies that supports per user configuration, MDM server could send user targeted setting values to the device the user that enrolled MDM is actively logged in. The device notifies the server the login status via a device alert (1224) with Alert type = in DM pkg\#1. +For CSPs and policies that support per user configuration, the MDM server can send user targeted setting values to the device that a MDM-enrolled user is actively logged into. The device notifies the server of the login status via a device alert (1224) with Alert type = in DM pkg\#1. The data part of this alert could be one of following strings: -- user – the user that enrolled the device is actively login. The MDM server could send user specific configuration for CSPs/policies that support per user configuration +- user – the user that enrolled the device is actively logged in. The MDM server could send user specific configuration for CSPs/policies that support per user configuration - others – another user login but that user does not have an MDM account. The server can only apply device wide configuration, e.g. configuration applies to all users in the device. -- none – no active user login. The server can only apply device wide configuration and available configuration is restricted to the device environment (no active user login +- none – no active user login. The server can only apply device wide configuration and available configuration is restricted to the device environment (no active user login). Below is an alert example: diff --git a/windows/client-management/mdm/policy-csp-deviceinstallation.md b/windows/client-management/mdm/policy-csp-deviceinstallation.md index 61f823bd03..a976e68696 100644 --- a/windows/client-management/mdm/policy-csp-deviceinstallation.md +++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md @@ -422,7 +422,7 @@ To enable this policy, use the following SyncML. This example prevents Windows f $CmdID$ - ./Device/Vendor/MSFT/Policy/Config/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings + ./Device/Vendor/MSFT/Policy/Config/DeviceInstallation/PreventInstallationOfDevicesNotDescribedByOtherPolicySettings string diff --git a/windows/client-management/mdm/policy-csp-restrictedgroups.md b/windows/client-management/mdm/policy-csp-restrictedgroups.md index d744ed476c..d31379fc55 100644 --- a/windows/client-management/mdm/policy-csp-restrictedgroups.md +++ b/windows/client-management/mdm/policy-csp-restrictedgroups.md @@ -113,8 +113,8 @@ Here is an example: ``` - - + + ``` diff --git a/windows/configuration/cortana-at-work/cortana-at-work-crm.md b/windows/configuration/cortana-at-work/cortana-at-work-crm.md index e0aaf35780..87b669a2b7 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-crm.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-crm.md @@ -4,9 +4,9 @@ description: How to set up Cortana to help your salespeople get proactive insigh ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-feedback.md b/windows/configuration/cortana-at-work/cortana-at-work-feedback.md index 81736973f3..69ffb98a5a 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-feedback.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-feedback.md @@ -4,9 +4,9 @@ description: How to send feedback to Microsoft about Cortana at work. ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-o365.md b/windows/configuration/cortana-at-work/cortana-at-work-o365.md index c4417fdad9..87687737c8 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-o365.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-o365.md @@ -4,9 +4,9 @@ description: How to connect Cortana to Office 365 so your employees are notified ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md b/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md index 950452b167..d23b889cf3 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-policy-settings.md @@ -4,9 +4,9 @@ description: The list of Group Policy and mobile device management (MDM) policy ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- @@ -22,7 +22,7 @@ ms.date: 10/05/2017 |Group policy |MDM policy |Description | |-------------|-----------|------------| |Computer Configuration\Administrative Templates\Windows Components\Search\AllowCortanaAboveLock|AboveLock/AllowCortanaAboveLock|Specifies whether an employee can interact with Cortana using voice commands when the system is locked.

**Note**
This setting only applies to Windows 10 for desktop devices. | -|Computer Configuration\Administrative Templates\Control Panel\Regional and Language Options\Allow input personalization|Privacy/AllowInputPersonalization|Specifies whether an employee can use voice commands with Cortana in your organization.

**In Windows 10, version 1511**
Cortana won’t work if this setting is turned off (disabled).

**In Windows 10, version 1607 and later**
Cortana still works if this setting is turned off (disabled).| +|Computer Configuration\Administrative Templates\Control Panel\Regional and Language Options\Allow users to enable online speech recognition services|Privacy/AllowInputPersonalization|Specifies whether an employee can use voice commands with Cortana in your organization.

**In Windows 10, version 1511**
Cortana won’t work if this setting is turned off (disabled).

**In Windows 10, version 1607 and later**
Cortana still works if this setting is turned off (disabled).| |None|System/AllowLocation|Specifies whether to allow app access to the Location service.

**In Windows 10, version 1511**
Cortana won’t work if this setting is turned off (disabled).

**In Windows 10, version 1607 and later**
Cortana still works if this setting is turned off (disabled).| |None|Accounts/AllowMicrosoftAccountConnection|Specifies whether to allow employees to sign in using a Microsoft account (MSA) from Windows apps.

Use this setting if you only want to support Azure AD in your organization.| |Computer Configuration\Administrative Templates\Windows Components\Search\Allow search and Cortana to use location|Search/AllowSearchToUseLocation|Specifies whether Cortana can use your current location during searches and for location reminders.| diff --git a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md index 4cf4390dff..708c34ef54 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-powerbi.md @@ -4,9 +4,9 @@ description: How to integrate Cortana with Power BI to help your employees get a ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md index 120cab00f0..39c1c8f716 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md @@ -4,9 +4,9 @@ description: A test scenario walking you through signing in and managing the not ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md index d0321e5668..74d00b3cd5 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md @@ -4,9 +4,9 @@ description: A test scenario about how to perform a quick search with Cortana at ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md index 2e7ac51a07..88f31d07d2 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md @@ -4,9 +4,9 @@ description: A test scenario about how to set a location-based reminder using Co ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md index 855c5bd6e9..184c16fa77 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md @@ -4,9 +4,9 @@ description: A test scenario about how to use Cortana at work to find your upcom ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md index b71fc4fb00..69e38ea1d0 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md @@ -4,9 +4,9 @@ description: A test scenario about how to use Cortana at work to send email to a ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md index 260faf25db..3d69e943de 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md @@ -4,9 +4,9 @@ description: A test scenario about how to use Cortana with the Suggested reminde ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md index bdc80b5bab..9806b45881 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-7.md @@ -4,9 +4,9 @@ description: An optional test scenario about how to use Cortana at work with Win ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-testing-scenarios.md b/windows/configuration/cortana-at-work/cortana-at-work-testing-scenarios.md index f7a88cdb95..ad3c006e0f 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-testing-scenarios.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-testing-scenarios.md @@ -4,9 +4,9 @@ description: A list of suggested testing scenarios that you can use to test Cort ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md b/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md index 22fa51421a..45b4cb5e6f 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-voice-commands.md @@ -4,9 +4,9 @@ description: How to create voice commands that use Cortana to perform voice-enab ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: eross-msft +author: jdeckerms ms.localizationpriority: medium -ms.author: lizross +ms.author: dougkim ms.date: 10/05/2017 --- diff --git a/windows/configuration/lock-down-windows-10-to-specific-apps.md b/windows/configuration/lock-down-windows-10-to-specific-apps.md index 14905d408b..4d636e90c8 100644 --- a/windows/configuration/lock-down-windows-10-to-specific-apps.md +++ b/windows/configuration/lock-down-windows-10-to-specific-apps.md @@ -505,7 +505,7 @@ Provisioning packages can be applied to a device during the first-run experience #### After setup, from a USB drive, network folder, or SharePoint site 1. Sign in with an admin account. -2. Insert the USB drive to a desktop computer, navigate to **Settings** > **Accounts** > **Access work or school** > **Add or remove a provisioning package** > **Add a package**, and select the package to install. +2. Insert the USB drive to a desktop computer, navigate to **Settings** > **Accounts** > **Access work or school** > **Add or remove a provisioning package** > **Add a package**, and select the package to install. For a provisioning package stored on a network folder or on a SharePoint site, navigate to the provisioning package and double-click it to begin installation. >[!NOTE] >if your provisioning package doesn’t include the assigned access user account creation, make sure the account you specified in the multi-app configuration XML exists on the device. @@ -537,6 +537,7 @@ The OMA-URI for multi-app policy is `./Device/Vendor/MSFT/AssignedAccess/Configu + ## Considerations for Windows Mixed Reality immersive headsets diff --git a/windows/configuration/manage-wifi-sense-in-enterprise.md b/windows/configuration/manage-wifi-sense-in-enterprise.md index 39fc11ef7d..155c8385f0 100644 --- a/windows/configuration/manage-wifi-sense-in-enterprise.md +++ b/windows/configuration/manage-wifi-sense-in-enterprise.md @@ -7,7 +7,7 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: mobile -author: eross-msft +author: jdeckerms ms.localizationpriority: medium ms.date: 05/02/2018 ms.topic: article diff --git a/windows/configuration/set-up-shared-or-guest-pc.md b/windows/configuration/set-up-shared-or-guest-pc.md index aa66879976..2124075aad 100644 --- a/windows/configuration/set-up-shared-or-guest-pc.md +++ b/windows/configuration/set-up-shared-or-guest-pc.md @@ -187,7 +187,7 @@ On a desktop computer, navigate to **Settings** > **Accounts** > **Work ac ## Guidance for accounts on shared PCs * We recommend no local admin accounts on the PC to improve the reliability and security of the PC. -* When a PC is set up in shared PC mode with the default deletion policy, accounts will be cached automatically until disk space is low. Then, accounts will be deleted to reclaim disk space. This account managment happens automatically. Both Azure AD and Active Directory domain accounts are managed in this way. Any accounts created through **Guest** and **Kiosk** will also be deleted automatically at sign out. +* When a PC is set up in shared PC mode with the default deletion policy, accounts will be cached automatically until disk space is low. Then, accounts will be deleted to reclaim disk space. This account managment happens automatically. Both Azure AD and Active Directory domain accounts are managed in this way. Any accounts created through **Guest** and **Kiosk** will be deleted automatically at sign out. * On a Windows PC joined to Azure Active Directory: * By default, the account that joined the PC to Azure AD will have an admin account on that PC. Global administrators for the Azure AD domain will also have admin accounts on the PC. * With Azure AD Premium, you can specify which accounts have admin accounts on a PC using the **Additional administrators on Azure AD Joined devices** setting on the Azure portal. diff --git a/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md b/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md index 4b58fb144b..dc54b8c470 100644 --- a/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md +++ b/windows/configuration/ue-v/uev-administering-uev-with-windows-powershell-and-wmi.md @@ -33,9 +33,9 @@ After you create and deploy UE-V settings location templates, you can manage tho [Managing UE-V Settings Location Templates Using Windows PowerShell and WMI](uev-managing-settings-location-templates-using-windows-powershell-and-wmi.md) -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-administering-uev.md b/windows/configuration/ue-v/uev-administering-uev.md index e970613434..231e26adb5 100644 --- a/windows/configuration/ue-v/uev-administering-uev.md +++ b/windows/configuration/ue-v/uev-administering-uev.md @@ -73,6 +73,6 @@ You can use UE-V with Microsoft Application Virtualization (App-V) to share sett - [Technical Reference for UE-V](uev-technical-reference.md) -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + diff --git a/windows/configuration/ue-v/uev-application-template-schema-reference.md b/windows/configuration/ue-v/uev-application-template-schema-reference.md index 8a9052776e..d68b5836f0 100644 --- a/windows/configuration/ue-v/uev-application-template-schema-reference.md +++ b/windows/configuration/ue-v/uev-application-template-schema-reference.md @@ -957,9 +957,9 @@ Here is the SettingsLocationTemplate.xsd file showing its elements, child elemen ``` -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md b/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md index 9c32db847a..832f2de235 100644 --- a/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md +++ b/windows/configuration/ue-v/uev-changing-the-frequency-of-scheduled-tasks.md @@ -240,9 +240,9 @@ The following additional information applies to UE-V scheduled tasks: - The Monitor Application Settings scheduled task will update Windows app (AppX) settings in real time, based on Windows app program setting triggers built into each app. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md b/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md index c3931a4bb3..97c9310dd8 100644 --- a/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md +++ b/windows/configuration/ue-v/uev-configuring-uev-with-group-policy-objects.md @@ -191,9 +191,9 @@ The UE-V service uses the following order of precedence to determine synchroniza 4. Configuration settings that are defined for the computer by using Windows PowerShell or WMI. These configuration settings are stored by the UE-V service under this registry location: `HKEY_LOCAL_MACHINE\Software\Microsoft\Uev\Agent\Configuration`. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md index c4db3ea4d2..d92182f4b2 100644 --- a/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md +++ b/windows/configuration/ue-v/uev-configuring-uev-with-system-center-configuration-manager.md @@ -227,10 +227,10 @@ To distribute a new Notepad template, you would perform these steps: You can download the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2.0](https://www.microsoft.com/en-us/download/details.aspx?id=40913) from the Microsoft Download Center. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-deploy-required-features.md b/windows/configuration/ue-v/uev-deploy-required-features.md index c87d86b1a3..2af139a5f0 100644 --- a/windows/configuration/ue-v/uev-deploy-required-features.md +++ b/windows/configuration/ue-v/uev-deploy-required-features.md @@ -150,9 +150,9 @@ With Windows 10, version 1607 and later, the UE-V service is installed on user d 3. In a PowerShell window, type **Get-UEVStatus** and press ENTER to verify that the UE-V service was successfully enabled. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md b/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md index 1f6e64b883..a30b419314 100644 --- a/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md +++ b/windows/configuration/ue-v/uev-deploy-uev-for-custom-applications.md @@ -241,9 +241,9 @@ Templates that are deployed by using an ESD system or Group Policy objects must >**Note** This program runs automatically during computer startup and daily at 3:30 A. M. to gather any new templates that were recently added to the catalog. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-for-windows.md b/windows/configuration/ue-v/uev-for-windows.md index c950cf47a5..0c937406d8 100644 --- a/windows/configuration/ue-v/uev-for-windows.md +++ b/windows/configuration/ue-v/uev-for-windows.md @@ -95,6 +95,6 @@ You can also [customize UE-V to synchronize settings](uev-deploy-uev-for-custom- - [Technical Reference for UE-V for Windows 10](uev-technical-reference.md) -## Have a suggestion for UE-V? + For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). diff --git a/windows/configuration/ue-v/uev-getting-started.md b/windows/configuration/ue-v/uev-getting-started.md index a4a8ead75e..8dedea5f41 100644 --- a/windows/configuration/ue-v/uev-getting-started.md +++ b/windows/configuration/ue-v/uev-getting-started.md @@ -14,6 +14,9 @@ ms.date: 03/08/2018 **Applies to** - Windows 10, version 1607 +>[!NOTE] +>This documentation is for the most recent version of UE-V. If you're looking for information about UE-V 2.x, which was included in the Microsoft Desktop Optimization Pack (MDOP), see [Get Started with UE-V 2.x](https://docs.microsoft.com/microsoft-desktop-optimization-pack/uev-v2/get-started-with-ue-v-2x-new-uevv2). + Follow the steps in this topic to deploy User Experience Virtualization (UE-V) for the first time in a test environment. Evaluate UE-V to determine whether it’s the right solution to manage user settings across multiple devices within your enterprise. >[!NOTE] @@ -148,9 +151,9 @@ You’re ready to run a few tests on your UE-V evaluation deployment to see how 5. You can change the settings in Computer B back to the original Computer A settings. Then log off Computer B and log in to Computer A to verify the changes. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + +For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). ## Other resources for this feature diff --git a/windows/configuration/ue-v/uev-manage-administrative-backup-and-restore.md b/windows/configuration/ue-v/uev-manage-administrative-backup-and-restore.md index 863ac6c5a2..7f4c44d9ae 100644 --- a/windows/configuration/ue-v/uev-manage-administrative-backup-and-restore.md +++ b/windows/configuration/ue-v/uev-manage-administrative-backup-and-restore.md @@ -162,9 +162,9 @@ WMI and Windows PowerShell commands let you restore application and Windows sett   -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-manage-configurations.md b/windows/configuration/ue-v/uev-manage-configurations.md index 208fcff83c..848ae4a259 100644 --- a/windows/configuration/ue-v/uev-manage-configurations.md +++ b/windows/configuration/ue-v/uev-manage-configurations.md @@ -58,9 +58,9 @@ Here are some examples of UE-V configuration settings: - **Enable/Disable First Use Notification:** Specifies whether UE-V displays a dialog box the first time that the UE-V service runs on a user’s computer. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-managing-settings-location-templates-using-windows-powershell-and-wmi.md b/windows/configuration/ue-v/uev-managing-settings-location-templates-using-windows-powershell-and-wmi.md index 75104e3f49..2f57d80c99 100644 --- a/windows/configuration/ue-v/uev-managing-settings-location-templates-using-windows-powershell-and-wmi.md +++ b/windows/configuration/ue-v/uev-managing-settings-location-templates-using-windows-powershell-and-wmi.md @@ -331,9 +331,9 @@ User Experience Virtualization provides the following set of WMI commands. Admin **Note**   Where a list of Package Family Names is called by the WMI command, the list must be in quotes and separated by a pipe symbol, for example, `""`. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md b/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md index 5a91551d13..54743a7bd4 100644 --- a/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md +++ b/windows/configuration/ue-v/uev-managing-uev-agent-and-packages-with-windows-powershell-and-wmi.md @@ -344,9 +344,9 @@ When you are finished configuring the UE-V service with WMI and Windows PowerShe   -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-migrating-settings-packages.md b/windows/configuration/ue-v/uev-migrating-settings-packages.md index 1a6a7e74e7..a3538ae874 100644 --- a/windows/configuration/ue-v/uev-migrating-settings-packages.md +++ b/windows/configuration/ue-v/uev-migrating-settings-packages.md @@ -45,9 +45,9 @@ Simply copying the files and folders does not preserve the security settings and On computers on which the UE-V service is enabled, update the **SettingsStoragePath** configuration setting to the Universal Naming Convention (UNC) path of the new share. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-prepare-for-deployment.md b/windows/configuration/ue-v/uev-prepare-for-deployment.md index 97ba1594d6..49d9a1a011 100644 --- a/windows/configuration/ue-v/uev-prepare-for-deployment.md +++ b/windows/configuration/ue-v/uev-prepare-for-deployment.md @@ -387,9 +387,9 @@ Install the UE-V template generator on the device that is used to create custom The UE-V template generator must be installed on a device that uses an NTFS file system. The UE-V template generator software requires .NET Framework 4. For more information, see [Use UE-V with custom applications](uev-deploy-uev-for-custom-applications.md). -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Other resources for this feature diff --git a/windows/configuration/ue-v/uev-release-notes-1607.md b/windows/configuration/ue-v/uev-release-notes-1607.md index d4252476ff..d3ea98b032 100644 --- a/windows/configuration/ue-v/uev-release-notes-1607.md +++ b/windows/configuration/ue-v/uev-release-notes-1607.md @@ -115,9 +115,9 @@ This section contains hotfixes and KB articles for UE-V. | 3041879 | Current file versions for Microsoft User Experience Virtualization | [support.microsoft.com/kb/3041879](https://support.microsoft.com/kb/3041879) | | 2843592 | Information on User Experience Virtualization and High Availability | [support.microsoft.com/kb/2843592](https://support.microsoft.com/kb/2843592) | -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + **Additional resources for this feature** diff --git a/windows/configuration/ue-v/uev-security-considerations.md b/windows/configuration/ue-v/uev-security-considerations.md index 8ed79bc515..3875310be0 100644 --- a/windows/configuration/ue-v/uev-security-considerations.md +++ b/windows/configuration/ue-v/uev-security-considerations.md @@ -231,10 +231,10 @@ If you plan to share settings location templates with anyone outside your organi To remove the template author name or template author email, you can use the UE-V generator application. From the generator, select **Edit a Settings Location Template**. Select the settings location template to edit from the recently used templates or Browse to the settings template file. Select **Next** to continue. On the Properties page, remove the data from the Template author name or Template author email text fields. Save the settings location template. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-sync-methods.md b/windows/configuration/ue-v/uev-sync-methods.md index ac1cebb541..25d02edabb 100644 --- a/windows/configuration/ue-v/uev-sync-methods.md +++ b/windows/configuration/ue-v/uev-sync-methods.md @@ -35,9 +35,9 @@ You can configure the sync method in these ways: - With [Windows PowerShell or Windows Management Instrumentation (WMI)](uev-administering-uev-with-windows-powershell-and-wmi.md) -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-sync-trigger-events.md b/windows/configuration/ue-v/uev-sync-trigger-events.md index a3e6f87aaf..d2304e40f7 100644 --- a/windows/configuration/ue-v/uev-sync-trigger-events.md +++ b/windows/configuration/ue-v/uev-sync-trigger-events.md @@ -106,10 +106,10 @@ The following table explains the trigger events for classic applications and Win   -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md b/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md index 204e2bad1b..3c81c45f29 100644 --- a/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md +++ b/windows/configuration/ue-v/uev-synchronizing-microsoft-office-with-uev.md @@ -138,7 +138,7 @@ You can deploy UE-V settings location template with the following methods: - **Registering template with Configuration Manager**. If you use Configuration Manager to manage your UE-V settings storage templates, recreate the Template Baseline CAB, import it into Configuration Manager, and then deploy the baseline to user devices. For more information, see the guidance provided in the documentation for the [System Center 2012 Configuration Pack for Microsoft User Experience Virtualization 2.0](https://www.microsoft.com/en-us/download/details.aspx?id=40913). -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + diff --git a/windows/configuration/ue-v/uev-technical-reference.md b/windows/configuration/ue-v/uev-technical-reference.md index 3ac63d539a..bad81a6dc7 100644 --- a/windows/configuration/ue-v/uev-technical-reference.md +++ b/windows/configuration/ue-v/uev-technical-reference.md @@ -54,10 +54,10 @@ This technical reference section includes additional technical documentation abo - [Troubleshooting UE-V](uev-troubleshooting.md) -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + +   diff --git a/windows/configuration/ue-v/uev-troubleshooting.md b/windows/configuration/ue-v/uev-troubleshooting.md index 1c9aa6f02b..15c38e1991 100644 --- a/windows/configuration/ue-v/uev-troubleshooting.md +++ b/windows/configuration/ue-v/uev-troubleshooting.md @@ -39,6 +39,6 @@ For information that can help with troubleshooting UE-V for Windows 10, see: - [Administering UE-V](uev-administering-uev.md) -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + diff --git a/windows/configuration/ue-v/uev-upgrade-uev-from-previous-releases.md b/windows/configuration/ue-v/uev-upgrade-uev-from-previous-releases.md index d3a5ce084c..c551db77fc 100644 --- a/windows/configuration/ue-v/uev-upgrade-uev-from-previous-releases.md +++ b/windows/configuration/ue-v/uev-upgrade-uev-from-previous-releases.md @@ -99,9 +99,9 @@ The UE-V template generator is included in the Windows Assessment and Deployment 3. To open the generator, open the **Start** menu and navigate to **Windows Kits** > **Microsoft User Experience Virtualization (UE-V) Template Generator**. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Other resources for this feature diff --git a/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md b/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md index 3ea25ad859..c3ee8ceeae 100644 --- a/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md +++ b/windows/configuration/ue-v/uev-using-uev-with-application-virtualization-applications.md @@ -38,10 +38,10 @@ UE-V monitors when an application opens by the program name and, optionally, by 4. Start the App-V package. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md b/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md index 6403ce9355..968d4d1dc4 100644 --- a/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md +++ b/windows/configuration/ue-v/uev-whats-new-in-uev-for-windows.md @@ -114,9 +114,9 @@ To enable settings synchronization using UE-V, do one of the following: UE-V includes Office 2016, Office 2013, and Office 2010 templates. Office 2007 templates are no longer supported. Users can still use Office 2007 templates from UE-V 2.0 or earlier and can still get templates from the [User Experience Virtualization Template Gallery](https://gallery.technet.microsoft.com/site/search?f%5B0%5D.Type=RootCategory&f%5B0%5D.Value=UE-V&f%5B0%5D.Text=UE-V). -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/ue-v/uev-working-with-custom-templates-and-the-uev-generator.md b/windows/configuration/ue-v/uev-working-with-custom-templates-and-the-uev-generator.md index ed9d9b9967..49cd6e736a 100644 --- a/windows/configuration/ue-v/uev-working-with-custom-templates-and-the-uev-generator.md +++ b/windows/configuration/ue-v/uev-working-with-custom-templates-and-the-uev-generator.md @@ -142,10 +142,10 @@ Before you share a settings location template on the UE-V template gallery, ensu Before you deploy any settings location template that you have downloaded from the UE-V gallery, you should first test the template to ensure that the application settings synchronize settings correctly in a test environment. -## Have a suggestion for UE-V? -Add or vote on suggestions on the [User Experience Virtualization feedback site](http://uev.uservoice.com/forums/280428-microsoft-user-experience-virtualization).
For UE-V issues, use the [UE-V TechNet Forum](https://social.technet.microsoft.com/Forums/en-us/home?forum=mdopuev&filter=alltypes&sort=lastpostdesc). + + ## Related topics diff --git a/windows/configuration/wcd/wcd-policies.md b/windows/configuration/wcd/wcd-policies.md index 5da3446971..d2d9d74f45 100644 --- a/windows/configuration/wcd/wcd-policies.md +++ b/windows/configuration/wcd/wcd-policies.md @@ -554,4 +554,4 @@ ConfigureTelemetryOptInSettingsUx | This policy setting determines whether peopl | Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | | --- | --- | :---: | :---: | :---: | :---: | :---: | -| [AllowUserInputFromWirelessDisplayReceiver](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver) | This policy controls whether or not the wireless display can send input (keyboard, mouse, pen, and touch, dependent upon display support) back to the source device. For example, a Surface Laptop is projecting wirelessly to a Surface Hub. If input from the wireless display receiver is allowed, users can draw with a pen on the Surface Hub. | X | X | | | | \ No newline at end of file +| [AllowUserInputFromWirelessDisplayReceiver](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver) | This policy controls whether or not the wireless display can send input (keyboard, mouse, pen, and touch, dependent upon display support) back to the source device. For example, a Surface Laptop is projecting wirelessly to a Surface Hub. If input from the wireless display receiver is allowed, users can draw with a pen on the Surface Hub. | X | X | | | | diff --git a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md index 1466263dc5..c75048f117 100644 --- a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md +++ b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md @@ -22,13 +22,14 @@ This topic will show you how to take your reference image for Windows 10, and d For the purposes of this topic, we will use three machines: DC01, MDT01, and PC0005. DC01 is a domain controller, MDT01 is a Windows Server 2012 R2 standard server, and PC0005 is a blank machine to which you deploy Windows 10. MDT01 and PC0005 are members of the domain contoso.com for the fictitious Contoso Corporation. -**Note**   -For important details about the setup for the steps outlined in this article, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md). -  ![figure 1](../images/mdt-07-fig01.png) Figure 1. The machines used in this topic. +>[!NOTE] +>For important details about the setup for the steps outlined in this article, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-10-with-the-microsoft-deployment-toolkit.md). +  + ## Step 1: Configure Active Directory permissions These steps will show you how to configure an Active Directory account with the permissions required to deploy a Windows 10 machine to the domain using MDT. These steps assume you have downloaded the sample [Set-OUPermissions.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619362) and copied it to C:\\Setup\\Scripts on DC01. The account is used for Windows Preinstallation Environment (Windows PE) to connect to MDT01. In order for MDT to join machines into the contoso.com domain you need to create an account and configure permissions in Active Directory. @@ -41,11 +42,10 @@ These steps will show you how to configure an Active Directory account with the 5. User cannot change password: Select 6. Password never expires: Select 3. In an elevated Windows PowerShell prompt (run as Administrator), run the following commands and press **Enter** after each command: - ``` syntax + ```powershell Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force Set-Location C:\Setup\Scripts - .\Set-OUPermissions.ps1 -Account MDT_JD - -TargetOU "OU=Workstations,OU=Computers,OU=Contoso" + .\Set-OUPermissions.ps1 -Account MDT_JD -TargetOU "OU=Workstations,OU=Computers,OU=Contoso" ``` 4. The Set-OUPermissions.ps1 script allows the MDT\_JD user account permissions to manage computer accounts in the Contoso / Computers OU. Below you find a list of the permissions being granted: 1. Scope: This object and all descendant objects @@ -92,9 +92,10 @@ In these steps, we assume that you have completed the steps in the [Create a Win 6. On the **Destination** page, in the **Destination directory name** text box, type **W10EX64RTM**, click **Next** twice, and then click **Finish**. 7. After adding the operating system, double-click the added operating system name in the **Operating Systems / Windows 10** node and change the name to match the following: **Windows 10 Enterprise x64 RTM Custom Image**. -**Note**   -The reason for adding the setup files has changed since earlier versions of MDT. MDT 2010 used the setup files to install Windows. MDT uses DISM to apply the image; however, you still need the setup files because some components in roles and features are stored outside the main image. +>[!NOTE]   +>The reason for adding the setup files has changed since earlier versions of MDT. MDT 2010 used the setup files to install Windows. MDT uses DISM to apply the image; however, you still need the setup files because some components in roles and features are stored outside the main image.   + ![figure 2](../images/fig2-importedos.png) Figure 2. The imported operating system after renaming it. @@ -128,8 +129,8 @@ In order to deploy Windows 10 with MDT successfully, you need drivers for the b - Microsoft Surface Pro For boot images, you need to have storage and network drivers; for the operating system, you need to have the full suite of drivers. -**Note**   -You should only add drivers to the Windows PE images if the default drivers don't work. Adding drivers that are not necessary will only make the boot image larger and potentially delay the download time. +>[!NOTE] +>You should only add drivers to the Windows PE images if the default drivers don't work. Adding drivers that are not necessary will only make the boot image larger and potentially delay the download time.   ### Create the driver source structure in the file system @@ -150,8 +151,8 @@ The key to successful management of drivers for MDT, as well as for any other de - Microsoft Corporation - Surface Pro 3 -**Note**   -Even if you are not going to use both x86 and x64 boot images, we still recommend that you add the support structure for future use. +>[!NOTE] +>Even if you are not going to use both x86 and x64 boot images, we still recommend that you add the support structure for future use.   ### Create the logical driver structure in MDT @@ -285,8 +286,9 @@ This section will show you how to create the task sequence used to deploy your p 2. Configure the **Inject Drivers** action with the following settings: 1. Choose a selection profile: Nothing 2. Install all drivers from the selection profile - **Note**   - The configuration above indicates that MDT should only use drivers from the folder specified by the DriverGroup001 property, which is defined by the "Choose a selection profile: Nothing" setting, and that MDT should not use plug and play to determine which drivers to copy, which is defined by the "Install all drivers from the selection profile" setting. + + >[!NOTE]   + >The configuration above indicates that MDT should only use drivers from the folder specified by the DriverGroup001 property, which is defined by the "Choose a selection profile: Nothing" setting, and that MDT should not use plug and play to determine which drivers to copy, which is defined by the "Install all drivers from the selection profile" setting.   3. State Restore. Enable the **Windows Update (Pre-Application Installation)** action. 4. State Restore. Enable the **Windows Update (Post-Application Installation)** action. @@ -359,8 +361,10 @@ In this section, you will learn how to configure the MDT Build Lab deployment sh - In the **Lite Touch Boot Image Settings** area: 1. Image description: MDT Production x86 2. ISO file name: MDT Production x86.iso - **Note**   - Because you are going to use Pre-Boot Execution Environment (PXE) later to deploy the machines, you do not need the ISO file; however, we recommend creating ISO files because they are useful when troubleshooting deployments and for quick tests. + + >[!NOTE] + + >Because you are going to use Pre-Boot Execution Environment (PXE) later to deploy the machines, you do not need the ISO file; however, we recommend creating ISO files because they are useful when troubleshooting deployments and for quick tests.   7. In the **Drivers and Patches** sub tab, select the **WinPE x86** selection profile and select the **Include all drivers from the selection profile** option. 8. In the **Windows PE** tab, in the **Platform** drop-down list, select **x64**. @@ -372,8 +376,8 @@ In this section, you will learn how to configure the MDT Build Lab deployment sh 11. In the **Monitoring** tab, select the **Enable monitoring for this deployment share** check box. 12. Click **OK**. -**Note**   -It will take a while for the Deployment Workbench to create the monitoring database and web service. +>[!NOTE] +>It will take a while for the Deployment Workbench to create the monitoring database and web service.   ![figure 8](../images/mdt-07-fig08.png) @@ -479,8 +483,8 @@ Like the MDT Build Lab deployment share, the MDT Production deployment share nee 1. Right-click the **MDT Production** deployment share and select **Update Deployment Share**. 2. Use the default options for the Update Deployment Share Wizard. -**Note**   -The update process will take 5 to 10 minutes. +>[!NOTE] +>The update process will take 5 to 10 minutes.   ## Step 8: Deploy the Windows 10 client image @@ -588,8 +592,9 @@ To filter what is being added to the media, you create a selection profile. When In these steps, you generate offline media from the MDT Production deployment share. To filter what is being added to the media, you use the previously created selection profile. 1. On MDT01, using File Explorer, create the **E:\\MDTOfflineMedia** folder. - **Note**   - When creating offline media, you need to create the target folder first. It is crucial that you do not create a subfolder inside the deployment share folder because it will break the offline media. + + >[!NOTE] + >When creating offline media, you need to create the target folder first. It is crucial that you do not create a subfolder inside the deployment share folder because it will break the offline media.   2. Using Deployment Workbench, in the **MDT Production / Advanced Configuration** node, right-click the **Media** node, and select **New Media**. 3. Use the following settings for the New Media Wizard: diff --git a/windows/deployment/deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md b/windows/deployment/deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md index 23c462b839..c96216fab7 100644 --- a/windows/deployment/deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md +++ b/windows/deployment/deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md @@ -45,7 +45,10 @@ These steps assume that you have the MDT01 member server installed and configure 3. On the **Select the features you want to change** page, select the features below and complete the wizard using the default settings: 1. Deployment Tools 2. Windows Preinstallation Environment (Windows PE) - 3. User State Migration Tool (UMST) + 3. User State Migration Tool (USMT) + + >[!IMPORTANT] + >Starting with Windows 10, version 1809, Windows PE is released separately from the AFK. See [Download and install the Windows ADK](https://docs.microsoft.com/windows-hardware/get-started/adk-install) for more information. ## Install MDT diff --git a/windows/deployment/images/upgrademdt-fig1-machines.png b/windows/deployment/images/upgrademdt-fig1-machines.png index 38129332e6..ef553b6595 100644 Binary files a/windows/deployment/images/upgrademdt-fig1-machines.png and b/windows/deployment/images/upgrademdt-fig1-machines.png differ diff --git a/windows/deployment/planning/act-technical-reference.md b/windows/deployment/planning/act-technical-reference.md index 9482f98808..d73dc16060 100644 --- a/windows/deployment/planning/act-technical-reference.md +++ b/windows/deployment/planning/act-technical-reference.md @@ -6,7 +6,7 @@ ms.prod: w10 ms.mktglfcycl: plan ms.pagetype: appcompat ms.sitesec: library -author: eross-msft +author: jdeckerms ms.date: 04/19/2017 ms.topic: article --- diff --git a/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md b/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md index 7bfbdc5b72..5ecbefe38b 100644 --- a/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md +++ b/windows/deployment/planning/using-the-sdbinstexe-command-line-tool.md @@ -25,14 +25,14 @@ ms.topic: article You must deploy your customized database (.sdb) files to other computers in your organization before your compatibility fixes, compatibility modes, and AppHelp messages are applied. You can deploy your customized database files in several ways, including by using a logon script, by using Group Policy, or by performing file copy operations. -After you deploy and store the customized databases on each of your local computers, you must register the database files. Until you register the database files, the operating system is unable to identify the available compatibility fixes when starting an application. +After you deploy and store the customized databases on each of your local computers, you must register the database files. Until you register the database files, the operating system is unable to identify the available compatibility fixes when starting an application. ## Command-Line Options for Deploying Customized Database Files The command-line options use the following conventions. -Sdbinst.exe \[-q\] \[-u filepath\] \[-g *GUID*\] \[-n *"name"*\] \[-?\] +Sdbinst.exe \[-q\] \[-?\] \[-u\] \[-g\] \[-p\] \[-u filepath\] \[-g *GUID*\] \[-n *"name"*\] The following table describes the available command-line options. @@ -78,8 +78,14 @@ The following table describes the available command-line options.

For example,

sdbinst.exe -?

+ +

-p

+

Allows SDBs installation with Patches

+

For example,

+

sdbinst.exe -p C:\Windows\AppPatch\Myapp.sdb

+ ## Related topics -[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md) \ No newline at end of file +[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md) diff --git a/windows/deployment/planning/windows-10-1803-removed-features.md b/windows/deployment/planning/windows-10-1803-removed-features.md index f31922410d..8afb576298 100644 --- a/windows/deployment/planning/windows-10-1803-removed-features.md +++ b/windows/deployment/planning/windows-10-1803-removed-features.md @@ -51,4 +51,4 @@ If you have feedback about the proposed replacement of any of these features, yo |Phone Companion|Use the **Phone** page in the Settings app. In Windows 10, version 1709, we added the new **Phone** page to help you sync your mobile phone with your PC. It includes all the Phone Companion features.| |IPv4/6 Transition Technologies (6to4, ISATAP, and Direct Tunnels)|6to4 has been disabled by default since Windows 10, version 1607 (the Anniversary Update), ISATAP has been disabled by default since Windows 10, version 1703 (the Creators Update), and Direct Tunnels has always been disabled by default. Please use native IPv6 support instead.| |[Layered Service Providers](https://msdn.microsoft.com/library/windows/desktop/bb513664)|Layered Service Providers have been deprecated since Windows 8 and Windows Server 2012. Use the [Windows Filtering Platform](https://msdn.microsoft.com/library/windows/desktop/aa366510) instead. When you upgrade from an older version of Windows, any layered service providers you're using aren't migrated; you'll need to re-install them after upgrading.| -|Business Scanning, also called Distributed Scan Management (DSM) **(Added 05/03/2018)**|The [Scan Management functionality](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd759124\(vs.11\)) was introduced in Windows 7 and enabled secure scanning and the management of scanners in an enterprise. We're no longer investing in this feature, and there are no devices available that support it.| +|Business Scanning, also called Distributed Scan Management (DSM) **(Added 05/03/2018)**|The [Scan Management functionality](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd759124(v=ws.11)) was introduced in Windows 7 and enabled secure scanning and the management of scanners in an enterprise. We're no longer investing in this feature, and there are no devices available that support it.| diff --git a/windows/deployment/update/waas-manage-updates-wufb.md b/windows/deployment/update/waas-manage-updates-wufb.md index 9c63798bd2..be96b68e59 100644 --- a/windows/deployment/update/waas-manage-updates-wufb.md +++ b/windows/deployment/update/waas-manage-updates-wufb.md @@ -112,7 +112,7 @@ Also, the pause period is calculated from the set start date. For more details, ## Monitor Windows Updates by using Update Compliance -Update Compliance, now **available in public preview**, provides a holistic view of OS update compliance, update deployment progress, and failure troubleshooting for Windows 10 devices. This new service uses diagnostic data including installation progress, Windows Update configuration, and other information to provide such insights, at no extra cost and without additional infrastructure requirements. Whether used with Windows Update for Business or other management tools, you can be assured that your devices are properly updated. +Update Compliance provides a holistic view of OS update compliance, update deployment progress, and failure troubleshooting for Windows 10 devices. This new service uses diagnostic data including installation progress, Windows Update configuration, and other information to provide such insights, at no extra cost and without additional infrastructure requirements. Whether used with Windows Update for Business or other management tools, you can be assured that your devices are properly updated. ![Update Compliance Dashboard](images/waas-wufb-update-compliance.png) diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md index 218be1564a..3d46e34a86 100644 --- a/windows/deployment/update/waas-overview.md +++ b/windows/deployment/update/waas-overview.md @@ -117,8 +117,7 @@ The concept of servicing channels is new, but organizations can use the same man ### Semi-Annual Channel -In the Semi-Annual servicing channel, feature updates are available as soon as Microsoft releases them. Windows 10, version 1511, had few servicing tool options to delay feature updates, limiting the use of the Semi-Annual servicing channel. Windows 10, version 1607 and onward, includes more servicing tools that can delay feature updates for up to 365 days. This servicing modal is ideal for pilot deployments and testing of Windows 10 feature updates and for users such as developers who need to work with the latest features immediately. -Once the latest release went through pilot deployment and testing, you choose the timing at which it goes into broad deployment. +In the Semi-Annual servicing channel, feature updates are available as soon as Microsoft releases them. Windows 10, version 1511, had few servicing tool options to delay feature updates, limiting the use of the Semi-Annual servicing channel. Windows 10, version 1607 and onward, includes more servicing tools that can delay feature updates for up to 365 days. This servicing model is ideal for pilot deployments and testing of Windows 10 feature updates and for users such as developers who need to work with the latest features immediately. Once the latest release has gone through pilot deployment and testing, you will be able to choose the timing at which it goes into broad deployment. When Microsoft officially releases a feature update for Windows 10, it is made available to any PC not configured to defer feature updates so that those devices can immediately install it. Organizations that use Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager, or Windows Update for Business, however, can defer feature updates to selective devices by withholding their approval and deployment. In this scenario, the content available for the Semi-Annual Channel will be available but not necessarily immediately mandatory, depending on the policy of the management system. For more details about Windows 10 servicing tools, see [Servicing tools](#servicing-tools). @@ -146,7 +145,7 @@ Microsoft never publishes feature updates through Windows Update on devices that >[!NOTE] >Windows 10 LTSB will support the currently released processors and chipsets at the time of release of the LTSB. As future CPU generations are released, support will be created through future Windows 10 LTSB releases that customers can deploy for those systems. For more information, see **Supporting the latest processor and chipsets on Windows** in [Lifecycle support policy FAQ - Windows Products](https://support.microsoft.com/help/18581/lifecycle-support-policy-faq-windows-products). -The Long-term Servicing Channel is available only in the Windows 10 Enterprise LTSB edition. This edition of Windows doesn’t include a number of applications, such as Microsoft Edge, Microsoft Store, Cortana (though limited search capabilities remain available), Microsoft Mail, Calendar, OneNote, Weather, News, Sports, Money, Photos, Camera, Music, and Clock. These apps are not supported in Windows 10 Enterprise LTSB edition, even of you install by using sideloading. +The Long-term Servicing Channel is available only in the Windows 10 Enterprise LTSB edition. This edition of Windows doesn’t include a number of applications, such as Microsoft Edge, Microsoft Store, Cortana (though limited search capabilities remain available), Microsoft Mail, Calendar, OneNote, Weather, News, Sports, Money, Photos, Camera, Music, and Clock. These apps are not supported in Windows 10 Enterprise LTSB edition, even if you install by using sideloading. >[!NOTE] >If an organization has devices currently running Windows 10 Enterprise LTSB that it would like to change to the Semi-Annual Channel, it can make the change without losing user data. Because LTSB is its own SKU, however, an upgrade is required from Windows 10 Enterprise LTSB to Windows 10 Enterprise, which supports the Semi-Annual Channel. diff --git a/windows/deployment/update/waas-restart.md b/windows/deployment/update/waas-restart.md index c6eda60ace..13c1dce96d 100644 --- a/windows/deployment/update/waas-restart.md +++ b/windows/deployment/update/waas-restart.md @@ -17,15 +17,15 @@ ms.topic: article **Applies to** - Windows 10 -- Windows 10 Mobile +- Windows 10 Mobile -> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq) +> **Looking for consumer information?** See [Windows Update: FAQ](https://support.microsoft.com/help/12373/windows-update-faq) You can use Group Policy settings, mobile device management (MDM) or Registry (not recommended) to configure when devices will restart after a Windows 10 update is installed. You can schedule update installation and set policies for restart, configure active hours for when restarts will not occur, or you can do both. ## Schedule update installation -In Group Policy, within **Configure Automatic Updates**, you can configure a forced restart after a specified installation time. +In Group Policy, within **Configure Automatic Updates**, you can configure a forced restart after a specified installation time. To set the time, you need to go to **Configure Automatic Updates**, select option **4 - Auto download and schedule the install**, and then enter a time in the **Scheduled install time** dropdown. Alternatively, you can specify that installation will occur during the automatic maintenance time (configured using **Computer Configuration\Administrative Templates\Windows Components\Maintenance Scheduler**). @@ -40,7 +40,7 @@ For a detailed description of these registry keys, see [Registry keys used to ma When **Configure Automatic Updates** is enabled in Group Policy, you can enable one of the following additional policies to delay an automatic reboot after update installation: - **Turn off auto-restart for updates during active hours** prevents automatic restart during active hours. -- **No auto-restart with logged on users for scheduled automatic updates installations** prevents automatic restart when a user is signed in. If a user schedules the restart in the update notification, the device will restart at the time the user specifies even if a user is signed in at the time. This policy only applies when **Configure Automatic Updates** is set to option **4-Auto download and schedule the install**. +- **No auto-restart with logged on users for scheduled automatic updates installations** prevents automatic restart when a user is signed in. If a user schedules the restart in the update notification, the device will restart at the time the user specifies even if a user is signed in at the time. This policy only applies when **Configure Automatic Updates** is set to option **4-Auto download and schedule the install**. You can also use Registry, to prevent automatic restarts when a user is signed in. Under **HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU**, set **AuOptions** to **4** and enable **NoAutoRebootWithLoggedOnUsers**. As with Group Policy, if a user schedules the restart in the update notification, it will override this setting. @@ -48,9 +48,9 @@ For a detailed description of these registry keys, see [Registry keys used to ma ## Configure active hours -*Active hours* identify the period of time when you expect the device to be in use. Automatic restarts after an update will occur outside of the active hours. +*Active hours* identify the period of time when you expect the device to be in use. Automatic restarts after an update will occur outside of the active hours. -By default, active hours are from 8 AM to 5 PM on PCs and from 5 AM to 11 PM on phones. Users can change the active hours manually. +By default, active hours are from 8 AM to 5 PM on PCs and from 5 AM to 11 PM on phones. Users can change the active hours manually. Starting with Windows 10, version 1703, you can also specify the max active hours range. The specified range will be counted from the active hours start time. @@ -89,7 +89,7 @@ For a detailed description of these registry keys, see [Registry keys used to ma With Windows 10, version 1703, administrators can specify the max active hours range users can set. This option gives you additional flexibility to leave some of the decision for active hours on the user's side, while making sure you allow enough time for updating. The max range is calculated from active hours start time. -To configure active hours max range through Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Windows Update** and open the **Specify active hours range for auto-restarts**. +To configure active hours max range through Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Windows Update** and open the **Specify active hours range for auto-restarts**. To configure active hours max range through MDM, use [**Update/ActiveHoursMaxRange**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider?UpdatePolicies#update-activehoursmaxrange). @@ -103,9 +103,9 @@ In Windows 10, version 1703, we have added settings to control restart notificat ### Auto-restart notifications -Administrators can override the default behavior for the auto-restart required notification. By default, this notification will dismiss automatically. +Administrators can override the default behavior for the auto-restart required notification. By default, this notification will dismiss automatically. -To configure this behavior through Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Windows Update** and select **Configure auto-restart required notification for updates**. When configured to **2 - User Action**, a user that gets this notification must manually dismiss it. +To configure this behavior through Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Windows Update** and select **Configure auto-restart required notification for updates**. When configured to **2 - User Action**, a user that gets this notification must manually dismiss it. To configure this behavior through MDM, use [**Update/AutoRestartRequiredNotificationDismissal**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider?UpdatePolicies#update-AutoRestartRequiredNotificationDismissal) @@ -170,7 +170,7 @@ The following tables list registry values that correspond to the Group Policy se | Registry key | Key type | Value | | --- | --- | --- | | ActiveHoursEnd | REG_DWORD | 0-23: set active hours to end at a specific hour
starts with 12 AM (0) and ends with 11 PM (23) | -| ActiveHoursStart | REG_DWORD | 0-23: set active hours to start at a specific hour
starts with 12 AM (0) and ends with 11 PM (23) | +| ActiveHoursStart | REG_DWORD | 0-23: set active hours to start at a specific hour
starts with 12 AM (0) and ends with 11 PM (23) | | SetActiveHours | REG_DWORD | 0: disable automatic restart after updates outside of active hours
1: enable automatic restart after updates outside of active hours | **HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU** @@ -179,32 +179,24 @@ The following tables list registry values that correspond to the Group Policy se | --- | --- | --- | | AlwaysAutoRebootAtScheduledTime | REG_DWORD | 0: disable automatic reboot after update installation at scheduled time
1: enable automatic reboot after update installation at ascheduled time | | AlwaysAutoRebootAtScheduledTimeMinutes | REG_DWORD | 15-180: set automatic reboot to occur after given minutes | -| AUOptions | REG_DWORD | 2: notify for download and automatically install updates
3: automatically download and notify for instllation of updates
4: Automatically download and schedule installation of updates
5: allow the local admin to configure these settings
**Note:** To configure restart behavior, set this value to **4** | -| NoAutoRebootWithLoggedOnUsers | REG_DWORD | 0: disable do not reboot if users are logged on
1: do not reboot after an update installation if a user is logged on
**Note:** If disabled : Automatic Updates will notify the user that the computer will automatically restarts in 5 minutes to complete the installation | +| AUOptions | REG_DWORD | 2: notify for download and notify for installation of updates
3: automatically download and notify for installation of updates
4: Automatically download and schedule installation of updates
5: allow the local admin to configure these settings
**Note:** To configure restart behavior, set this value to **4** | +| NoAutoRebootWithLoggedOnUsers | REG_DWORD | 0: disable do not reboot if users are logged on
1: do not reboot after an update installation if a user is logged on
**Note:** If disabled : Automatic Updates will notify the user that the computer will automatically restart in 5 minutes to complete the installation | | ScheduledInstallTime | REG_DWORD | 0-23: schedule update installation time to a specific hour
starts with 12 AM (0) and ends with 11 PM (23) | There are 3 different registry combinations for controlling restart behavior: - To set active hours, **SetActiveHours** should be **1**, while **ActiveHoursStart** and **ActiveHoursEnd** should define the time range. - To schedule a specific installation and reboot time, **AUOptions** should be **4**, **ScheduledInstallTime** should specify the installation time, **AlwaysAutoRebootAtScheduledTime** set to **1** and **AlwaysAutoRebootAtScheduledTimeMinutes** should specify number of minutes to wait before rebooting. -- To delay rebooting if a user is logged on, **AUOptions** should be **4**, while **NoAutoRebootWithLoggedOnUsers** is set to **1**. +- To delay rebooting if a user is logged on, **AUOptions** should be **4**, while **NoAutoRebootWithLoggedOnUsers** is set to **1**. ## Related topics - [Update Windows 10 in the enterprise](index.md) - [Overview of Windows as a service](waas-overview.md) -- [Manage updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile](waas-mobile-updates.md) +- [Manage updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile](waas-mobile-updates.md) - [Configure Delivery Optimization for Windows 10 updates](waas-delivery-optimization.md) - [Configure BranchCache for Windows 10 updates](waas-branchcache.md) - [Configure Windows Update for Business](waas-configure-wufb.md) - [Integrate Windows Update for Business with management solutions](waas-integrate-wufb.md) - [Walkthrough: use Group Policy to configure Windows Update for Business](waas-wufb-group-policy.md) - [Walkthrough: use Intune to configure Windows Update for Business](waas-wufb-intune.md) - - - - - - - - diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 6be715e074..48fcd8eb4c 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -42,6 +42,8 @@ If you've followed the steps in the [Enrolling devices in Windows Analytics](win [Device names not appearing for Windows 10 devices](#device-names-not-appearing-for-windows-10-devices) +[Custom log queries using the AbnormalShutdownCount field of Device Health show zero or lower than expected results](#custom-log-queries-using-the-abnormalshutdowncount-field-of-device-health-show-zero-or-lower-than-expected-results) + [Disable Upgrade Readiness](#disable-upgrade-readiness) [Exporting large data sets](#exporting-large-data-sets) @@ -54,7 +56,7 @@ In Log Analytics, go to **Settings > Connected sources > Windows telemetry** and Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices with a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://blogs.technet.microsoft.com/upgradeanalytics/2017/05/12/wheres-my-data/) on the Windows Analytics blog. >[!NOTE] -> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," go to **Settings > Connected sources > Windows telemetry** and unsubscribe, wait a minute and then re-subscribe to Upgrade Readiness. +> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," go to **Settings > Connected sources > Windows telemetry** remove the Upgrade Readiness solution, and then re-add it. If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues: @@ -78,7 +80,7 @@ If you have deployed images that have not been generalized, then many of them mi [![Device Reliability tile showing device count highlighted](images/device-reliability-device-count.png)](images/device-reliability-device-count.png) -If you have devices that appear in other solutions, but not Device Health, follow these steps to investigate the issue: +If you have devices that appear in other solutions, but not Device Health (the Device Health overview tile shows "Performing Assessment" or the device count is lower than expected), follow these steps to investigate the issue: 1. Using the Azure portal, remove the Device Health (appears as DeviceHealthProd on some pages) solution from your Log Analytics workspace. After completing this, add the Device Health solution to you workspace again. 2. Confirm that the devices are running Windows 10. 3. Verify that the Commercial ID is present in the device's registry. For details see [https://gpsearch.azurewebsites.net/#13551](https://gpsearch.azurewebsites.net/#13551). @@ -201,6 +203,20 @@ Finally, Upgrade Readiness only collects IE site discovery data on devices that ### Device names not appearing for Windows 10 devices Starting with Windows 10, version 1803, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md). Allowing device names to be collected can make it easier for you to identify individual devices that report problems. Without the device name, Windows Analytics can only label devices by a GUID that it generates. +### Custom log queries using the AbnormalShutdownCount field of Device Health show zero or lower than expected results +This issue affects custom queries of the Device Health data by using the **Logs > Search page** or API. It does not impact any of the built-in tiles or reports of the Device Health solution. The **AbnormalShutdownCount** field of the **DHOSReliability** data table represents abnormal shutdowns other than crashes, such as sudden power loss or holding down the power button. + +We have identified an incompatibility between AbnormalShutdownCount and the Limited Enhanced diagnostic data level on Windows 10, versions 1709, 1803, and 1809. Such devices do not send the abnormal shutdown signal to Microsoft. You should not rely on AbnormalShutdownCount in your custom queries unless you use any one of the following workarounds: + + +- Upgrade devices to Windows 10, version 1903 when available. Participants in the Windows Insider program can preview this change using Windows Insider builds. +- Change the diagnostic data setting from devices running Windows 10, versions 1709, 1803, and 1809 normal Enhanced level instead of Limited Enhanced. +- Use alternative data from devices to track abnormal shutdowns. For example, you can forward abnormal shutdown events from the Windows Event Log to your Log Analytics workspace by using the Log Analytics agent. Suggested events to forward include: + - Log: System, ID: 41, Source: Kernel-Power + - Log System, ID: 6008, Source: EventLog + + + ### Disable Upgrade Readiness If you want to stop using Upgrade Readiness and stop sending diagnostic data to Microsoft, follow these steps: diff --git a/windows/deployment/update/windows-analytics-overview.md b/windows/deployment/update/windows-analytics-overview.md index b3d29aa83c..8ebb6a4bff 100644 --- a/windows/deployment/update/windows-analytics-overview.md +++ b/windows/deployment/update/windows-analytics-overview.md @@ -51,4 +51,7 @@ Use Upgrade Readiness to get: - Application usage information, allowing targeted validation; workflow to track validation progress and decisions - Data export to commonly used software deployment tools, including System Center Configuration Manager -To get started with any of these solutions, visit the links for instructions to add it to Azure Portal. \ No newline at end of file +To get started with any of these solutions, visit the links for instructions to add it to Azure Portal. + +>[!NOTE] +> For details about licensing requirements and costs associated with using Windows Analytics solutions, see [What are the requirements and costs for Windows Analytics solutions?](windows-analytics-FAQ-troubleshooting.md#what-are-the-requirements-and-costs-for-windows-analytics-solutions). diff --git a/windows/deployment/upgrade/upgrade-readiness-requirements.md b/windows/deployment/upgrade/upgrade-readiness-requirements.md index dbae4ad42f..9d4f85609f 100644 --- a/windows/deployment/upgrade/upgrade-readiness-requirements.md +++ b/windows/deployment/upgrade/upgrade-readiness-requirements.md @@ -26,7 +26,8 @@ The compatibility update that sends diagnostic data from user computers to Micro If you need to update user computers to Windows 7 SP1 or Windows 8.1, use Windows Update or download and deploy the applicable package from the Microsoft Download Center. -Note: Upgrade Readiness is designed to best support in-place upgrades. In-place upgrades do not support migrations from BIOS to UEFI or from 32-bit to 64-bit architecture. If you need to migrate computers in these scenarios, use the wipe-and-reload method. Upgrade Readiness insights are still valuable in this scenario, however, you can ignore in-place upgrade specific guidance. +> [!NOTE] +> Upgrade Readiness is designed to best support in-place upgrades. In-place upgrades do not support migrations from BIOS to UEFI or from 32-bit to 64-bit architecture. If you need to migrate computers in these scenarios, use the wipe-and-reload method. Upgrade Readiness insights are still valuable in this scenario, however, you can ignore in-place upgrade specific guidance. See [Windows 10 Specifications](https://www.microsoft.com/en-US/windows/windows-10-specifications) for additional information about computer system requirements. diff --git a/windows/deployment/windows-10-enterprise-subscription-activation.md b/windows/deployment/windows-10-enterprise-subscription-activation.md index 8fe7eba6f0..767a8c0724 100644 --- a/windows/deployment/windows-10-enterprise-subscription-activation.md +++ b/windows/deployment/windows-10-enterprise-subscription-activation.md @@ -9,6 +9,8 @@ ms.sitesec: library ms.pagetype: mdt author: greg-lindsay ms.collection: M365-modern-desktop +search.appverid: +- MET150 ms.topic: article --- diff --git a/windows/deployment/windows-autopilot/autopilot-faq.md b/windows/deployment/windows-autopilot/autopilot-faq.md index a22b5336e7..7399e75801 100644 --- a/windows/deployment/windows-autopilot/autopilot-faq.md +++ b/windows/deployment/windows-autopilot/autopilot-faq.md @@ -32,7 +32,7 @@ A [glossary](#glossary) of abbreviations used in this topic is provided at the e | How does a customer authorize an OEM or Channel Partner to register Autopilot devices on the customer’s behalf? | Before an OEM or Channel Partner can register a device for Autopilot on behalf of a customer, the customer must first give them consent. The consent process begins with the OEM or Channel Partner sending a link to the customer, which directs the customer to a consent page in Microsoft Store for Business. The steps explaining this process are [here](registration-auth.md). | | Are there any restrictions if a business customer has registered devices in MSfB and later wants those devices to be managed by a CSP via the Partner Center? | The devices will need to be deleted in MSfB by the business customer before the CSP can upload and manage them in the Partner Center. | | Does Windows Autopilot support removing the option to enable a local administrator account? | Windows Autopilot doesn’t support removing the local admin account. However, it does support restricting the user performing AAD domain join in OOBE to a standard account (versus admin account by default).| -| How can I test the Windows Autopilot CSV file in the Partner Center? | Only CSP Partners have access to the Partner Center portal. If you are a CSP, you can create a Sales agent user account which has access to “Devices” for testing the file. This can be done today in the Partner Center.

Go [here](https://msdn.microsoft.com/partner-center/createuseraccounts-and-set-permissions) for more information. | +| How can I test the Windows Autopilot CSV file in the Partner Center? | Only CSP Partners have access to the Partner Center portal. If you are a CSP, you can create a Sales agent user account which has access to “Devices” for testing the file. This can be done today in the Partner Center.

Go [here](https://msdn.microsoft.com/partner-center/create-user-accounts-and-set-permissions) for more information. | | Must I become a Cloud Solution Provider (CSP) to participate in Windows Autopilot? | Top volume OEMs do not, as they can use the OEM Direct API. All others who choose to use MPC to register devices must become CSPs in order to access MPC. | | Do the different CSP levels have all the same capabilities when it comes to Windows Autopilot? | For purposes of Windows Autopilot, there are three different types of CSPs, each with different levels of authority an access:

1. Direct CSP: Gets direct authorization from the customer to register devices.

2. Indirect CSP Provider: Gets implicit permission to register devices through the relationship their CSP Reseller partner has with the customer. Indirect CSP Providers register devices through Microsoft Partner Center.

3. Indirect CSP Reseller: Gets direct authorization from the customer to register devices. At the same time, their indirect CSP Provider partner also gets authorization, which mean that either the Indirect Provider or the Indirect Reseller can register devices for the customer. However, the Indirect CSP Reseller must register devices through the MPC UI (manually uploading CSV file), whereas the Indirect CSP Provider has the option to register devices using the MPC APIs. | diff --git a/windows/deployment/windows-autopilot/user-driven-hybrid.md b/windows/deployment/windows-autopilot/user-driven-hybrid.md index 2381c3b8c8..c084916d3e 100644 --- a/windows/deployment/windows-autopilot/user-driven-hybrid.md +++ b/windows/deployment/windows-autopilot/user-driven-hybrid.md @@ -32,6 +32,7 @@ To perform a user-driven hybrid AAD joined deployment using Windows Autopilot: - The device must be connected to the Internet and have access to an Active Directory domain controller. - The Intune Connector for Active Directory must be installed. - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf. +- If using Proxy, WDAP Proxy settings option must be enabled and configured. **AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default. diff --git a/windows/hub/release-information.md b/windows/hub/release-information.md index 89d0606cfe..0901e6fe8c 100644 --- a/windows/hub/release-information.md +++ b/windows/hub/release-information.md @@ -28,6 +28,8 @@ November 13 marks the revised start of the servicing timeline for the Semi-Annua For information about the re-release and updates to the support lifecycle, refer to [John Cable's blog](https://blogs.windows.com/windowsexperience/2018/10/09/updated-version-of-windows-10-october-2018-update-released-to-windows-insiders/), [Windows 10 Update History](https://support.microsoft.com/help/4464619), and the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853). +
+
diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index adb861c877..0cbf266f2a 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -18,7 +18,7 @@ ms.date: 06/05/2018 # Manage connections from Windows operating system components to Microsoft services -**Applies to** +**Applies to** - Windows 10 Enterprise, version 1607 and newer - Windows Server 2016 @@ -36,7 +36,7 @@ To help make it easier to deploy settings to restrict connections from Windows 1 This baseline was created in the same way as the [Windows security baselines](/windows/device-security/windows-security-baselines) that are often used to efficiently configure Windows to a known secure state. Running the Windows Restricted Traffic Limited Functionality Baseline on devices in your organization will allow you to quickly configure all of the settings covered in this document. However, some of the settings reduce the functionality and security configuration of your device and are therefore not recommended. -Make sure should you've chosen the right settings configuration for your environment before applying. +Make sure you've chosen the right settings configuration for your environment before applying. You should not extract this package to the windows\\system32 folder because it will not apply correctly. >[!IMPORTANT] @@ -118,49 +118,50 @@ The following table lists management options for each setting, beginning with Wi | [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [9. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [10. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [11. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [12. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [13. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [14. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [15. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [16. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | -| [17. Settings > Privacy](#bkmk-settingssection) | | | | | | -|     [17.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) | | -|     [17.6 Speech, inking, & typing](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | -|     [17.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [18. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [19. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | | | | -| [20. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [21. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [22. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [23. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [23.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [24. Windows Media Player](#bkmk-wmp) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | -| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -|     [26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | | | -| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | -| [29. License Manager](#bkmk-licmgr) | | | | ![Check mark](images/checkmark.png) | | +| [9. License Manager](#bkmk-licmgr) | | | | ![Check mark](images/checkmark.png) | | +| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | +| [18. Settings > Privacy](#bkmk-settingssection) | | | | | | +|     [18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) | | +|     [18.6 Speech, inking, & typing](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | +|     [18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | | | | +| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [25. Windows Media Player](#bkmk-wmp) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | +| [26. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [27. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +|     [27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | | | +| [28. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [29. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | + ### Settings for Windows Server 2016 with Desktop Experience @@ -175,19 +176,19 @@ See the following table for a summary of the management settings for Windows Ser | [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [9. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [11. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [13. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [15. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | | -| [17. Settings > Privacy](#bkmk-settingssection) | | | | | -|     [17.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [18. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [21. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [23. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [24. Windows Media Player](#bkmk-wmp) | | | | ![Check mark](images/checkmark.png) | -| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | | | -| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | | +| [18. Settings > Privacy](#bkmk-settingssection) | | | | | +|     [18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [20. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [25. Windows Media Player](#bkmk-wmp) | | | | ![Check mark](images/checkmark.png) | +| [27. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | | | +| [29. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ### Settings for Windows Server 2016 Server Core @@ -198,11 +199,11 @@ See the following table for a summary of the management settings for Windows Ser | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [6. Font streaming](#font-streaming) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [13. Network Connection Status Indicator](#bkmk-ncsi) | ![Check mark](images/checkmark.png) | | | -| [18. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) | | | -| [21. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | -| [23. Windows Defender](#bkmk-defender) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [14. Network Connection Status Indicator](#bkmk-ncsi) | ![Check mark](images/checkmark.png) | | | +| [19. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) | | | +| [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | +| [24. Windows Defender](#bkmk-defender) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [29. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ### Settings for Windows Server 2016 Nano Server @@ -212,8 +213,8 @@ See the following table for a summary of the management settings for Windows Ser | - | :-: | :-: | :-: | :-: | :-: | | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) | | | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | | -| [21. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | -| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | | +| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | +| [29. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | | ### Settings for Windows Server 2019 @@ -229,48 +230,48 @@ See the following table for a summary of the management settings for Windows Ser | [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [9. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [10. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [11. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [12. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [13. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [14. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [15. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [16. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | -| [17. Settings > Privacy](#bkmk-settingssection) | | | | | | -|     [17.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) | | -|     [17.6 Speech, inking, & typing](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | -|     [17.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [17.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [18. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [19. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | | | | -| [20. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [21. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | -| [22. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -| [23. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -|     [23.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [24. Windows Media Player](#bkmk-wmp) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | -| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | -|     [26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | | | -| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | -| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | +| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | +| [18. Settings > Privacy](#bkmk-settingssection) | | | | | | +|     [18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) | | +|     [18.6 Speech, inking, & typing](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | +|     [18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | | | | +| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | +| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +|     [24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [25. Windows Media Player](#bkmk-wmp) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) | +| [26. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [27. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | | +|     [27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | | | +| [28. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | +| [29. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | | ## How to configure each setting @@ -341,8 +342,6 @@ You can also apply the Group Policies using the following registry keys: | Don't search the web or display web results in Search| HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchUseWeb
Value: 0 | | Set what information is shared in Search | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search
REG_DWORD: ConnectedSearchPrivacy
Value: 3 | -In Windows 10, version 1507 and Windows 10, version 1511, when you enable the **Don't search the web or display web results in Search** Group Policy, you can control the behavior of whether Cortana searches the web to display web results. However, this policy only covers whether or not web search is performed. There could still be a small amount of network traffic to Bing.com to evaluate if certain Cortana components are up-to-date or not. In order to turn off that network activity completely, you can create a Windows Firewall rule to prevent outbound traffic. - >[!IMPORTANT] >These steps are not required for devices running Windows 10, version 1607 or Windows Server 2016. @@ -446,8 +445,6 @@ If you're running Windows 10, version 1607, Windows Server 2016, or later: - **true**. Font streaming is enabled. -If you're running Windows 10, version 1507 or Windows 10, version 1511, create a REG\_DWORD registry setting named **DisableFontProviders** in **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\FontCache\\Parameters** with a value of 1. - > [!NOTE] > After you apply this policy, you must restart the device for it to take effect. @@ -541,7 +538,6 @@ You can also use registry entries to set these Group Policies. | Turn off background synchronization for feeds and Web Slices | HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Feeds
REG_DWORD: BackgroundSyncStatus
Value: 0| | Turn off Online Tips | HKEY\_LOCAL\_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer
REG_DWORD: AllowOnlineTips
Value: 0| -1. HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!AllowOnlineTips, 0, Null, Fail To turn off the home page, enable the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**. @@ -564,7 +560,25 @@ You can turn this off by: For more info, see [Out-of-date ActiveX control blocking](https://technet.microsoft.com/library/dn761713.aspx). -### 9. Live Tiles +### 9. License Manager + +You can turn off License Manager related traffic by setting the following registry entry: + +- Add a REG\_DWORD value named **Start** to **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\LicenseManager** and set the value to 4 + +- The value 4 is to disable the service. Here are the available options to set the registry: + + - **0x00000000** = Boot + + - **0x00000001** = System + + - **0x00000002** = Automatic + + - **0x00000003** = Manual + + - **0x00000004** = Disabled + +### 10. Live Tiles To turn off Live Tiles: @@ -576,7 +590,7 @@ To turn off Live Tiles: In Windows 10 Mobile, you must also unpin all tiles that are pinned to Start. -### 10. Mail synchronization +### 11. Mail synchronization To turn off mail synchronization for Microsoft Accounts that are configured on a device: @@ -598,7 +612,7 @@ To turn off the Windows Mail app: - Create a REG\_DWORD registry setting named **ManualLaunchAllowed** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Mail** with a value of 0 (zero). -### 11. Microsoft Account +### 12. Microsoft Account To prevent communication to the Microsoft Account cloud authentication service. Many apps and system components that depend on Microsoft Account authentication may lose functionality. Some of them could be in unexpected ways. For example, Windows Update will no longer offer feature updates to devices running Windows 10 1709 or higher. See [Feature updates are not being offered while other updates are](https://docs.microsoft.com/windows/deployment/update/windows-update-troubleshooting#feature-updates-are-not-being-offered-while-other-updates-are). @@ -616,15 +630,14 @@ To disable the Microsoft Account Sign-In Assistant: - Change the Start REG\_DWORD registry setting in **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\wlidsvc** to a value of **4**. -### 12. Microsoft Edge +### 13. Microsoft Edge Use either Group Policy or MDM policies to manage settings for Microsoft Edge. For more info, see [Microsoft Edge and privacy: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730682). -### 12.1 Microsoft Edge Group Policies +### 13.1 Microsoft Edge Group Policies Find the Microsoft Edge Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Edge**. - | Policy | Description | |------------------------------------------------------|-----------------------------------------------------------------------------------------------------| | Allow configuration updates for the Books Library | Choose whether configuration updates are done for the Books Library.
Default: Enabled | @@ -637,19 +650,6 @@ Find the Microsoft Edge Group Policy objects under **Computer Configuration** &g | Configure Start pages | Choose the Start page for domain-joined devices.
Set this to **\** | | Prevent the First Run webpage from opening on Microsoft Edge | Choose whether employees see the First Run webpage.
Set to: Enable | -The Windows 10, version 1511 Microsoft Edge Group Policy names are: - -| Policy | Description | -|------------------------------------------------------|-----------------------------------------------------------------------------------------------------| -| Allow address bar drop-down list suggestions | Choose whether employees can use Address Bar drop-down list suggestions.
Default: Disabled | -| Turn off autofill | Choose whether employees can use autofill on websites.
Default: Enabled | -| Allow employees to send Do Not Track headers | Choose whether employees can send Do Not Track headers.
Default: Disabled | -| Turn off password manager | Choose whether employees can save passwords locally on their devices.
Default: Enabled | -| Turn off Address Bar search suggestions | Choose whether the Address Bar shows search suggestions.
Default: Enabled | -| Turn off the SmartScreen Filter | Choose whether SmartScreen is turned on or off.
Default: Enabled | -| Open a new tab with an empty tab | Choose whether a new tab page appears.
Default: Enabled | -| Configure corporate Home pages | Choose the corporate Home page for domain-joined devices.
Set this to **about:blank** | - Alternatively, you can configure the Microsoft Group Policies using the following registry entries: | Policy | Registry path | @@ -666,7 +666,7 @@ Alternatively, you can configure the Microsoft Group Policies using the followin | Prevent the First Run webpage from opening on Microsoft Edge | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main
REG_DWORD name: PreventFirstRunPage
Value: 1| -### 12.2 Microsoft Edge MDM policies +### 13.2 Microsoft Edge MDM policies The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). @@ -683,7 +683,7 @@ The following Microsoft Edge MDM policies are available in the [Policy CSP](http For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). -### 13. Network Connection Status Indicator +### 14. Network Connection Status Indicator Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to http://www.msftconnecttest.com/connecttest.txt to determine if the device can communicate with the Internet. For more info about NCSI, see [The Network Connection Status Icon](http://blogs.technet.com/b/networking/archive/2012/12/20/the-network-connection-status-icon.aspx). @@ -702,7 +702,7 @@ You can turn off NCSI by doing one of the following: - Create a REG\_DWORD registry setting named **NoActiveProbe** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkConnectivityStatusIndicator** with a value of 1 (one). -### 14. Offline maps +### 15. Offline maps You can turn off the ability to download and update offline maps. @@ -724,11 +724,7 @@ You can turn off the ability to download and update offline maps. - Create a REG\_DWORD registry setting named **AllowUntriggeredNetworkTrafficOnSettingsPage** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a value of 0 (zero). - -or- - -- In Windows 10, version 1703 and later, apply the Settings/PageVisibilityList MDM policy from the [Policy CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-pagevisibilitylist) with a value of "hide:maps;maps-downloadmaps". - -### 15. OneDrive +### 16. OneDrive To turn off OneDrive in your organization: @@ -746,7 +742,12 @@ To turn off OneDrive in your organization: - Create a REG\_DWORD registry setting named **PreventNetworkTrafficPreUserSignIn** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\OneDrive** with a value of 1 (one). -### 16. Preinstalled apps + -or- + +- Set the System/DisableOneDriveFileSync MDM policy from the [Policy CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync) to True (value 1) to disable OneDrive File Sync. + + +### 17. Preinstalled apps Some preinstalled apps get content before they are opened to ensure a great experience. You can remove these using the steps in this section. @@ -866,49 +867,49 @@ To remove the Sticky notes app: Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.MicrosoftStickyNotes | Remove-AppxPackage** -### 17. Settings > Privacy +### 18. Settings > Privacy Use Settings > Privacy to configure some settings that may be important to your organization. Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. -- [17.1 General](#bkmk-general) +- [18.1 General](#bkmk-general) -- [17.2 Location](#bkmk-priv-location) +- [18.2 Location](#bkmk-priv-location) -- [17.3 Camera](#bkmk-priv-camera) +- [18.3 Camera](#bkmk-priv-camera) -- [17.4 Microphone](#bkmk-priv-microphone) +- [18.4 Microphone](#bkmk-priv-microphone) -- [17.5 Notifications](#bkmk-priv-notifications) +- [18.5 Notifications](#bkmk-priv-notifications) -- [17.6 Speech, inking, & typing](#bkmk-priv-speech) +- [18.6 Speech, inking, & typing](#bkmk-priv-speech) -- [17.7 Account info](#bkmk-priv-accounts) +- [18.7 Account info](#bkmk-priv-accounts) -- [17.8 Contacts](#bkmk-priv-contacts) +- [18.8 Contacts](#bkmk-priv-contacts) -- [17.9 Calendar](#bkmk-priv-calendar) +- [18.9 Calendar](#bkmk-priv-calendar) -- [17.10 Call history](#bkmk-priv-callhistory) +- [18.10 Call history](#bkmk-priv-callhistory) -- [17.11 Email](#bkmk-priv-email) +- [18.11 Email](#bkmk-priv-email) -- [17.12 Messaging](#bkmk-priv-messaging) +- [18.12 Messaging](#bkmk-priv-messaging) -- [17.13 Radios](#bkmk-priv-radios) +- [18.13 Radios](#bkmk-priv-radios) -- [17.14 Other devices](#bkmk-priv-other-devices) +- [18.14 Other devices](#bkmk-priv-other-devices) -- [17.15 Feedback & diagnostics](#bkmk-priv-feedback) +- [18.15 Feedback & diagnostics](#bkmk-priv-feedback) -- [17.16 Background apps](#bkmk-priv-background) +- [18.16 Background apps](#bkmk-priv-background) -- [17.17 Motion](#bkmk-priv-motion) +- [18.17 Motion](#bkmk-priv-motion) -- [17.18 Tasks](#bkmk-priv-tasks) +- [18.18 Tasks](#bkmk-priv-tasks) -- [17.19 App Diagnostics](#bkmk-priv-diag) +- [18.19 App Diagnostics](#bkmk-priv-diag) -### 17.1 General +### 18.1 General **General** includes options that don't fall into other areas. @@ -1025,7 +1026,7 @@ To turn off **Let apps on my other devices use Bluetooth to open apps and contin - Turn off the feature in the UI. -### 17.2 Location +### 18.2 Location In the **Location** area, you choose whether devices have access to location-specific sensors and which apps have access to the device's location. @@ -1084,7 +1085,7 @@ To turn off **Choose apps that can use your location**: - Turn off each app using the UI. -### 17.3 Camera +### 18.3 Camera In the **Camera** area, you can choose which apps can access a device's camera. @@ -1125,7 +1126,7 @@ To turn off **Choose apps that can use your camera**: - Turn off the feature in the UI for each app. -### 17.4 Microphone +### 18.4 Microphone In the **Microphone** area, you can choose which apps can access a device's microphone. @@ -1155,7 +1156,7 @@ To turn off **Choose apps that can use your microphone**: - Turn off the feature in the UI for each app. -### 17.5 Notifications +### 18.5 Notifications >[!IMPORTANT] >Disabling notifications will also disable the ability to manage the device through MDM. If you are using an MDM solution, make sure cloud notifications are enabled through one of the options below. @@ -1202,7 +1203,7 @@ To turn off **Let apps access my notifications**: - Create a REG\_DWORD registry setting named **LetAppsAccessNotifications** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two) -### 17.6 Speech, inking, & typing +### 18.6 Speech, inking, & typing In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better understand your employee's voice and written input by sampling their voice and writing, and by comparing verbal and written input to contact names and calendar entrees. @@ -1244,7 +1245,7 @@ Apply the Speech/AllowSpeechModelUpdate MDM policy from the [Policy CSP](https:/ - Create a REG\_DWORD registry setting named **ModelDownloadAllowed** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Speech_OneCore\\Preferences** with a value of 0 (zero). -### 17.7 Account info +### 18.7 Account info In the **Account Info** area, you can choose which apps can access your name, picture, and other account info. @@ -1274,7 +1275,7 @@ To turn off **Choose the apps that can access your account info**: - Turn off the feature in the UI for each app. -### 17.8 Contacts +### 18.8 Contacts In the **Contacts** area, you can choose which apps can access an employee's contacts list. @@ -1300,7 +1301,7 @@ To turn off **Choose apps that can access contacts**: - Create a REG\_DWORD registry setting named **LetAppsAccessContacts** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). -### 17.9 Calendar +### 18.9 Calendar In the **Calendar** area, you can choose which apps have access to an employee's calendar. @@ -1330,7 +1331,7 @@ To turn off **Choose apps that can access calendar**: - Turn off the feature in the UI for each app. -### 17.10 Call history +### 18.10 Call history In the **Call history** area, you can choose which apps have access to an employee's call history. @@ -1356,7 +1357,7 @@ To turn off **Let apps access my call history**: - Create a REG\_DWORD registry setting named **LetAppsAccessCallHistory** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). -### 17.11 Email +### 18.11 Email In the **Email** area, you can choose which apps have can access and send email. @@ -1382,7 +1383,7 @@ To turn off **Let apps access and send email**: - Create a REG\_DWORD registry setting named **LetAppsAccessEmail** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). -### 17.12 Messaging +### 18.12 Messaging In the **Messaging** area, you can choose which apps can read or send messages. @@ -1422,7 +1423,7 @@ To turn off **Choose apps that can read or send messages**: - Set the **Allow Message Service Cloud** to **Disable**. -### 17.13 Phone calls +### 18.13 Phone calls In the **Phone calls** area, you can choose which apps can make phone calls. @@ -1453,7 +1454,7 @@ To turn off **Choose apps that can make phone calls**: - Turn off the feature in the UI for each app. -### 17.14 Radios +### 18.14 Radios In the **Radios** area, you can choose which apps can turn a device's radio on or off. @@ -1484,7 +1485,7 @@ To turn off **Choose apps that can control radios**: - Turn off the feature in the UI for each app. -### 17.15 Other devices +### 18.15 Other devices In the **Other Devices** area, you can choose whether devices that aren't paired to PCs, such as an Xbox One, can share and sync info. @@ -1527,7 +1528,7 @@ To turn off **Let your apps use your trusted devices (hardware you've already co - **1**. Force allow - **2**. Force deny -### 17.16 Feedback & diagnostics +### 18.16 Feedback & diagnostics In the **Feedback & Diagnostics** area, you can choose how often you're asked for feedback and how much diagnostic and usage information is sent to Microsoft. @@ -1614,7 +1615,7 @@ To turn off tailored experiences with relevant tips and recommendations by using - Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Cloud Content** > **Do not use diagnostic data for tailored experiences** -### 17.17 Background apps +### 18.17 Background apps In the **Background Apps** area, you can choose which apps can run in the background. @@ -1643,7 +1644,7 @@ To turn off **Let apps run in the background**: > [!NOTE] > Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**. -### 17.18 Motion +### 18.18 Motion In the **Motion** area, you can choose which apps have access to your motion data. @@ -1667,7 +1668,7 @@ To turn off **Let Windows and your apps use your motion data and collect motion - Create a REG\_DWORD registry setting named **LetAppsAccessMotion** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two). -### 17.19 Tasks +### 18.19 Tasks In the **Tasks** area, you can choose which apps have access to your tasks. @@ -1689,7 +1690,7 @@ To turn this off: - **1**. Force allow - **2**. Force deny -### 17.20 App Diagnostics +### 18.20 App Diagnostics In the **App diagnostics** area, you can choose which apps have access to your diagnostic information. @@ -1710,7 +1711,7 @@ To turn this off: - **2**. Force deny -### 18. Software Protection Platform +### 19. Software Protection Platform Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following: @@ -1742,7 +1743,7 @@ For Windows Server 2016: The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS. -### 19. Storage health +### 20. Storage health Enterprise customers can manage updates to the Disk Failure Prediction Model. @@ -1753,7 +1754,7 @@ For Windows 10: - Create a REG\_DWORD registry setting named **AllowDiskHealthModelUpdates** in **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\StorageHealth** with a value of 0. -### 20. Sync your settings +### 21. Sync your settings You can control if your settings are synchronized: @@ -1784,7 +1785,7 @@ To turn off Messaging cloud sync: - Set the Group Policy Allow Message Service Cloud to Disable. The Group Policy path is Computer Configuration\Administrative templates\Windows Components\Messaging\Allow Message Service Cloud - Create a REG\_DWORD registry setting named **CloudServiceSyncEnabled** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Messaging** with a value of 0 (zero). -### 21. Teredo +### 22. Teredo You can disable Teredo by using Group Policy or by using the netsh.exe command. For more info on Teredo, see [Internet Protocol Version 6, Teredo, and Related Technologies](https://technet.microsoft.com/library/cc722030.aspx). @@ -1801,7 +1802,7 @@ You can disable Teredo by using Group Policy or by using the netsh.exe command. - From an elevated command prompt, run **netsh interface teredo set state disabled** -### 22. Wi-Fi Sense +### 23. Wi-Fi Sense >[!IMPORTANT] >Beginning with Windows 10, version 1803, Wi-Fi Sense is no longer available. The following section only applies to Windows 10, version 1709 and prior. Please see [Connecting to open Wi-Fi hotspots in Windows 10](https://privacy.microsoft.com/en-us/windows-10-open-wi-fi-hotspots) for more details. @@ -1830,7 +1831,7 @@ To turn off **Connect to suggested open hotspots** and **Connect to networks sha When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings screen, but they’re non-functional and they can’t be controlled by the employee. -### 23. Windows Defender +### 24. Windows Defender You can disconnect from the Microsoft Antimalware Protection Service. @@ -1890,7 +1891,7 @@ For Windows 10 only, you can stop Enhanced Notifications: You can also use the registry to turn off Malicious Software Reporting Tool diagnostic data by setting the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to 1. -### 23.1 Windows Defender SmartScreen +### 24.1 Windows Defender SmartScreen To disable Windows Defender Smartscreen: @@ -1920,7 +1921,7 @@ To disable Windows Defender Smartscreen: - Apply the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on. -### 24. Windows Media Player +### 25. Windows Media Player To remove Windows Media Player on Windows 10: @@ -1934,7 +1935,7 @@ To remove Windows Media Player on Windows Server 2016: - Run the following DISM command from an elevated command prompt: **dism /online /Disable-Feature /FeatureName:WindowsMediaPlayer** -### 25. Windows Spotlight +### 26. Windows Spotlight Windows Spotlight provides features such as different background images and text on the lock screen, suggested apps, Microsoft account notifications, and Windows tips. You can control it by using the user interface, MDM policy, or through Group Policy. @@ -1969,9 +1970,6 @@ If you're not running Windows 10, version 1607 or later, you can use the other o - **Personalization** > **Lock screen** > **Background** > **Windows spotlight**, select a different background, and turn off **Get fun facts, tips, tricks and more on your lock screen**. - > [!NOTE] - > In Windows 10, version 1507 and Windows 10, version 1511, this setting was named **Show me tips, tricks, and more on the lock screen**. - - **Personalization** > **Start** > **Occasionally show suggestions in Start**. - **System** > **Notifications & actions** > **Show me tips about Windows**. @@ -2010,7 +2008,7 @@ If you're not running Windows 10, version 1607 or later, you can use the other o For more info, see [Windows Spotlight on the lock screen](/windows/configuration/windows-spotlight). -### 26. Microsoft Store +### 27. Microsoft Store You can turn off the ability to launch apps from the Microsoft Store that were preinstalled or downloaded. This will also turn off automatic app updates, and the Microsoft Store will be disabled. @@ -2029,13 +2027,13 @@ On Windows Server 2016, this will block Microsoft Store calls from Universal Win - Create a new REG\_DWORD registry setting named **AutoDownload** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsStore** with a value of 2 (two). -### 26.1 Apps for websites +### 27.1 Apps for websites You can turn off apps for websites, preventing customers who visit websites that are registered with their associated app from directly launching the app. Disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Group Policy** > **Configure web-to-app linking with URI handlers** -### 27. Windows Update Delivery Optimization +### 28. Windows Update Delivery Optimization Windows Update Delivery Optimization lets you get Windows updates and Microsoft Store apps from sources in addition to Microsoft, which not only helps when you have a limited or unreliable Internet connection, but can also help you reduce the amount of bandwidth needed to keep all of your organization's PCs up-to-date. If you have Delivery Optimization turned on, PCs on your network may send and receive updates and apps to other PCs on your local network, if you choose, or to PCs on the Internet. @@ -2045,13 +2043,13 @@ Use the UI, Group Policy, MDM policies, or Windows Provisioning to set up Delive In Windows 10, version 1607, you can stop network traffic related to Windows Update Delivery Optimization by setting **Download Mode** to **Simple** (99) or **Bypass** (100), as described below. -### 27.1 Settings > Update & security +### 28.1 Settings > Update & security You can set up Delivery Optimization from the **Settings** UI. - Go to **Settings** > **Update & security** > **Windows Update** > **Advanced options** > **Choose how updates are delivered**. -### 27.2 Delivery Optimization Group Policies +### 28.2 Delivery Optimization Group Policies You can find the Delivery Optimization Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. @@ -2065,7 +2063,7 @@ You can find the Delivery Optimization Group Policy objects under **Computer Con Set the Delivery Optimization Group Policy to "Bypass" to prevent traffic. Alternatively, you can set the **Download Mode** policy by creating a new REG\_DWORD registry setting named **DODownloadMode** in **HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization** to a value of 100 (one hundred). -### 27.3 Delivery Optimization MDM policies +### 28.3 Delivery Optimization MDM policies The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). @@ -2078,7 +2076,7 @@ The following Delivery Optimization MDM policies are available in the [Policy CS | DeliveryOptimization/DOMaxUploadBandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| -### 27.4 Delivery Optimization Windows Provisioning +### 28.4 Delivery Optimization Windows Provisioning If you don't have an MDM server in your enterprise, you can use Windows Provisioning to configure the Delivery Optimization policies @@ -2094,7 +2092,7 @@ Use Windows ICD, included with the [Windows Assessment and Deployment Kit (Windo For more info about Delivery Optimization in general, see [Windows Update Delivery Optimization: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730684). -### 28. Windows Update +### 29. Windows Update You can turn off Windows Update by setting the following registry entries: @@ -2141,23 +2139,5 @@ You can turn off automatic updates by doing one of the following. This is not re - **5**. Turn off automatic updates. - -### 29. License Manager - -You can turn off License Manager related traffic by setting the following registry entry: - -- Add a REG\_DWORD value named **Start** to **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\LicenseManager** and set the value to 4 - -- The value 4 is to disable the service. Here are the available options to set the registry: - - - **0x00000000** = Boot - - - **0x00000001** = System - - - **0x00000002** = Automatic - - - **0x00000003** = Manual - - - **0x00000004** = Disabled - To learn more, see [Device update management](https://msdn.microsoft.com/library/windows/hardware/dn957432.aspx) and [Configure Automatic Updates by using Group Policy](https://technet.microsoft.com/library/cc720539.aspx). + diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md index 789395a1bf..f07f4f199a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md @@ -15,7 +15,7 @@ localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business Provisioning - + **Applies to:** - Windows 10 @@ -24,14 +24,14 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, - The Windows Hello for Business deployment type - If the environment is managed or federated -[Azure AD joined provisioning in a Managed environment](#Azure-AD-joined-provisioning-in-a-Managed-environment)
-[Azure AD joined provisioning in a Federated environment](#Azure-AD-joined-provisioning-in-a-Federated-environment)
-[Hybrid Azure AD joined provisioning in a Key Trust deployment in a Managed envrionment](#Hybrid-Azure-AD-joined-provisioning-in-a-Key-Trust-deployment-in-a-Managed-envrionment)
-[Hybrid Azure AD joined provisioning in a Certificate Trust deployment in a Managed environment](#Hybrid-Azure-AD-joined-provisioning-in-a-Certificate-Trust-deployment-in-a-Managed-environment)
-[Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Managed environment](#Hybrid-Azure-AD-joined-provisioning-in-a-synchronous-Certificate-Trust-deployment-in-a-Managed-environment)
-[Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Federated environment](#Hybrid-Azure-AD-joined-provisioning-in-a-synchronous-Certificate-Trust-deployment-in-a-Federated-environment)
-[Domain joined provisioning in an On-premises Key Trust deployment](#Domain-joined-provisioning-in-an-On-premises-Key-Trust-deployment)
-[Domain joined provisioning in an On-premises Certificate Trust deployment](#Domain-joined-provisioning-in-an-On-premises-Certificate-Trust-deployment)
+[Azure AD joined provisioning in a Managed environment](#azure-ad-joined-provisioning-in-a-managed-environment)
+[Azure AD joined provisioning in a Federated environment](#azure-ad-joined-provisioning-in-a-federated-environment)
+[Hybrid Azure AD joined provisioning in a Key Trust deployment in a Managed environment](#hybrid-azure-ad-joined-provisioning-in-a-key-trust-deployment-in-a-managed-environment)
+[Hybrid Azure AD joined provisioning in a Certificate Trust deployment in a Managed environment](#hybrid-azure-ad-joined-provisioning-in-a-certificate-trust-deployment-in-a-managed-environment)
+[Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Managed environment](#hybrid-azure-ad-joined-provisioning-in-a-synchronous-certificate-trust-deployment-in-a-managed-environment)
+[Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Federated environment](#hybrid-azure-ad-joined-provisioning-in-a-synchronous-certificate-trust-deployment-in-a-federated-environment)
+[Domain joined provisioning in an On-premises Key Trust deployment](#domain-joined-provisioning-in-an-on-premises-key-trust-deployment)
+[Domain joined provisioning in an On-premises Certificate Trust deployment](#domain-joined-provisioning-in-an-on-premises-certificate-trust-deployment)
@@ -45,7 +45,7 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, |C | The application sends the ADRS token, ukpub, attestation data, and device information to ADRS for user key registration. Azure DRS validates the MFA claim remains current. On successful validation, Azure DRS locates the user's object in Azure Active Directory, writes the key information to a multi-values attribute. The key information includes a reference to the device from which it was created. Azure Active Directory returns a key ID to the application which signals the end of user provisioning and the application exits.| -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) ## Azure AD joined provisioning in a Federated environment ![Azure AD joined provisioning in a Managed environment](images/howitworks/prov-aadj-federated.png) @@ -55,7 +55,7 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, |B | After receiving a ADRS access token, the application detects if the device has a Windows Hello biometric compatible sensor. If the application detects a biometric sensor, it gives the user the choice to enroll biometrics. After completing or skipping biometric enrollment, the application requires the user to create a PIN and the default (and fall-back gesture when used with biometrics). The user provides and confirms their PIN. Next, the application requests a Windows Hello for Business key pair from the key pre-generation pool, which includes attestation data. This is the user key (ukpub/ukpriv).| |C | The application sends the ADRS token, ukpub, attestation data, and device information to ADRS for user key registration. Azure DRS validates MFA claim remains current. On successful validation, Azure DRS locates the user's object in Azure Active Directory, writes the key information to a multi-values attribute. The key information includes a reference to the device from which it was created. Azure Active Directory returns key ID to the application which signals the end of user provisioning and the application exits.| -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) ## Hybrid Azure AD joined provisioning in a Key Trust deployment in a Managed envrionment ![Hybrid Azure AD joined provisioning in a Key Trust deployment in a Managed ennvironment](images/howitworks/prov-haadj-keytrust-managed.png) @@ -71,7 +71,7 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) ## Hybrid Azure AD joined provisioning in a Certificate Trust deployment in a Managed environment ![Hybrid Azure AD joined provisioning in a Certificate Trust deployment in a Managed environment](images/howitworks/prov-haadj-certtrust-managed.png) @@ -89,7 +89,7 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, > The newly provisionied user will not be able to sign in using Windows Hello for Business until Azure AD Connect successfully synchronizes the public key to the on-premises Active Directory. -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) ## Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Managed environment ![Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Managed environment](images/howitworks/prov-haadj-instant-certtrust-managed.png) @@ -106,7 +106,7 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, > Synchronous certificate enrollment does not depend on Azure AD Connect to syncrhonize the user's public key to issue the Windows Hello for Business authentication certificate. Users can sign-in using the certificate immediately after provisioning completes. Azure AD Connect continues to synchronize the public key to Active Directory, but is not show in this flow. -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) ## Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Federated environment ![Hybrid Azure AD joined provisioning in a synchronous Certificate Trust deployment in a Fedeerated environment](images/howitworks/prov-haadj-instant-certtrust-federated.png) @@ -122,7 +122,7 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, > [!IMPORTANT] > Synchronous certificate enrollment does not depend on Azure AD Connect to syncrhonize the user's public key to issue the Windows Hello for Business authentication certificate. Users can sign-in using the certificate immediately after provisioning completes. Azure AD Connect continues to synchronize the public key to Active Directory, but is not show in this flow. -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) ## Domain joined provisioning in an On-premises Key Trust deployment ![Domain joined provisioning in an On-premises Key Trust deployment](images/howitworks/prov-onprem-keytrust.png) @@ -133,7 +133,7 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, |C | The application sends the EDRS token, ukpub, attestation data, and device information to the Enterprise DRS for user key registration. Enterprise DRS validates the MFA claim remains current. On successful validation, the Enterprise DRS locates the user's object in Active Directory, writes the key information to a multi-values attribute. The key information includes a reference to the device from which it was created. The Enterprise DRS returns a key ID to the application, which represents the end of user key registration.| -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) ## Domain joined provisioning in an On-premises Certificate Trust deployment ![Domain joined provisioning in an On-premises Certificate Trust deployment](images/howitworks/prov-onprem-certtrust.png) @@ -147,4 +147,4 @@ Windows Hello for Business provisioning enables a user to enroll a new, strong, |F |The registration authority sends the certificate request to the enterprise issuing certificate authority. The certificate authority validates the certificate request is signed by a valid enrollment agent and, on success, issues a certificate and returns it to the registration authority that then returns the certificate to the application.| |G | The application receives the newly issued certificate and installs it into the Personal store of the user. This signals the end of provisioning.| -[Return to top](#Windows-Hello-for-Business-Provisioning) +[Return to top](#windows-hello-for-business-provisioning) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md index 71ad012ce7..6f443cff4f 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md @@ -30,7 +30,7 @@ The distributed systems on which these technologies were built involved several * [Public Key Infrastucture](#public-key-infrastructure) * [Directory Synchronization](#directory-synchronization) * [Federation](#federation) -* [MultiFactor Authetication](#multifactor-authentication) +* [MultiFactor Authentication](#multifactor-authentication) * [Device Registration](#device-registration) ## Directories ## @@ -140,4 +140,4 @@ If your environment is already federated and supports Azure device registration, 3. [New Installation Baseline](hello-hybrid-cert-new-install.md) 4. [Configure Azure Device Registration](hello-hybrid-cert-trust-devreg.md) 5. [Configure Windows Hello for Business settings](hello-hybrid-cert-whfb-settings.md) -6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md) \ No newline at end of file +6. [Sign-in and Provision](hello-hybrid-cert-whfb-provision.md) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index aebc17a2ae..1993139da7 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -62,7 +62,7 @@ The minimum required enterprise certificate authority that can be used with Wind > [!IMPORTANT] > For Azure AD joined device to authenticate to and use on-premises resources, ensure you: -> * Install the root certificate authority certificate for your organization in the user's trusted root certifcate store. +> * Install the root certificate authority certificate for your organization in the user's trusted root certificate store. > * Publish your certificate revocation list to a location that is available to Azure AD joined devices, such as a web-based url. ### Section Review diff --git a/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-federated.png b/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-federated.png index 454fe3df0a..8b003013f0 100644 Binary files a/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-federated.png and b/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-federated.png differ diff --git a/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png b/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png index 7f9774389c..bc2fdb105b 100644 Binary files a/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png and b/windows/security/identity-protection/hello-for-business/images/howitworks/devreg-aadj-managed.png differ diff --git a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md index 4b0bf32fe5..3964a0f292 100644 --- a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md +++ b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md @@ -95,6 +95,7 @@ This policy setting controls whether the elevation request prompt is displayed o - **Enabled** (Default) All elevation requests go to the secure desktop regardless of prompt behavior policy settings for administrators and standard users. - **Disabled** All elevation requests go to the interactive user's desktop. Prompt behavior policy settings for administrators and standard users are used. + ## User Account Control: Virtualize file and registry write failures to per-user locations This policy setting controls whether application write failures are redirected to defined registry and file system locations. This policy setting mitigates applications that run as administrator and write run-time application data to %ProgramFiles%, %Windir%, %Windir%\\system32, or HKLM\\Software. diff --git a/windows/security/identity-protection/vpn/vpn-conditional-access.md b/windows/security/identity-protection/vpn/vpn-conditional-access.md index e69b8ed62c..69944937b7 100644 --- a/windows/security/identity-protection/vpn/vpn-conditional-access.md +++ b/windows/security/identity-protection/vpn/vpn-conditional-access.md @@ -10,7 +10,7 @@ ms.author: pashort manager: elizapo ms.reviewer: ms.localizationpriority: medium -ms.date: 01/26/2019 +ms.date: 03/21/2019 --- # VPN and conditional access @@ -32,11 +32,7 @@ Conditional Access Platform components used for Device Compliance include the fo - Azure AD Certificate Authority - It is a requirement that the client certificate used for the cloud-based device compliance solution be issued by an Azure Active Directory-based Certificate Authority (CA). An Azure AD CA is essentially a mini-CA cloud tenant in Azure. The Azure AD CA cannot be configured as part of an on-premises Enterprise CA. -- Azure AD-issued short-lived certificates - When a VPN connection attempt is made, the Azure AD Token Broker on the local device communicates with Azure Active Directory, which then checks for health based on compliance rules. If compliant, Azure AD sends back a short-lived certificate that is used to authenticate the VPN. Note that certificate authentication methods such as EAP-TLS can be used. - - Additional details regarding the Azure AD issued short-lived certificate: - - The default lifetime is 60 minutes and is configurable - - When that certificate expires, the client will again check with Azure AD so that continued health can be validated before a new certificate is issued allowing continuation of the connection +- Azure AD-issued short-lived certificates - When a VPN connection attempt is made, the Azure AD Token Broker on the local device communicates with Azure Active Directory, which then checks for health based on compliance rules. If compliant, Azure AD sends back a short-lived certificate that is used to authenticate the VPN. Note that certificate authentication methods such as EAP-TLS can be used. When that certificate expires, the client will again check with Azure AD for health validation before a new certificate is issued. - [Microsoft Intune device compliance policies](https://docs.microsoft.com/intune/deploy-use/introduction-to-device-compliance-policies-in-microsoft-intune) - Cloud-based device compliance leverages Microsoft Intune Compliance Policies, which are capable of querying the device state and define compliance rules for the following, among other things. diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md index 1244ed3951..bfded5408a 100644 --- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md +++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md @@ -6,8 +6,12 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: aadake -ms.date: 12/20/2018 -ms.topic: article +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +ms.date: 03/26/2019 --- # Kernel DMA Protection for Thunderbolt™ 3 @@ -98,12 +102,12 @@ No, Kernel DMA Protection only protects against drive-by DMA attacks after the O DMA-remapping is supported for specific device drivers, and is not universally supported by all devices and drivers on a platform. To check if a specific driver is opted into DMA-remapping, check the values corresponding to the DMA Remapping Policy property in the Details tab of a device in Device Manager*. A value of 0 or 1 means that the device driver does not support DMA-remapping. A value of 2 means that the device driver supports DMA-remapping. Please check the driver instance for the device you are testing. Some drivers may have varying values depending on the location of the device (internal vs. external). -*For Windows 10 versions 1803 and 1809, the property field in Device Manager uses a GUID, as highlighted in the image below +*For Windows 10 versions 1803 and 1809, the property field in Device Manager uses a GUID, as highlighted in the following image. ![Kernel DMA protection user experience](images/device-details-tab.png) ### What should I do if the drivers for my Thunderbolt™ 3 peripherals do not support DMA-remapping? -If the peripherals do have class drivers provided by Windows 10, please use these drivers on your systems. If there are no class drivers provided by Windows for your peripherals, please contact your peripheral vendor/driver vendor to update the driver to support this functionality. Details for driver compatibility requirements can be found here (add link to OEM documentation). +If the peripherals do have class drivers provided by Windows 10, please use these drivers on your systems. If there are no class drivers provided by Windows for your peripherals, please contact your peripheral vendor/driver vendor to update the driver to support this functionality. Details for driver compatibility requirements can be found at the [Microsoft Partner Center](https://partner.microsoft.com/dashboard/collaborate/packages/4142). ### Do Microsoft drivers support DMA-remapping? In Windows 10 1803 and beyond, the Microsoft inbox drivers for USB XHCI (3.x) Controllers, Storage AHCI/SATA Controllers and Storage NVMe Controllers support DMA-remapping. diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md index 37232dee00..072e16abfe 100644 --- a/windows/security/information-protection/secure-the-windows-10-boot-process.md +++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md @@ -78,7 +78,7 @@ All x86-based Certified For Windows 10 PCs must meet several requirements relat These requirements help protect you from rootkits while allowing you to run any operating system you want. You have three options for running non-Microsoft operating systems: -- **Use an operating system with a certified bootloader.** Because all Certified For Windows 10 PCs must trust Microsoft’s certificate, Microsoft offers a service to analyze and sign any non-Microsoft bootloader so that it will be trusted by all Certified For Windows 10 PCs. In fact, an [open source bootloader](http://mjg59.dreamwidth.org/20303.html) capable of loading Linux is already available. To begin the process of obtaining a certificate, go to . +- **Use an operating system with a certified bootloader.** Because all Certified For Windows 10 PCs must trust Microsoft’s certificate, Microsoft offers a service to analyze and sign any non-Microsoft bootloader so that it will be trusted by all Certified For Windows 10 PCs. In fact, an [open source bootloader](http://mjg59.dreamwidth.org/20303.html) capable of loading Linux is already available. To begin the process of obtaining a certificate, go to . - **Configure UEFI to trust your custom bootloader.** All Certified For Windows 10 PCs allow you to trust a non-certified bootloader by adding a signature to the UEFI database, allowing you to run any operating system, including homemade operating systems. - **Turn off Secure Boot.** All Certified For Windows 10 PCs allow you to turn off Secure Boot so that you can run any software. This does not help protect you from bootkits, however. diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md index fbd2110915..fc50cfc48c 100644 --- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md +++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md @@ -11,7 +11,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 03/05/2019 +ms.date: 03/25/2019 --- # Create a Windows Information Protection (WIP) policy with MDM using the Azure portal for Microsoft Intune @@ -67,6 +67,9 @@ Before you can create a WIP policy using Intune, you need to configure an MDM or - [Recommended apps](#add-recommended-apps) - [Store apps](#add-store-apps) - [Desktop apps](#add-desktop-apps) + +>[!NOTE] +>An application might return access denied errors after removing it from the list of protected apps. Rather than remove it from the list, uninstall and reinstall the application or exempt it from WIP policy. ### Add recommended apps @@ -397,7 +400,7 @@ To define the network boundaries, click **App policy** > the name of your policy ![Microsoft Intune, Set where your apps can access enterprise data on your network](images/wip-azure-advanced-settings-network.png) -Select the type of network boundary to add from the **Boundary type** box. Type a name for your boundary into the **Name** box, add your values to the **Value** box, based on the following options, and then click **OK**. +Select the type of network boundary to add from the **Boundary type** box. Type a name for your boundary into the **Name** box, add your values to the **Value** box, based on the options covered in the following subsections, and then click **OK**. ### Cloud resources @@ -426,7 +429,7 @@ For example: URL <,proxy>|URL <,proxy>/*AppCompat*/ ``` -When using this string, we recommend that you also turn on [Azure Active Directory Conditional Access](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access), using the **Domain joined or marked as compliant** option, which blocks apps from accessing any enterprise cloud resources that are protected by conditional access. +When you use this string, we recommend that you also turn on [Azure Active Directory Conditional Access](https://docs.microsoft.com/azure/active-directory/active-directory-conditional-access), using the **Domain joined or marked as compliant** option, which blocks apps from accessing any enterprise cloud resources that are protected by conditional access. Value format with proxy: diff --git a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md index 4af9ce947b..46b7344b5f 100644 --- a/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md +++ b/windows/security/information-protection/windows-information-protection/recommended-network-definitions-for-wip.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 02/26/2019 +ms.date: 03/25/2019 --- # Recommended Enterprise Cloud Resources and Neutral Resources network settings with Windows Information Protection (WIP) @@ -38,8 +38,15 @@ This table includes the recommended URLs to add to your Enterprise Cloud Resourc |Visual Studio Online |contoso.visualstudio.com | |Power BI |contoso.powerbi.com | ->[!NOTE] ->You can add other work-only apps to the Cloud Resource list, or you can create a packaged app rule for the .exe file to protect every file the app creates or modifies. Depending on how the app is accessed, you might want to add both. +You can add other work-only apps to the Cloud Resource list, or you can create a packaged app rule for the .exe file to protect every file the app creates or modifies. Depending on how the app is accessed, you might want to add both. + +For Office 365 endpoints, see [Office 365 URLs and IP address ranges](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges). +Office 365 endpoints are updated monthly. +Allow the domains listed in section number 46 Allow Required and add also add the apps. +Note that apps from officeapps.live.com can also store personal data. + +When multiple files are selected from SharePoint Online or OneDrive, the files are aggregated and the URL can change. In this case, add a entry for a second-level domain and use a wildcard such as .svc.ms. + ## Recommended Neutral Resources We recommended adding these URLs if you use the Neutral Resources network setting with Windows Information Protection (WIP). diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 177a70d01a..39b145dc8d 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -73,8 +73,8 @@ #### [Secure score](windows-defender-atp/overview-secure-score-windows-defender-advanced-threat-protection.md) -##### [Threat analytics](windows-defender-atp/threat-analytics.md) -###### [Threat analytics for Spectre and Meltdown](windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md) +#### [Threat analytics](windows-defender-atp/threat-analytics.md) + #### [Advanced hunting](windows-defender-atp/overview-hunting-windows-defender-advanced-threat-protection.md) ##### [Query data using Advanced hunting](windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md) ###### [Advanced hunting reference](windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md) @@ -127,10 +127,10 @@ ### [Configure and manage capabilities](windows-defender-atp/onboard.md) #### [Configure attack surface reduction](windows-defender-atp/configure-attack-surface-reduction.md) -####Hardware-based isolation -##### [System isolation](windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md) -##### [Application isolation](windows-defender-application-guard/install-wd-app-guard.md) -###### [Configuration settings](windows-defender-application-guard/configure-wd-app-guard.md) +#####Hardware-based isolation +###### [System isolation](windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md) +###### [Application isolation](windows-defender-application-guard/install-wd-app-guard.md) +####### [Configuration settings](windows-defender-application-guard/configure-wd-app-guard.md) ##### [Application control](windows-defender-application-control/windows-defender-application-control.md) ##### Device control ###### [Control USB devices](device-control/control-usb-devices-using-intune.md) @@ -139,7 +139,6 @@ ######## [Hardware qualifications](windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md) ######## [Enable HVCI](windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md) ##### [Exploit protection](windows-defender-exploit-guard/enable-exploit-protection.md) -###### [Customize exploit protection](windows-defender-exploit-guard/customize-exploit-protection.md) ###### [Import/export configurations](windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md) ##### [Network protection](windows-defender-exploit-guard/enable-network-protection.md) ##### [Controlled folder access](windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md) @@ -235,11 +234,13 @@ ###### [Troubleshoot onboarding issues](windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) ####### [Troubleshoot subscription and portal access issues](windows-defender-atp/troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md) -##### [Use the Windows Defender ATP exposed APIs](windows-defender-atp/use-apis.md) -###### Create your app -####### [Get access on behalf of a user](windows-defender-atp/exposed-apis-create-app-nativeapp.md) -####### [Get access without a user](windows-defender-atp/exposed-apis-create-app-webapp.md) -###### [Supported Windows Defender ATP APIs](windows-defender-atp/exposed-apis-list.md) +##### [Windows Defender ATP API](windows-defender-atp/use-apis.md) +###### [Get started with Windows Defender ATP APIs](windows-defender-atp/apis-intro.md) +####### [Hello World](windows-defender-atp/api-hello-world.md) +####### [Get access with application context](windows-defender-atp/exposed-apis-create-app-webapp.md) +####### [Get access with user context](windows-defender-atp/exposed-apis-create-app-nativeapp.md) +###### [APIs](windows-defender-atp/exposed-apis-list.md) + ####### [Advanced Hunting](windows-defender-atp/run-advanced-query-api.md) ####### [Alert](windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md) @@ -253,6 +254,33 @@ ######## [Get alert related machine information](windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection-new.md) ######## [Get alert related user information](windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection-new.md) +####### [Machine](windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md) +######## [List machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md) +######## [Get machine by ID](windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md) +######## [Get machine log on users](windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection-new.md) +######## [Get machine related alerts](windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection-new.md) +######## [Add or Remove machine tags](windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md) +######## [Find machines by IP](windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md) + +####### [Machine Action](windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md) +######## [List Machine Actions](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection-new.md) +######## [Get Machine Action](windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection-new.md) +######## [Collect investigation package](windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection-new.md) +######## [Get investigation package SAS URI](windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection-new.md) +######## [Isolate machine](windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md) +######## [Release machine from isolation](windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection-new.md) +######## [Restrict app execution](windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection-new.md) +######## [Remove app restriction](windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md) +######## [Run antivirus scan](windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection-new.md) +######## [Offboard machine](windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md) +######## [Stop and quarantine file](windows-defender-atp/stop-and-quarantine-file-windows-defender-advanced-threat-protection-new.md) +######## [Initiate investigation (preview)](windows-defender-atp/initiate-autoir-investigation-windows-defender-advanced-threat-protection-new.md) + +####### [Indicators (preview)](windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md) +######## [Submit Indicator](windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md) +######## [List Indicators](windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md) +######## [Delete Indicator](windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) + ####### Domain ######## [Get domain related alerts](windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection-new.md) ######## [Get domain related machines](windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection-new.md) @@ -271,28 +299,6 @@ ######## [Get IP statistics](windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection-new.md) ######## [Is IP seen in organization](windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection-new.md) -####### [Machine](windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md) -######## [List machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md) -######## [Get machine by ID](windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md) -######## [Get machine log on users](windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection-new.md) -######## [Get machine related alerts](windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection-new.md) -######## [Add or Remove machine tags](windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md) -######## [Find machines by IP](windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md) - - -####### [Machine Action](windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md) -######## [List Machine Actions](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection-new.md) -######## [Get Machine Action](windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection-new.md) -######## [Collect investigation package](windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection-new.md) -######## [Get investigation package SAS URI](windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection-new.md) -######## [Isolate machine](windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md) -######## [Release machine from isolation](windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection-new.md) -######## [Restrict app execution](windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection-new.md) -######## [Remove app restriction](windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md) -######## [Run antivirus scan](windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection-new.md) -######## [Offboard machine](windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md) -######## [Stop and quarantine file](windows-defender-atp/stop-and-quarantine-file-windows-defender-advanced-threat-protection-new.md) - ####### [User](windows-defender-atp/user-windows-defender-advanced-threat-protection-new.md) ######## [Get user related alerts](windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection-new.md) ######## [Get user related machines](windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md) @@ -329,8 +335,8 @@ ###### [Enable SIEM integration](windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md) ###### [Configure Splunk to pull alerts](windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md) ###### [Configure HP ArcSight to pull alerts](windows-defender-atp/configure-arcsight-windows-defender-advanced-threat-protection.md) -###### [Windows Defender ATP alert API fields](windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md) -###### [Pull alerts using REST API](windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md) +###### [Windows Defender ATP SIEM alert API fields](windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md) +###### [Pull alerts using SIEM REST API](windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md) ###### [Troubleshoot SIEM tool integration issues](windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md) @@ -381,7 +387,8 @@ #####Rules ###### [Manage suppression rules](windows-defender-atp/manage-suppression-rules-windows-defender-advanced-threat-protection.md) -###### [Manage automation allowed/blocked](windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md) +###### [Manage automation allowed/blocked lists](windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md) +###### [Manage allowed/blocked lists](windows-defender-atp/manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md) ###### [Manage automation file uploads](windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md) ###### [Manage automation folder exclusions](windows-defender-atp/manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md) @@ -406,6 +413,7 @@ ####Troubleshoot attack surface reduction ##### [Network protection](windows-defender-exploit-guard/troubleshoot-np.md) ##### [Attack surface reduction rules](windows-defender-exploit-guard/troubleshoot-asr.md) +##### [Collect diagnostic data for files](windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md) #### [Troubleshoot next generation protection](windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md) diff --git a/windows/security/threat-protection/intelligence/supply-chain-malware.md b/windows/security/threat-protection/intelligence/supply-chain-malware.md index 82d2b453d7..dc3bb6897e 100644 --- a/windows/security/threat-protection/intelligence/supply-chain-malware.md +++ b/windows/security/threat-protection/intelligence/supply-chain-malware.md @@ -48,15 +48,17 @@ To learn more about supply chain attacks, read this blog post called [attack inc ### For software vendors and developers -* Take steps to ensure your apps are not compromised. - -* Maintain a secure and up-to-date infrastructure. Restrict access to critical build systems. +* Maintain a highly secure build and update infrastructure. * Immediately apply security patches for OS and software. - + * Implement mandatory integrity controls to ensure only trusted tools run. * Require multi-factor authentication for admins. -* Build secure software update processes as part of the software development lifecycle. +* Build secure software updaters as part of the software development lifecycle. + * Require SSL for update channels and implement certificate pinning. + * Sign everything, including configuration files, scripts, XML files, and packages. + * Check for digital signatures, and don’t let the software updater accept generic input and commands. * Develop an incident response process for supply chain attacks. + * Disclose supply chain incidents and notify customers with accurate and timely information For more general tips on protecting your systems and devices, see [prevent malware infection](prevent-malware-infection.md). \ No newline at end of file diff --git a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md index b7d6bd79e6..85021d7f4e 100644 --- a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md +++ b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md @@ -49,4 +49,4 @@ To be eligible for VIA your organization must: 3. Be willing to sign and adhere to the VIA membership agreement. -If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry). \ No newline at end of file +If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry). \ No newline at end of file diff --git a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md index f87f26230b..a889665a8c 100644 --- a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md +++ b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md @@ -18,29 +18,25 @@ ms.topic: article The Microsoft Virus Initiative (MVI) helps organizations to get their products working and integrated with Windows. -Like the [Virus Information Alliance (VIA)](virus-information-alliance-criteria.md) and the [Coordinated Malware Eradication (CME) program](coordinated-malware-eradication.md), MVI aims to share information about the threat landscape that can help your organization protect its customers. +MVI members will receive access to Windows APIs (such as those used by Windows Defender Antivirus), and other technologies including IOAV, AMSI and Cloud Files, malware telemetry and samples, and invitations to security related events and conferences. -MVI members will receive access to Windows APIs (such as those used by Windows Defender Security Center, IOAV, AMSI and Cloud Files), malware telemetry and samples, and invitations to security related events and conferences. - -MVI adds to VIA by requiring members to develop and own antimalware technology, and to be present in the antimalware industry community. +MVI requires members to develop and own antimalware technology and to be present in the antimalware industry community. ## Join MVI A request for membership is made by an individual as a representative of an organization that develops and produces antimalware or antivirus technology. -The base criteria for MVI membership are the same as for VIA, but your organization must also offer an antimalware or antivirus product. ### Initial selection criteria -Your organization must meet the following eligibility requirements to participate in the MVI program: +Your organization must meet the following eligibility requirements to qualify for the MVI program: 1. Offer an antimalware or antivirus product that is one of the following: * Your organization's own creation. - * Licensed from another organization, but your organization adds value such as additional Security intelligence. - * Developed by using an SDK (engine and other components) from another MVI Partner AM company and your organization adds a custom UI and/or other functionality (white box versions). + * Developed by using an SDK (engine and other components) from another MVI Partner company and your organization adds a custom UI and/or other functionality. -2. Have your own malware research team unless you distribute a Whitebox product. +2. Have your own malware research team unless you build a product based on an SDK. 3. Be active and have a positive reputation in the antimalware industry. Your organization is: @@ -51,10 +47,10 @@ Your organization must meet the following eligibility requirements to participat 5. Be willing to sign a program license agreement. -6. Be willing to adhere to program requirements for AM apps. These requirements define the behavior of AM apps necessary to ensure proper interaction with Windows. +6. Be willing to adhere to program requirements for antimalware apps. These requirements define the behavior of antimalware apps necessary to ensure proper interaction with Windows. -7. Submit your AM app to Microsoft for periodic performance testing. +7. Submit your app to Microsoft for periodic performance testing. ### Apply now -If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/wdsi/alliances/collaboration-inquiry). \ No newline at end of file +If your organization meets these criteria and is interested in joining, [apply for membership now](https://www.microsoft.com/en-us/wdsi/alliances/apply-alliance-membership). If you have questions, [contact us for more information](https://www.microsoft.com/en-us/wdsi/alliances/collaboration-inquiry). diff --git a/windows/security/threat-protection/mbsa-removal-and-guidance.md b/windows/security/threat-protection/mbsa-removal-and-guidance.md index 580a5b58bd..860ed64ab2 100644 --- a/windows/security/threat-protection/mbsa-removal-and-guidance.md +++ b/windows/security/threat-protection/mbsa-removal-and-guidance.md @@ -19,12 +19,12 @@ MBSA was largely used in situations where neither Microsoft Update nor a local W ## The Solution A script can help you with an alternative to MBSA’s patch-compliance checking: -- [Using WUA to Scan for Updates Offline](https://docs.microsoft.com/previous-versions/windows/desktop/aa387290(v=vs.85)), which includes a sample .vbs script. +- [Using WUA to Scan for Updates Offline](https://docs.microsoft.com/windows/desktop/wua_sdk/using-wua-to-scan-for-updates-offline), which includes a sample .vbs script. For a PowerShell alternative, see [Using WUA to Scan for Updates Offline with PowerShell](https://gallery.technet.microsoft.com/Using-WUA-to-Scan-for-f7e5e0be). For example: -[![VBS script](images/vbs-example.png)](https://docs.microsoft.com/previous-versions/windows/desktop/aa387290(v=vs.85)) +[![VBS script](images/vbs-example.png)](https://docs.microsoft.com/windows/desktop/wua_sdk/using-wua-to-scan-for-updates-offline) [![PowerShell script](images/powershell-example.png)](https://gallery.technet.microsoft.com/Using-WUA-to-Scan-for-f7e5e0be) The preceding scripts leverage the [WSUS offline scan file](https://support.microsoft.com/help/927745/detailed-information-for-developers-who-use-the-windows-update-offline) (wsusscn2.cab) to perform a scan and get the same information on missing updates as MBSA supplied. MBSA also relied on the wsusscn2.cab to determine which updates were missing from a given system without connecting to any online service or server. The wsusscn2.cab file is still available and there are currently no plans to remove or replace it. diff --git a/windows/security/threat-protection/security-policy-settings/create-global-objects.md b/windows/security/threat-protection/security-policy-settings/create-global-objects.md index d6d7af1bda..5b2eef2194 100644 --- a/windows/security/threat-protection/security-policy-settings/create-global-objects.md +++ b/windows/security/threat-protection/security-policy-settings/create-global-objects.md @@ -89,16 +89,6 @@ By default, members of the **Administrators** group, the System account, and ser When non-administrators need to access a server using Remote Desktop, add the users to the **Remote Desktop Users** group rather than assining them this user right. -### Vulnerability - ->**Caution:**  A user account that is given this user right has complete control over the system, and it can lead to the system being compromised. We highly recommend that you do not assign this right to any user accounts. -  -Windows examines a user's access token to determine the level of the user's privileges. Access tokens are built when users log on to the local device or connect to a remote device over a network. When you revoke a privilege, the change is immediately recorded, but the change is not reflected in the user's access token until the next time the user logs on or connects. Users with the ability to create or modify tokens can change the level of access for any currently logged on account. They could escalate their privileges or create a denial-of-service (DoS) condition. - -### Countermeasure - -Do not assign the **Create a token object** user right to any users. Processes that require this user right should use the Local System account, which already includes it, instead of a separate user account with this user right assigned. - ### Potential impact None. Not Defined is the default domain policy configuration. diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md index 1fd68c4416..5201ac7cf1 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md @@ -15,12 +15,12 @@ ms.topic: conceptual ms.date: 04/19/2017 --- -# Network security: Configure encryption types allowed for Kerberos Win7 only +# Network security: Configure encryption types allowed for Kerberos **Applies to** - Windows 10 -Describes the best practices, location, values and security considerations for the **Network security: Configure encryption types allowed for Kerberos Win7 only** security policy setting. +Describes the best practices, location, values and security considerations for the **Network security: Configure encryption types allowed for Kerberos** security policy setting. ## Reference @@ -67,9 +67,9 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Sec | Default domain policy| Not defined| | Default domain controller policy| Not defined| | Stand-alone server default settings | Not defined| -| Domain controller effective default settings | None of these encryption types that are available in this policy are allowed.| -| Member server effective default settings | None of these encryption types that are available in this policy are allowed.| -| Effective GPO default settings on client computers | None of these encryption types that are available in this policy are allowed.| +| Domain controller effective default settings | The default OS setting applies, DES suites are not supported by default.| +| Member server effective default settings | The default OS setting applies, DES suites are not supported by default.| +| Effective GPO default settings on client computers | The default OS setting applies, DES suites are not supported by default.|   ## Security considerations diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md index 4afd9a96e5..64037f0090 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md @@ -33,6 +33,8 @@ Custom exclusions take precedence over automatic exclusions. > [!TIP] > Custom and duplicate exclusions do not conflict with automatic exclusions. + + Windows Defender Antivirus uses the Deployment Image Servicing and Management (DISM) tools to determine which roles are installed on your computer. ## Opt out of automatic exclusions @@ -45,6 +47,9 @@ In Windows Server 2016, the predefined exclusions delivered by Security intellig > [!NOTE] > This setting is only supported on Windows Server 2016. While this setting exists in Windows 10, it doesn't have an effect on exclusions. +> [!TIP] +> Since the predefined exclusions only exclude **default paths**, if you move NTDS and SYSVOL to another drive or path *different than the original one*, you would have to manually add the exclusions using the information [here](configure-extension-file-exclusions-windows-defender-antivirus.md#configure-the-list-of-exclusions-based-on-folder-name-or-file-extension) . + You can disable the automatic exclusion lists with Group Policy, PowerShell cmdlets, and WMI. **Use Group Policy to disable the auto-exclusions list on Windows Server 2016:** @@ -382,4 +387,4 @@ This section lists the folder exclusions that are delivered automatically when y - [Configure and validate exclusions based on file name, extension, and folder location](configure-extension-file-exclusions-windows-defender-antivirus.md) - [Configure and validate exclusions for files opened by processes](configure-process-opened-file-exclusions-windows-defender-antivirus.md) - [Customize, initiate, and review the results of Windows Defender Antivirus scans and remediation](customize-run-review-remediate-scans-windows-defender-antivirus.md) -- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md) \ No newline at end of file +- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md) diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md index b2bfc0807f..5d587e3b8d 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md @@ -41,7 +41,7 @@ System Center Configuration Manager ([1](#fn1))|Use the [Endpoint Protection poi Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Windows Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Windows Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][] PowerShell|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference][] and [Update-MpSignature] [] cmdlets available in the Defender module|Use the appropriate [Get- cmdlets available in the Defender module][] Windows Management Instrumentation|Deploy with Group Policy, System Center Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][] -Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/powershell/servicemanagement/azure.antimalware/v3.4.0/azure.antimalware) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/powershell/servicemanagement/azure.antimalware/v3.4.0/azure.antimalware) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD. +Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Windows Defender Antivirus events][] and add that tool as an app in AAD. 1. The availability of some functions and features, especially related to cloud-delivered protection, differ between System Center Configuration Manager (Current Branch) and System Center Configuration Manager 2012. In this library, we've focused on Windows 10, Windows Server 2016, and System Center Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Windows Defender Antivirus](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2) diff --git a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md index 8a846cc675..787c9a85ad 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md @@ -45,6 +45,9 @@ There are specific network-connectivity requirements to ensure your endpoints ca - **Send safe samples automatically** - **Send all samples automatically** + >[!NOTE] + >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation. + > [!WARNING] > Setting to **Always Prompt** will lower the protection state of the device. Setting to **Never send** means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function. @@ -73,6 +76,9 @@ See [How to create and deploy antimalware policies: Cloud-protection service](ht 1. **Send safe samples** (1) 2. **Send all samples** (3) + >[!NOTE] + >**Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation. + > [!WARNING] > Setting to 0 (Always Prompt) will lower the protection state of the device. Setting to 2 (Never send) means the [Block at First Sight](configure-block-at-first-sight-windows-defender-antivirus.md) feature will not function. diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_10_ClientApps.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_10_ClientApps.png new file mode 100644 index 0000000000..40c268666e Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_10_ClientApps.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_11_Assignments.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_11_Assignments.png new file mode 100644 index 0000000000..035a3c3b29 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_11_Assignments.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_12_DeviceInstall.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_12_DeviceInstall.png new file mode 100644 index 0000000000..2ed2c65ff8 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_12_DeviceInstall.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_13_SystemPreferences.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_13_SystemPreferences.png new file mode 100644 index 0000000000..517583aa77 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_13_SystemPreferences.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_14_SystemPreferencesProfiles.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_14_SystemPreferencesProfiles.png new file mode 100644 index 0000000000..b12b0271fc Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_14_SystemPreferencesProfiles.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_15_ManagementProfileConfig.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_15_ManagementProfileConfig.png new file mode 100644 index 0000000000..a70a369613 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_15_ManagementProfileConfig.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_16_PreferenceDomain.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_16_PreferenceDomain.png new file mode 100644 index 0000000000..674bd944f4 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_16_PreferenceDomain.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_17_approvedKernelExtensions.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_17_approvedKernelExtensions.png new file mode 100644 index 0000000000..f33c8959c0 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_17_approvedKernelExtensions.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_18_ConfigurationProfilesScope.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_18_ConfigurationProfilesScope.png new file mode 100644 index 0000000000..35b3fda24e Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_18_ConfigurationProfilesScope.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_19_MicrosoftDefenderWDAVPKG.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_19_MicrosoftDefenderWDAVPKG.png new file mode 100644 index 0000000000..18bbcb06d4 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_19_MicrosoftDefenderWDAVPKG.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_1_RegisterApp.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_1_RegisterApp.png new file mode 100644 index 0000000000..3cc33ed139 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_1_RegisterApp.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_20_MicrosoftDefenderPackages.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_20_MicrosoftDefenderPackages.png new file mode 100644 index 0000000000..2ce5ef24b8 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_20_MicrosoftDefenderPackages.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_21_MDMProfile1.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_21_MDMProfile1.png new file mode 100644 index 0000000000..ec91e2e5ff Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_21_MDMProfile1.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_22_MDMProfileApproved.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_22_MDMProfileApproved.png new file mode 100644 index 0000000000..4c2a62a20f Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_22_MDMProfileApproved.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_23_MDMStatus.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_23_MDMStatus.png new file mode 100644 index 0000000000..b531be1c10 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_23_MDMStatus.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_24_StatusOnServer.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_24_StatusOnServer.png new file mode 100644 index 0000000000..466c76234e Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_24_StatusOnServer.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_25_StatusOnClient.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_25_StatusOnClient.png new file mode 100644 index 0000000000..e31a329e3b Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_25_StatusOnClient.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_26_Uninstall.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_26_Uninstall.png new file mode 100644 index 0000000000..aa0d5c7caf Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_26_Uninstall.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_27_UninstallScript.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_27_UninstallScript.png new file mode 100644 index 0000000000..200873d9d8 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_27_UninstallScript.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_28_AppInstall.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_28_AppInstall.png new file mode 100644 index 0000000000..84c4fc4f59 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_28_AppInstall.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_29_AppInstallLogin.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_29_AppInstallLogin.png new file mode 100644 index 0000000000..dede0a1038 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_29_AppInstallLogin.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_2_IntuneAppUtil.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_2_IntuneAppUtil.png new file mode 100644 index 0000000000..1bc70e06c0 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_2_IntuneAppUtil.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_30_SystemExtension.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_30_SystemExtension.png new file mode 100644 index 0000000000..40a57dee27 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_30_SystemExtension.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_31_SecurityPrivacySettings.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_31_SecurityPrivacySettings.png new file mode 100644 index 0000000000..e6fc0ad449 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_31_SecurityPrivacySettings.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_3_ConfirmDeviceMgmt.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_3_ConfirmDeviceMgmt.png new file mode 100644 index 0000000000..6771c71e42 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_3_ConfirmDeviceMgmt.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_4_ManagementProfile.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_4_ManagementProfile.png new file mode 100644 index 0000000000..a52e252d2e Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_4_ManagementProfile.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_5_allDevices.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_5_allDevices.png new file mode 100644 index 0000000000..1a84470e43 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_5_allDevices.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_6_SystemConfigurationProfiles.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_6_SystemConfigurationProfiles.png new file mode 100644 index 0000000000..be6bc477b4 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_6_SystemConfigurationProfiles.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_7_DeviceStatusBlade.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_7_DeviceStatusBlade.png new file mode 100644 index 0000000000..379f1bbddd Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_7_DeviceStatusBlade.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png new file mode 100644 index 0000000000..2cb9a5a416 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_8_IntuneAppInfo.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_9_IntunePkgInfo.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_9_IntunePkgInfo.png new file mode 100644 index 0000000000..4d848f6f96 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_9_IntunePkgInfo.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_Icon.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_Icon.png new file mode 100644 index 0000000000..68b5f4381a Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_Icon.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_Icon_Bar.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_Icon_Bar.png new file mode 100644 index 0000000000..6280f2d7d2 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_Icon_Bar.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md new file mode 100644 index 0000000000..9fb5a24ec2 --- /dev/null +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -0,0 +1,489 @@ +--- +title: Microsoft Defender ATP for Mac +description: Describes how to install and use Microsoft Defender ATP for Mac. +keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, mojave, high sierra, sierra +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +--- + +# Microsoft Defender ATP for Mac + +>[!IMPORTANT] +>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. + +This topic describes how to install and use Microsoft Defender ATP for Mac. It supports the preview program and the information here is subject to change. +Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. + +## Prerequisites +You should have beginner-level experience in macOS and BASH scripting. You must have administrative privileges on the machine. + +You should also have access to Windows Defender Security Center. + +### System Requirements +Microsoft Defender ATP for Mac system requirements: +- macOS version: 10.14 (Mojave), 10.13 (High Sierra), 10.12 (Sierra) +- Disk space during preview: 1GB +- The following URLs must be accessible from the Mac device: + - ```https://fresno.blob.core.windows.net/preview/macos/wdav.pkg ```
+ - ```https://cdn.x.cp.wd.microsoft.com/ ```
+ - ```https://eu-cdn.x.cp.wd.microsoft.com/ ```
+ - ```https://wu-cdn.x.cp.wd.microsoft.com/ ```
+ - ```https://x.cp.wd.microsoft.com/ ```
+ - ```https://asia.x.cp.wd.microsoft.com/ ```
+ - ```https://australia.x.cp.wd.microsoft.com/ ```
+ - ```https://europe.x.cp.wd.microsoft.com/ ```
+ - ```https://unitedkingdom.x.cp.wd.microsoft.com/ ```
+ - ```https://unitedstates.x.cp.wd.microsoft.com/ ```
+ +## Installation and configuration overview +There are various methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac. +In general you'll need to take the following steps: +- [Register macOS devices](#register-macos-devices) with Windows Defender ATP +- Deploy Microsoft Defender ATP for Mac using any of the following deployment methods and tools: + - [Microsoft Intune based deployment](#microsoft-intune-based-deployment) + - [JAMF based deployment](#jamf-based-deployment) + - [Manual deployment](#manual-deployment) + +## Register macOS devices +To onboard your devices for Microsoft Defender ATP for Mac, you must register the devices with Windows Defender ATP and provide consent to submit telemetry. + +Use the following URL to give consent to submit telemetry: ```https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=f9eb614c-7a8e-422a-947d-2059e657d855&response_type=code&sso_reload=true``` + +> [!NOTE] +> You may get an error that a page on ```https://ppe.fresno.wd.microsoft.com``` cannot be opened. Disregard the error as it does not affect the onboarding process. + + +![App registration permission screenshot](images/MDATP_1_RegisterApp.png) + +## Deploy Microsoft Defender ATP for Mac +Use any of the supported methods to deploy Microsoft Defender ATP for Mac + +## Microsoft Intune based deployment + +### Download installation and onboarding packages +Download the installation and onboarding packages from Windows Defender Security Center: +1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**. +2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Mobile Device Management / Microsoft Intune**. +3. In Section 2 of the page, click **Download installation package**. Save it as wdav.pkg to a local directory. +4. In Section 2 of the page, click **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory. +5. Download IntuneAppUtil from https://docs.microsoft.com/en-us/intune/lob-apps-macos. + + ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png) + +6. From a command prompt, verify that you have the three files. + Extract the contents of the .zip files: + + ``` + mavel-macmini:Downloads test$ ls -l + total 721688 + -rw-r--r-- 1 test staff 269280 Mar 15 11:25 IntuneAppUtil + -rw-r--r-- 1 test staff 11821 Mar 15 09:23 WindowsDefenderATPOnboardingPackage.zip + -rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg + mavel-macmini:Downloads test$ unzip WindowsDefenderATPOnboardingPackage.zip + Archive: WindowsDefenderATPOnboardingPackage.zip + warning: WindowsDefenderATPOnboardingPackage.zip appears to use backslashes as path separators + inflating: intune/kext.xml + inflating: intune/WindowsDefenderATPOnboarding.xml + inflating: jamf/WindowsDefenderATPOnboarding.plist + mavel-macmini:Downloads test$ + ``` +7. Make IntuneAppUtil an executable: + + ```mavel-macmini:Downloads test$ chmod +x IntuneAppUtil``` + +8. Create the wdav.pkg.intunemac package from wdav.pkg: + + ``` + mavel-macmini:Downloads test$ ./IntuneAppUtil -c wdav.pkg -o . -i "com.microsoft.wdav" -n "1.0.0" + Microsoft Intune Application Utility for Mac OS X + Version: 1.0.0.0 + Copyright 2018 Microsoft Corporation + + Creating intunemac file for /Users/test/Downloads/wdav.pkg + Composing the intunemac file output + Output written to ./wdav.pkg.intunemac. + + IntuneAppUtil successfully processed "wdav.pkg", + to deploy refer to the product documentation. + ``` + +### Client Machine Setup +You need no special provisioning for a Mac machine beyond a standard [Company Portal installation](https://docs.microsoft.com/en-us/intune-user-help/enroll-your-device-in-intune-macos-cp). + +1. You'll be asked to confirm device management. + +![Confirm device management screenshot](images/MDATP_3_ConfirmDeviceMgmt.png) + +2. Click the **Continue** button, and your Management Profile is displayed as verified: + +![Management profile screenshot](images/MDATP_4_ManagementProfile.png) + +You can enroll additional machines. Optionally, you can do it later, after system configuration and application package are provisioned. + +3. In Intune, open the **Manage > Devices > All devices** blade. You'll see your machine: + +![Add Devices screenshot](images/MDATP_5_allDevices.png) + +### Create System Configuration profiles +1. In Intune open the **Manage > Device configuration** blade. Click **Manage > Profiles > Create Profile**. +2. Choose a name for the profile. Change **Platform=macOS**, **Profile type=Custom**. Click **Configure**. +3. Open the configuration profile and upload intune/kext.xml. This file was created during the Generate settings step above. +4. Click **OK**. + + ![System configuration profiles screenshot](images/MDATP_6_SystemConfigurationProfiles.png) + +5. **Click Manage > Assignments**. In the **Include** tab, click **Assign to All Users & All devices**. +7. Repeat these steps with the second profile. +8. Create Profile one more time, give it a name, upload the intune/WindowsDefenderATPOnboarding.xml file. +9. Click **Manage > Assignments**. In the Include tab, click **Assign to All Users & All devices**. + +After Intune changes are propagated to the enrolled machines, you'll see it on the **Monitor > Device status** blade: + +![System configuration profiles screenshot](images/MDATP_7_DeviceStatusBlade.png) + +### Publish application + +1. In Intune, open the **Manage > Client apps** blade. Click **Apps > Add**. +2. Select **App type=Other/Line-of-business app**. +3. Select **file=wdav.pkg.intunemac**. Click **OK** to upload. +4. Click **Configure** and add the required information. +5. Use **macOS Sierra 10.12** as the minimum OS. Other settings can be any other value. + + ![Device status blade screenshot](images/MDATP_8_IntuneAppInfo.png) + +6. Click **OK** and **Add**. + + ![Device status blade screenshot](images/MDATP_9_IntunePkgInfo.png) + +7. It will take a while to upload the package. After it's done, click the name and then go to **Assignments** and **Add group**. + + ![Client apps screenshot](images/MDATP_10_ClientApps.png) + +8. Change **Assignment type=Required**. +9. Click **Included Groups**. Select **Make this app required for all devices=Yes**. Click **Select group to include** and add a group that contains the users you want to target. Select **OK** and **Save**. + + ![Intune assignments info screenshot](images/MDATP_11_Assignments.png) + +10. After some time the application will be published to all enrolled machines. You'll see it on the **Monitor > Device** install status blade: + + ![Intune device status screenshot](images/MDATP_12_DeviceInstall.png) + +### Verify client machine state +1. After the configuration profiles are deployed to your machines, on your Mac device, open **System Preferences > Profiles**. + + ![System Preferences screenshot](images/MDATP_13_SystemPreferences.png) + ![System Preferences Profiles screenshot](images/MDATP_14_SystemPreferencesProfiles.png) + +2. Verify the three profiles listed there: + ![Profiles screenshot](images/MDATP_15_ManagementProfileConfig.png) + +3. The **Management Profile** should be the Intune system profile. +4. wdav-config and wdav-kext are system configuration profiles that we added in Intune. +5. You should also see the Microsoft Defender icon in the top-right corner: + + ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) + +## JAMF based deployment +### Prerequsites +You need to be familiar with JAMF administration tasks, have a JAMF tenant, and know how to deploy packages. This includes a properly configured distribution point. JAMF has many alternative ways to complete the same task. These instructions provide you an example for most common processes. Your organization might use a different workflow. + + +### Download installation and onboarding packages +Download the installation and onboarding packages from Windows Defender Security Center: +1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**. +2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Mobile Device Management / Microsoft Intune**. +3. In Section 2 of the page, click **Download installation package**. Save it as wdav.pkg to a local directory. +4. In Section 2 of the page, click **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory. + + ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png) + +5. From a command prompt, verify that you have the two files. + Extract the contents of the .zip files: + + ``` + mavel-macmini:Downloads test$ ls -l + total 721160 + -rw-r--r-- 1 test staff 11821 Mar 15 09:23 WindowsDefenderATPOnboardingPackage.zip + -rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg + mavel-macmini:Downloads test$ unzip WindowsDefenderATPOnboardingPackage.zip + Archive: WindowsDefenderATPOnboardingPackage.zip + warning: WindowsDefenderATPOnboardingPackage.zip appears to use backslashes as path separators + inflating: intune/kext.xml + inflating: intune/WindowsDefenderATPOnboarding.xml + inflating: jamf/WindowsDefenderATPOnboarding.plist + mavel-macmini:Downloads test$ + ``` + +### Create JAMF Policies +You need to create a configuration profile and a policy to start deploying Microsoft Defender ATP for Mac to client machines. + +#### Configuration Profile +The configuration profile contains one custom settings payload that includes: + +- Microsoft Defender ATP for Mac onboarding information +- Approved Kernel Extensions payload to enable the Microsoft kernel driver to run + + +1. Upload jamf/WindowsDefenderATPOnboarding.plist as the Property List File. + + >[!NOTE] + > You must use exactly "com.microsoft.wdav.atp" as the Preference Domain. + + ![Configuration profile screenshot](images/MDATP_16_PreferenceDomain.png) + +#### Approved Kernel Extension + +To approve the kernel extension: +1. In **Computers > Configuration Profiles** click **Options > Approved Kernel Extensions**. +2. Use **UBF8T346G9** for Team Id. + +![Approved kernel extensions screenshot](images/MDATP_17_approvedKernelExtensions.png) + +#### Configuration Profile's Scope +Configure the appropriate scope to specify the machines that will receive this configuration profile. + +In the Configuration Profiles, click **Scope > Targets**. Select the appropriate Target computers. + +![Configuration profile scope screenshot](images/MDATP_18_ConfigurationProfilesScope.png) + +Save the **Configuration Profile**. + +Use the **Logs** tab to monitor deployment status for each enrolled machine. + +#### Package +1. Create a package in **Settings > Computer Management > Packages**. + + ![Computer management packages screenshot](images/MDATP_19_MicrosoftDefenderWDAVPKG.png) + +2. Upload wdav.pkg to the Distribution Point. +3. In the **filename** field, enter the name of the package. For example, wdav.pkg. + +#### Policy +Your policy should contain a single package for Microsoft Defender. + +![Microsoft Defender packages screenshot](images/MDATP_20_MicrosoftDefenderPackages.png) + +Configure the appropriate scope to specify the computers that will receive this policy. + +After you save the Configuration Profile, you can use the Logs tab to monitor the deployment status for each enrolled machine. + +### Client machine setup +You need no special provisioning for a macOS computer beyond the standard JAMF Enrollment. + +> [!NOTE] +> After a computer is enrolled, it will show up in the Computers inventory (All Computers). + +1. Open the machine details, from **General** tab, and make sure that **User Approved MDM** is set to **Yes**. If it's set to No, the user needs to open **System Preferences > Profiles** and click **Approve** on the MDM Profile. + +![MDM approve button screenshot](images/MDATP_21_MDMProfile1.png) +![MDM screenshot](images/MDATP_22_MDMProfileApproved.png) + +After some time, the machine's User Approved MDM status will change to Yes. + +![MDM status screenshot](images/MDATP_23_MDMStatus.png) + +You can enroll additional machines now. Optionally, can do it after system configuration and application packages are provisioned. + + +### Deployment +Enrolled client machines periodically poll the JAMF Server and install new configuration profiles and policies as soon as they are detected. + +#### Status on server +You can monitor the deployment status in the Logs tab: + - **Pending** means that the deployment is scheduled but has not yet happened + - **Completed** means that the deployment succeeded and is no longer scheduled + +![Status on server screenshot](images/MDATP_24_StatusOnServer.png) + + +#### Status on client machine +After the Configuration Profile is deployed, you'll see the profile on the machine in the **System Preferences > Profiles >** Name of Configuration Profile. + +![Status on client screenshot](images/MDATP_25_StatusOnClient.png) + +After the policy is applied, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner. + +![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) + +You can monitor policy installation on a machine by following the JAMF's log file: + +``` +mavel-mojave:~ testuser$ tail -f /var/log/jamf.log +Thu Feb 21 11:11:41 mavel-mojave jamf[7960]: No patch policies were found. +Thu Feb 21 11:16:41 mavel-mojave jamf[8051]: Checking for policies triggered by "recurring check-in" for user "testuser"... +Thu Feb 21 11:16:43 mavel-mojave jamf[8051]: Executing Policy WDAV +Thu Feb 21 11:17:02 mavel-mojave jamf[8051]: Installing Microsoft Defender... +Thu Feb 21 11:17:23 mavel-mojave jamf[8051]: Successfully installed Microsoft Defender. +Thu Feb 21 11:17:23 mavel-mojave jamf[8051]: Checking for patches... +Thu Feb 21 11:17:23 mavel-mojave jamf[8051]: No patch policies were found. +``` + +You can also check the onboarding status: +``` +mavel-mojave:~ testuser$ /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py +uuid : 69EDB575-22E1-53E1-83B8-2E1AB1E410A6 +orgid : 79109c9d-83bb-4f3e-9152-8d75ee59ae22 +orgid managed : 79109c9d-83bb-4f3e-9152-8d75ee59ae22 +orgid effective : 79109c9d-83bb-4f3e-9152-8d75ee59ae22 +``` + +- **orgid/orgid managed**: This is the Microsoft Defender ATP org id specified in the configuration profile. If this value is blank, then the Configuration Profile was not properly set. + +- **orgid effective**: This is the Microsoft Defender ATP org id currently in use. If it does not match the value in the Configuration Profile, then the configuration has not been refreshed. + +### Uninstalling Microsoft Defender ATP for Mac +#### Uninstalling with a script + +Create a script in **Settings > Computer Management > Scripts**. + +![Microsoft Defender uninstall screenshot](images/MDATP_26_Uninstall.png) + +For example, this script removes Microsoft Defender ATP from the /Applications directory: + +``` +echo "Is WDAV installed?" +ls -ld '/Applications/Microsoft Defender.app' 2>/dev/null + +echo "Uninstalling WDAV..." +rm -rf '/Applications/Microsoft Defender.app' + +echo "Is WDAV still installed?" +ls -ld '/Applications/Microsoft Defender.app' 2>/dev/null + +echo "Done!" +``` + +#### Uninstalling with a policy +Your policy should contain a single script: + +![Microsoft Defender uninstall script screenshot](images/MDATP_27_UninstallScript.png) + +Configure the appropriate scope in the **Scope** tab to specify the machines that will receive this policy. + +### Check onboarding status + +You can check that machines are correctly onboarded by creating a script. For example, the following script checks that enrolled machines are onboarded: + +``` +/Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py | grep -E 'orgid effective : [-a-zA-Z0-9]+' +``` + +This script returns 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service, and another exit code if it is not installed or registered. + +## Manual deployment + +### Download installation and onboarding packages +Download the installation and onboarding packages from Windows Defender Security Center: +1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**. +2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Mobile Device Management / Microsoft Intune**. +3. In Section 2 of the page, click **Download installation package**. Save it as wdav.pkg to a local directory. +4. In Section 2 of the page, click **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory. + + ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png) + +5. From a command prompt, verify that you have the two files. + Extract the contents of the .zip files: + + ``` + mavel-macmini:Downloads test$ ls -l + total 721152 + -rw-r--r-- 1 test staff 6185 Mar 15 10:45 WindowsDefenderATPOnboardingPackage.zip + -rw-r--r-- 1 test staff 354531845 Mar 13 08:57 wdav.pkg + mavel-macmini:Downloads test$ unzip WindowsDefenderATPOnboardingPackage.zip + Archive: WindowsDefenderATPOnboardingPackage.zip + inflating: WindowsDefenderATPOnboarding.py + ``` + +### Application installation +To complete this process, you must have admin privileges on the machine. + +1. Download the wdav.pkg from: https://fresno.blob.core.windows.net/preview/macos/wdav.pkg. + +2. Navigate to the downloaded wdav.pkg in Finder and open it. + + ![App install screenshot](images/MDATP_28_AppInstall.png) + +3. Click **Continue**, agree with the License terms, and enter the password when prompted. + + ![App install screenshot](images/MDATP_29_AppInstallLogin.png) + + > [!IMPORTANT] + > You will be prompted to allow a driver from Microsoft to be installed (either "System Exception Blocked" or "Installation is on hold" or both. The driver must be allowed to be installed. + + ![App install screenshot](images/MDATP_30_SystemExtension.png) + +4. Click **Open Security Preferences** or **Open System Preferences > Security & Privacy**. Click **Allow**: + + ![Security and privacy window screenshot](images/MDATP_31_SecurityPrivacySettings.png) + + +The installation will proceed. + +> [!NOTE] +> If you don't click **Allow**, the installation will fail after 5 minutes. You can restart it again at any time. + +### Client configuration +1. Copy wdav.pkg and WindowsDefenderATPOnboarding.py to the machine where you deploy Microsoft Defender ATP for Mac. + + The client machine is not associated with orgId. Note that the orgid is blank. + + ``` + mavel-mojave:wdavconfig testuser$ /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py + uuid : 69EDB575-22E1-53E1-83B8-2E1AB1E410A6 + orgid : + ``` +2. Install the configuration file on a client machine: + + ``` + mavel-mojave:wdavconfig testuser$ python WindowsDefenderATPOnboarding.py + Generating /Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist ... (You may be required to enter sudos password) + ``` + +3. Verify that the machine is now associated with orgId: + + ``` + mavel-mojave:wdavconfig testuser$ /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py + uuid : 69EDB575-22E1-53E1-83B8-2E1AB1E410A6 + orgid : E6875323-A6C0-4C60-87AD-114BBE7439B8 + ``` +After installation, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner. + + ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) + +## Uninstallation +### Removing Microsoft Defender ATP from Mac devices +To remove Microsoft Defender ATP from your macOS devices: + +- Open **Finder > Applications**. Right click on **Microsoft Defender ATP > Move to Trash**. + +Or, from a command line: + +- ```sudo rm -rf '/Applications/Microsoft Defender ATP'``` + +## Known issues +- Microsoft Defender ATP is not yet optimized for performance or disk space. +- Centrally managed uninstall using Intune/JAMF is still in development. To uninstall (as a workaround) an uninstall action has to be completed on each client device). +- Geo preference for telemetry traffic is not yet supported. Cloud traffic (definition updates) routed to US only. +- Full Windows Defender ATP integration is not yet available +- Not localized yet +- There might be accessibility issues + +### Installation issues +If an error occurs during installation, the installer will only report a general failure. The detailed log is saved to /Library/Logs/Microsoft/wdav.install.log. If you experience issues during installation, send us this file so we can help diagnose the cause. You can also contact _**xplatpreviewsupport@microsoft.com**_ for support on onboarding issues. + + +For feedback on the preview, contact: _**mdatpfeedback@microsoft.com**_. + + + diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-turn-on.png b/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-turn-on.png index 48aa702feb..1afbd303b0 100644 Binary files a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-turn-on.png and b/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-turn-on.png differ diff --git a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md index 2ee928baee..7bbb3edc4c 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md @@ -76,6 +76,11 @@ Application Guard functionality is turned off by default. However, you can quick Application Guard and its underlying dependencies are all installed. **To install by using PowerShell** + +>[!NOTE] +>Ensure your devices have met all system requirements prior to this step. PowerShell will install the feature without checking system requirements. If your devices don't meet the system requirements, Application Guard may not work. This step is recommended for enterprise managed scenarios only. + + 1. Click the **Search** or **Cortana** icon in the Windows 10 taskbar and type **PowerShell**. 2. Right-click **Windows PowerShell**, and then click **Run as administrator**. diff --git a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md index 8f6c1b0a34..092d966221 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md @@ -8,7 +8,7 @@ ms.pagetype: security ms.localizationpriority: medium author: justinha ms.author: justinha -ms.date: 01/16/2019 +ms.date: 03/15/2019 --- # Application Guard testing scenarios @@ -25,7 +25,7 @@ You can see how an employee would use standalone mode with Application Guard. **To test Application Guard in Standalone mode** -1. Install Application Guard, using the [installation](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard) steps in this guide. +1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard). 2. Restart the device, start Microsoft Edge, and then click **New Application Guard window** from the menu. @@ -46,7 +46,7 @@ How to install, set up, turn on, and configure Application Guard for Enterprise- ### Install, set up, and turn on Application Guard Before you can use Application Guard in enterprise mode, you must install Windows 10 Enterprise edition, version 1709, which includes the functionality. Then, you must use Group Policy to set up the required settings. -1. Install Application Guard, using the [installation](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard#install-application-guard) steps in this guide. +1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard#install-application-guard). 2. Restart the device and then start Microsoft Edge. @@ -68,7 +68,7 @@ Before you can use Application Guard in enterprise mode, you must install Window 4. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Turn on Windows Defender Application Guard in Enterprise Mode** setting. -5. Click **Enabled** and click **OK**. +5. Click **Enabled**, choose Option **1**, and click **OK**. ![Group Policy editor with Turn On/Off setting](images/appguard-gp-turn-on.png) diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index ef54564a38..fec81066d3 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -70,8 +70,8 @@ ### [Secure score](overview-secure-score-windows-defender-advanced-threat-protection.md) -#### [Threat analytics](threat-analytics.md) -#### [Threat analytics for Spectre and Meltdown](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md) +### [Threat analytics](threat-analytics.md) + ### [Advanced hunting](overview-hunting-windows-defender-advanced-threat-protection.md) @@ -136,7 +136,6 @@ ####### [Hardware qualifications](../windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md) ####### [Enable HVCI](../windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md) #### [Exploit protection](../windows-defender-exploit-guard/enable-exploit-protection.md) -##### [Customize exploit protection](../windows-defender-exploit-guard/customize-exploit-protection.md) ##### [Import/export configurations](../windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md) #### [Network protection](../windows-defender-exploit-guard/enable-network-protection.md) #### [Controlled folder access](../windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md) @@ -232,11 +231,13 @@ ###### [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md) -#### [Use the Windows Defender ATP exposed APIs](use-apis.md) -##### Create your app -###### [Get access on behalf of a user](exposed-apis-create-app-nativeapp.md) -###### [Get access without a user](exposed-apis-create-app-webapp.md) -##### [Supported Windows Defender ATP APIs](exposed-apis-list.md) +#### [Windows Defender ATP API](use-apis.md) +##### [Get started with Windows Defender ATP APIs](apis-intro.md) +###### [Hello World](api-hello-world.md) +###### [Get access with application context](exposed-apis-create-app-webapp.md) +###### [Get access with user context](exposed-apis-create-app-nativeapp.md) +##### [APIs](exposed-apis-list.md) + ###### [Advanced Hunting](run-advanced-query-api.md) ###### [Alert](alerts-windows-defender-advanced-threat-protection-new.md) @@ -250,24 +251,6 @@ ####### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection-new.md) ####### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection-new.md) -###### Domain -####### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection-new.md) -####### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection-new.md) -####### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection-new.md) -####### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection-new.md) - -###### [File](files-windows-defender-advanced-threat-protection-new.md) -####### [Get file information](get-file-information-windows-defender-advanced-threat-protection-new.md) -####### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection-new.md) -####### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection-new.md) -####### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection-new.md) - -###### IP -####### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection-new.md) -####### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection-new.md) -####### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection-new.md) -####### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection-new.md) - ###### [Machine](machine-windows-defender-advanced-threat-protection-new.md) ####### [List machines](get-machines-windows-defender-advanced-threat-protection-new.md) ####### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection-new.md) @@ -288,6 +271,30 @@ ####### [Run antivirus scan](run-av-scan-windows-defender-advanced-threat-protection-new.md) ####### [Offboard machine](offboard-machine-api-windows-defender-advanced-threat-protection-new.md) ####### [Stop and quarantine file](stop-and-quarantine-file-windows-defender-advanced-threat-protection-new.md) +####### [Initiate investigation (preview)](initiate-autoir-investigation-windows-defender-advanced-threat-protection-new.md) + +###### [Indicators (preview)](ti-indicator-windows-defender-advanced-threat-protection-new.md) +####### [Submit Indicator](post-ti-indicator-windows-defender-advanced-threat-protection-new.md) +####### [List Indicators](get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md) +####### [Delete Indicator](delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) + +###### Domain +####### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection-new.md) +####### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection-new.md) +####### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection-new.md) +####### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection-new.md) + +###### [File](files-windows-defender-advanced-threat-protection-new.md) +####### [Get file information](get-file-information-windows-defender-advanced-threat-protection-new.md) +####### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection-new.md) +####### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection-new.md) +####### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection-new.md) + +###### IP +####### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection-new.md) +####### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection-new.md) +####### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection-new.md) +####### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection-new.md) ###### [User](user-windows-defender-advanced-threat-protection-new.md) ####### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection-new.md) @@ -318,8 +325,8 @@ ##### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md) ##### [Configure Splunk to pull alerts](configure-splunk-windows-defender-advanced-threat-protection.md) ##### [Configure HP ArcSight to pull alerts](configure-arcsight-windows-defender-advanced-threat-protection.md) -##### [Windows Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md) -##### [Pull alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md) +##### [Windows Defender ATP SIEM alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md) +##### [Pull alerts using SIEM REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md) ##### [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md) @@ -367,7 +374,8 @@ ####Rules ##### [Manage suppression rules](manage-suppression-rules-windows-defender-advanced-threat-protection.md) -##### [Manage automation allowed/blocked](manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md) +##### [Manage automation allowed/blocked lists](manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md) +##### [Manage allowed/blocked lists](manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md) ##### [Manage automation file uploads](manage-automation-file-uploads-windows-defender-advanced-threat-protection.md) ##### [Manage automation folder exclusions](manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md) @@ -394,5 +402,7 @@ ###Troubleshoot attack surface reduction #### [Network protection](../windows-defender-exploit-guard/troubleshoot-np.md) #### [Attack surface reduction rules](../windows-defender-exploit-guard/troubleshoot-asr.md) +#### [Collect diagnostic data for files](../windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md) + ### [Troubleshoot next generation protection](../windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md) diff --git a/windows/security/threat-protection/windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md index 3735e259ac..5ab62122e6 100644 --- a/windows/security/threat-protection/windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md @@ -104,7 +104,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2" ] } diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index 938b358427..a9e46ae328 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/16/2018 --- # Configure advanced features in Windows Defender ATP @@ -40,7 +39,7 @@ For tenants created on or after Windows 10, version 1809 the automated investiga >[!NOTE] > - The result of the auto-resolve action may influence the Machine risk level calculation which is based on the active alerts found on a machine. ->- If a security operations analyst manually sets the status of an alert to "In progress" or "Resolved" the auto-resolve capability will not overrite it. +>- If a security operations analyst manually sets the status of an alert to "In progress" or "Resolved" the auto-resolve capability will not overwrite it. ## Block file @@ -59,6 +58,10 @@ For more information, see [Investigate a user account](investigate-user-windows- ## Skype for Business integration Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. This can be handy when you need to communicate with the user and mitigate risks. +>[!NOTE] +> When a machine is being isolated from the network, there's a pop-up where you can choose to enable Outlook and Skype communications which allows communications to the user while they are disconnected from the network. This setting applies to Skype and Outlook communication when machines are in isolation mode. + + ## Azure Advanced Threat Protection integration The integration with Azure Advanced Threat Protection allows you to pivot directly into another Microsoft Identity security product. Azure Advanced Threat Protection augments an investigation with additional insights about a suspected compromised account and related resources. By enabling this feature, you'll enrich the machine-based investigation capability by pivoting across the network from an identify point of view. @@ -87,6 +90,14 @@ When you enable this feature, you'll be able to incorporate data from Office 365 To receive contextual machine integration in Office 365 Threat Intelligence, you'll need to enable the Windows Defender ATP settings in the Security & Compliance dashboard. For more information, see [Office 365 Threat Intelligence overview](https://support.office.com/en-us/article/Office-365-Threat-Intelligence-overview-32405DA5-BEE1-4A4B-82E5-8399DF94C512). +## Microsoft Threat Experts +This feature is currently on public preview. When you enable this feature, you'll receive targeted attack notifications from Microsoft Threat Experts through your Windows Defender ATP portal's alerts dashboard and via email if you configure it. + +>[!NOTE] +>This feature will be available with an E5 license for [Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) on machines running Windows 10 version 1809 or later. + + + ## Microsoft Cloud App Security Enabling this setting forwards Windows Defender ATP signals to Microsoft Cloud App Security to provide deeper visibility into cloud application usage. Forwarded data is stored and processed in the same location as your Cloud App Security data. diff --git a/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md index 5043e422a5..da5c717e31 100644 --- a/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md @@ -14,16 +14,15 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/08/2017 --- # Alert resource type **Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prereleaseinformation](prerelease.md)] -Represents an alert entity in WDATP. +Represents an alert entity in Windows Defender ATP. # Methods Method|Return Type |Description diff --git a/windows/security/threat-protection/windows-defender-atp/api-hello-world.md b/windows/security/threat-protection/windows-defender-atp/api-hello-world.md new file mode 100644 index 0000000000..9ee1dafbb9 --- /dev/null +++ b/windows/security/threat-protection/windows-defender-atp/api-hello-world.md @@ -0,0 +1,189 @@ +--- +title: Advanced Hunting API +description: Use this API to run advanced queries +keywords: apis, supported apis, advanced hunting, query +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +--- + +# Windows Defender ATP API - Hello World + +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + +## Get Alerts using a simple PowerShell script + +### How long it takes to go through this example? +It only takes 5 minutes done in two steps: +- Application registration +- Use examples: only requires copy/paste of a short PowerShell script + +### Do I need a permission to connect? +For the App registration stage, you must have a Global administrator role in your Azure Active Directory (Azure AD) tenant. + +### Step 1 - Create an App in Azure Active Directory + +1. Log on to [Azure](https://portal.azure.com) with your Global administrator user. + +2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**. + + ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app.png) + +3. In the registration form, enter the following information, then click **Create**. + + - **Name:** Choose your own name. + - **Application type:** Web app / API + - **Redirect URI:** `https://127.0.0.1` + + ![Image of Create application window](images/webapp-create.png) + +4. Allow your App to access Windows Defender ATP and assign it 'Read all alerts' permission: + + - Click **Settings** > **Required permissions** > **Add**. + + ![Image of new app in Azure](images/webapp-add-permission.png) + + - Click **Select an API** > **WindowsDefenderATP**, then click **Select**. + + **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. + + ![Image of API access and API selection](images/webapp-add-permission-2.png) + + - Click **Select permissions** > **Read all alerts** > **Select**. + + ![Image of API access and API selection](images/webapp-add-permission-readalerts.png) + + - Click **Done** + + ![Image of add permissions completion](images/webapp-add-permission-end.png) + + - Click **Grant permissions** + + **Note**: Every time you add permission you must click on **Grant permissions**. + + ![Image of Grant permissions](images/webapp-grant-permissions.png) + +5. Create a key for your App: + + - Click **Keys**, type a key name and click **Save**. + + ![Image of create app key](images/webapp-create-key.png) + +6. Write down your App ID and your Tenant ID: + + - App ID: + + ![Image of created app id](images/webapp-app-id1.png) + + - Tenant ID: Navigate to **Azure Active Directory** > **Properties** + + ![Image of create app key](images/api-tenant-id.png) + + +Done! You have successfully registered an application! + +### Step 2 - Get a token using the App and use this token to access the API. + +- Copy the script below to PowerShell ISE or to a text editor, and save it as "**Get-Token.ps1**" +- Running this script will generate a token and will save it in the working folder under the name "**Latest-token.txt**". + +``` +# That code gets the App Context Token and save it to a file named "Latest-token.txt" under the current directory +# Paste below your Tenant ID, App ID and App Secret (App key). + +$tenantId = '' ### Paste your tenant ID here +$appId = '' ### Paste your app ID here +$appSecret = '' ### Paste your app key here + +$resourceAppIdUri = 'https://api.securitycenter.windows.com' +$oAuthUri = "https://login.windows.net/$TenantId/oauth2/token" +$authBody = [Ordered] @{ + resource = "$resourceAppIdUri" + client_id = "$appId" + client_secret = "$appSecret" + grant_type = 'client_credentials' +} +$authResponse = Invoke-RestMethod -Method Post -Uri $oAuthUri -Body $authBody -ErrorAction Stop +$token = $authResponse.access_token +Out-File -FilePath "./Latest-token.txt" -InputObject $token +return $token + +``` + +- Sanity Check:
+Run the script.
+In your browser go to: https://jwt.ms/
+Copy the token (the content of the Latest-token.txt file).
+Paste in the top box.
+Look for the "roles" section. Find the Alert.Read.All role. + +![Image jwt.ms](images/api-jwt-ms.png) + +### Lets get the Alerts! + +- The script below will use **Get-Token.ps1** to access the API and will get the past 48 hours Alerts. +- Save this script in the same folder you saved the previous script **Get-Token.ps1**. +- The script creates two files (json and csv) with the data in the same folder as the scripts. + +``` +# Returns Alerts created in the past 48 hours. + +$token = ./Get-Token.ps1 #run the script Get-Token.ps1 - make sure you are running this script from the same folder of Get-Token.ps1 + +# Get Alert from the last 48 hours. Make sure you have alerts in that time frame. +$dateTime = (Get-Date).ToUniversalTime().AddHours(-48).ToString("o") + +# The URL contains the type of query and the time filter we create above +# Read more about other query options and filters at Https://TBD- add the documentation link +$url = "https://api.securitycenter.windows.com/api/alerts?`$filter=alertCreationTime ge $dateTime" + +# Set the WebRequest headers +$headers = @{ + 'Content-Type' = 'application/json' + Accept = 'application/json' + Authorization = "Bearer $token" +} + +# Send the webrequest and get the results. +$response = Invoke-WebRequest -Method Get -Uri $url -Headers $headers -ErrorAction Stop + +# Extract the alerts from the results. +$alerts = ($response | ConvertFrom-Json).value | ConvertTo-Json + +# Get string with the execution time. We concatenate that string to the output file to avoid overwrite the file +$dateTimeForFileName = Get-Date -Format o | foreach {$_ -replace ":", "."} + +# Save the result as json and as csv +$outputJsonPath = "./Latest Alerts $dateTimeForFileName.json" +$outputCsvPath = "./Latest Alerts $dateTimeForFileName.csv" + +Out-File -FilePath $outputJsonPath -InputObject $alerts +($alerts | ConvertFrom-Json) | Export-CSV $outputCsvPath -NoTypeInformation + +``` + +You’re all done! You have just successfully: +- Created and registered and application +- Granted permission for that application to read alerts +- Connected the API +- Used a PowerShell script to return alerts created in the past 48 hours + + + +## Related topic +- [Windows Defender ATP APIs](exposed-apis-list.md) +- [Access Windows Defender ATP with application context](exposed-apis-create-app-webapp.md) +- [Access Windows Defender ATP with user context](exposed-apis-create-app-nativeapp.md) \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md index 1cec1b5053..4520b214d1 100644 --- a/windows/security/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/api-portal-mapping-windows-defender-advanced-threat-protection.md @@ -18,7 +18,7 @@ ms.topic: article ms.date: 10/16/2017 --- -# Windows Defender ATP alert API fields +# Windows Defender ATP SIEM alert API fields **Applies to:** diff --git a/windows/security/threat-protection/windows-defender-atp/apis-intro.md b/windows/security/threat-protection/windows-defender-atp/apis-intro.md index d1d2b0fceb..d05ecd0f1b 100644 --- a/windows/security/threat-protection/windows-defender-atp/apis-intro.md +++ b/windows/security/threat-protection/windows-defender-atp/apis-intro.md @@ -1,7 +1,7 @@ --- title: Windows Defender Advanced Threat Protection API overview description: Learn how you can use APIs to automate workflows and innovate based on Windows Defender ATP capabilities -keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query +keywords: apis, api, wdatp, open api, windows defender atp api, public api, supported apis, alerts, machine, user, domain, ip, file, advanced hunting, query search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy @@ -14,48 +14,52 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 09/03/2018 --- # Windows Defender ATP API overview -**Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - ->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) - -[!include[Prerelease information](prerelease.md)] +> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) Windows Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Windows Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). In general, you’ll need to take the following steps to use the APIs: -- Create an app -- Get an access token +- Create an AAD application +- Get an access token using this application - Use the token to access Windows Defender ATP API -As a developer, you decide which permissions for Windows Defender ATP your app requests. When a user signs in to your app they (or, in some cases, an administrator) are given a chance to give consent to these permissions. If the user provides consent, your app is given access to the resources and APIs that it has requested. For apps that don't take a signed-in user, permissions can be pre-approved to by an administrator when the app is installed or during sign-up. +You can access Windows Defender ATP API with **Application Context** or **User Context**. -## Delegated permissions, application permissions, and effective permissions +- **Application Context: (Recommended)**
+ Used by apps that run without a signed-in user present. for example, apps that run as background services or daemons. -Windows Defender ATP has two types of permissions: delegated permissions and application permissions. + Steps that need to be taken to access Windows Defender ATP API with application context: -- **Delegated permissions**
- Used by apps that have a signed-in user present. For these apps either the user or an administrator provides consent to the permissions that the app requests and the app is delegated permission to act as the signed-in user when making calls to Windows Defender ATP. Some delegated permissions can be consented to by non-administrative users, but some higher-privileged permissions require administrator consent. -- **Application permissions**
- Used by apps that run without a signed-in user present; for example, apps that run as background services or daemons. Application permissions can only be consented by an administrator. + 1. Create an AAD Web-Application. + 2. Assign the desired permission to the application, for example, 'Read Alerts', 'Isolate Machines'. + 3. Create a key for this Application. + 4. Get token using the application with its key. + 5. Use the token to access Windows Defender ATP API -Effective permissions are permissions that your app will have when making requests to Windows Defender ATP. It is important to understand the difference between the delegated and application permissions that your app is granted and its effective permissions when making calls to Windows Defender ATP. + For more information, see [Get access with application context](exposed-apis-create-app-webapp.md). -- For delegated permissions, the effective permissions of your app will be the least privileged intersection of the delegated permissions the app has been granted (via consent) and the privileges of the currently signed-in user. Your app can never have more privileges than the signed-in user. Within organizations, the privileges of the signed-in user may be determined by policy or by membership in one or more administrator roles. For more information about administrator roles, see [Assigning administrator roles in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/active-directory-assign-admin-roles). - For example, assume your app has been granted the `Machine.CollectForensics` delegated permission. This permission nominally grants your app permission to collect investigation package from a machine. If the signed-in user has 'Alerts Investigation' permission, your app will be able to collect investigation package from a machine, if the machine belongs to a group the user is exposed to. However, if the signed-in user doesn't have 'Alerts Investigation' permission, your app won't be able to collect investigation package from any machine. +- **User Context:**
+ Used to perform actions in the API on behalf of a user. -- For application permissions, the effective permissions of your app will be the full level of privileges implied by the permission. For example, an app that has the `Machine.CollectForensics` application permission can collect investigation package from any machine in the organization. + Steps that needs to be taken to access Windows Defender ATP API with application context: + 1. Create AAD Native-Application. + 2. Assign the desired permission to the application, e.g 'Read Alerts', 'Isolate Machines' etc. + 3. Get token using the application with user credentials. + 4. Use the token to access Windows Defender ATP API + + For more information, see [Get access with user context](exposed-apis-create-app-nativeapp.md). ## Related topics -- [Supported Windows Defender ATP APIs](exposed-apis-list.md) -- [Access Windows Defender ATP without a user](exposed-apis-create-app-webapp.md) -- [Access Windows Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md) \ No newline at end of file +- [Windows Defender ATP APIs](exposed-apis-list.md) +- [Access Windows Defender ATP with application context](exposed-apis-create-app-webapp.md) +- [Access Windows Defender ATP with user context](exposed-apis-create-app-nativeapp.md) \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/basic-permissions-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/basic-permissions-windows-defender-advanced-threat-protection.md index d9fa05ab08..7dc172d03f 100644 --- a/windows/security/threat-protection/windows-defender-atp/basic-permissions-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/basic-permissions-windows-defender-advanced-threat-protection.md @@ -66,7 +66,7 @@ Add-MsolRoleMember -RoleName "Security Administrator" -RoleMemberEmailAddress "s Add-MsolRoleMember -RoleName "Security Reader" -RoleMemberEmailAddress "reader@Contoso.onmicrosoft.com" ``` -For more information see, [Manage Azure AD group and role membership](https://technet.microsoft.com/library/321d532e-407d-4e29-a00a-8afbe23008dd#BKMK_ManageGroups). +For more information see, [Add or remove group memberships](https://technet.microsoft.com/library/321d532e-407d-4e29-a00a-8afbe23008dd#BKMK_ManageGroups). ## Assign user access using the Azure portal For more information, see [Assign administrator and non-administrator roles to uses with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal). diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md index de59ce12b7..a2e8e2a9d2 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md @@ -48,7 +48,7 @@ ms.date: 04/24/2018 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the machine. You should have a folder called *OptionalParamsPolicy* and the file *WindowsDefenderATPOnboardingScript.cmd*. -3. Open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**. +3. Open the [Group Policy Management Console](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**. 4. In the **Group Policy Management Editor**, go to **Computer configuration**, then **Preferences**, and then **Control panel settings**. @@ -78,7 +78,7 @@ You can use Group Policy (GP) to configure settings, such as settings for the sa b. Copy _AtpConfiguration.adml_ into _C:\\Windows\\PolicyDefinitions\\en-US_ -2. Open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the GPO you want to configure and click **Edit**. +2. Open the [Group Policy Management Console](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11), right-click the GPO you want to configure and click **Edit**. 3. In the **Group Policy Management Editor**, go to **Computer configuration**. @@ -110,7 +110,7 @@ For security reasons, the package used to Offboard machines will expire 30 days 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the machine. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. -3. Open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**. +3. Open the [Group Policy Management Console](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**. 4. In the **Group Policy Management Editor**, go to **Computer configuration,** then **Preferences**, and then **Control panel settings**. diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md index c378ca8d9d..4d6b519e13 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md @@ -61,7 +61,7 @@ You can use existing System Center Configuration Manager functionality to create 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATPOnboardingScript.cmd*. -3. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/library/gg682178.aspx) topic. +3. Deploy the package by following the steps in the [Packages and Programs in Configuration Manager](https://docs.microsoft.com/en-us/sccm/apps/deploy-use/packages-and-programs) topic. a. Choose a predefined device collection to deploy the package to. @@ -92,7 +92,7 @@ Possible values are: The default value in case the registry key doesn’t exist is 1. -For more information about System Center Configuration Manager Compliance see [Compliance Settings in Configuration Manager](https://technet.microsoft.com/library/gg681958.aspx). +For more information about System Center Configuration Manager Compliance see [Get started with compliance settings in System Center Configuration Manager](https://docs.microsoft.com/sccm/compliance/get-started/get-started-with-compliance-settings). @@ -115,7 +115,7 @@ For security reasons, the package used to Offboard machines will expire 30 days 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. -3. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/library/gg682178.aspx) topic. +3. Deploy the package by following the steps in the [Packages and Programs in Configuration Manager](https://docs.microsoft.com/en-us/sccm/apps/deploy-use/packages-and-programs) topic. a. Choose a predefined device collection to deploy the package to. @@ -155,7 +155,7 @@ Path: “HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status” Name: “OnboardingState” Value: “1” ``` -For more information about System Center Configuration Manager Compliance see [Compliance Settings in Configuration Manager](https://technet.microsoft.com/library/gg681958.aspx). +For more information about System Center Configuration Manager Compliance see [Get started with compliance settings in System Center Configuration Manager](https://docs.microsoft.com/sccm/compliance/get-started/get-started-with-compliance-settings). ## Related topics - [Onboard Windows 10 machines using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/windows-defender-atp/configure-microsoft-threat-experts.md index f518883f9b..8e6edc791b 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-microsoft-threat-experts.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-microsoft-threat-experts.md @@ -81,27 +81,49 @@ You can partner with Microsoft Threat Experts who can be engaged directly from w c. Remember to use the ID number from the **Open a support ticket** tab page and include it to the details you will provide in the subsequent Customer Services and Support (CSS) pages.
- **Step 2: Open a support ticket** - - >[!NOTE] - >To experience the full Microsoft Threat Experts preview capability in Windows Defender ATP, you need to have a Premier customer service and support account. However, you will not be charged for the Experts-on-demand service during the preview. - + **Step 2: Open a support ticket** + >[!NOTE] + >To experience the full Microsoft Threat Experts preview capability in Windows Defender ATP, you need to have a Premier customer service and support account. However, you will not be charged for the Experts-on-demand service during the preview. + a. In the **New support request** customer support page, select the following from the dropdown menu and then click **Next**:
- - **Select the product family**: **Security** - - **Select a product**: **Microsoft Threat Experts** - - **Select a category that best describes the issue**: **Windows Defender ATP** - - **Select a problem that best describes the issue**: Choose according to your inquiry category + **Select the product family**: **Security**
+ **Select a product**: **Microsoft Threat Experts**
+ **Select a category that best describes the issue**: **Windows Defender ATP**
+ **Select a problem that best describes the issue**: Choose according to your inquiry category
- b. Fill out the fields with the necessary information about the issue and use the auto-generated ID when you open a Customer Services and Support (CSS) ticket. Then, click **Next**. + b. Fill out the fields with the necessary information about the issue and use the auto-generated ID when you open a Customer Services and Support (CSS) ticket. Then, click **Next**.
- c. In the **Select a support plan** page, select **Professional No Charge**. + c. In the **Select a support plan** page, select **Professional No Charge**.
- d. The severity of your issue has been pre-selected by default, per the support plan, **Professional No Charge**, that you'll use for this public preview. Select the time zone by which you'd like to receive the correspondence. Then, click **Next**. + d. The severity of your issue has been pre-selected by default, per the support plan, **Professional No Charge**, that you'll use for this public preview. Select the time zone by which you'd like to receive the correspondence. Then, click **Next**.
- e. Verify your contact details and add another if necessary. Then, click **Next**. + e. Verify your contact details and add another if necessary. Then, click **Next**.
- f. Review the summary of your support request, and update if necessary. Make sure that you read and understand the **Microsoft Services Agreement** and **Privacy Statement**. Then, click **Submit**. You will see the confirmation page indicating the response time and your support request number. + f. Review the summary of your support request, and update if necessary. Make sure that you read and understand the **Microsoft Services Agreement** and **Privacy Statement**. Then, click **Submit**. You will see the confirmation page indicating the response time and your support request number.
+ +## Sample questions to ask Microsoft Threat Experts +**Alert information** +- We see a new type of alert for a living-off-the-land binary: [AlertID]. Can you tell us something more about this alert and how we can investigate further? +- We’ve observed two similar attacks which try to execute malicious PowerShell scripts but generate different alerts. One is "Suspicious Powershell command line" and the other is "A malicious file was detected based on indication provided by O365". What is the difference? +- I receive an odd alert today for abnormal number of failed logins from a high profile user’s device. I cannot find any further evidence around these sign-in attempts. How can Windows Defender see these attempts? What type of sign-ins are being monitored? +- Can you give more context or insights about this alert: “Suspicious behavior by a system utility was observed”. + +**Possible machine compromise** +- Can you please help answer why we see “Unknown process observed?” This is seen quite frequently on many machines and we would appreciate input on whether this is related to malicious activity. +- Can you help validate a possible compromise on the following system on [date] with similar behaviors as the previous [malware name] malware detection on the same system in [month]? + +**Threat intelligence details** +- This morning, we detected a phishing email that delivered a malicious Word document to a user. This caused a series of suspicious events which triggered multiple Windows Defender alerts for [malware name] malware. Do you have any information on this malware? If yes, can you please send me a link? +- I recently saw a [social media reference e.g. Twitter or blog] post about a threat that is targeting my industry. Can you help me understand what protection WDATP provides against this threat actor? + +**Microsoft Threat Experts’ alert communications** +- Can your incident response team help us address the targeted attack notification that we got? +- I received this targeted attack notification from Microsoft Threat Experts. We don’t have our own incident response team. What can we do now, and how can we contain the incident? +- I received a targeted attack notification from Microsoft Threat Experts. What data can you provide to us that we can pass on to our incident response team? + + >[!NOTE] + >Microsoft Threat Experts is a managed cybersecurity hunting service and not an incident response service. However, the experts can seamlessly transition the investigation to Microsoft Cybersecurity Solutions Group (CSG)'s Detection and Response Team (DART) services, when necessary. You can also opt to engage with your own incident response team to address issues that requires an incident response. ## Scenario diff --git a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 64a8b911a7..595b8af148 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -165,6 +165,9 @@ If at least one of the connectivity options returns a (200) status, then the Win However, if the connectivity check results indicate a failure, an HTTP error is displayed (see HTTP Status Codes). You can then use the URLs in the table shown in [Enable access to Windows Defender ATP service URLs in the proxy server](#enable-access-to-windows-defender-atp-service-urls-in-the-proxy-server). The URLs you'll use will depend on the region selected during the onboarding procedure. +> [!NOTE] +> When the TelemetryProxyServer is set, in Registry or via Group Policy, Windows Defender ATP will fall back to direct if it can't access the defined proxy. + ## Related topics - [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md) - [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md index 4b98079963..0964bd2cdc 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md @@ -14,7 +14,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/14/2018 --- # Onboard servers to the Windows Defender ATP service @@ -45,7 +44,22 @@ For a practical guidance on what needs to be in place for licensing and infrastr ## Windows Server 2012 R2 and Windows Server 2016 -To onboard Windows Server 2012 R2 and Windows Server 2016 to Windows Defender ATP, you’ll need to: +There are two options to onboard Windows Server 2012 R2 and Windows Server 2016 to Windows Defender ATP: + +- **Option 1**: Onboard through Azure Security Center +- **Option 2**: Onboard through Windows Defender Security Center + +### Option 1: Onboard servers through Azure Security Center +1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**. + +2. Select Windows Server 2012 R2 and 2016 as the operating system. + +3. Click **Onboard Servers in Azure Security Center**. + +4. Follow the onboarding instructions in [Windows Defender Advanced Threat Protection with Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-wdatp). + +### Option 2: Onboard servers through Windows Defender Security Center +You'll need to tak the following steps if you choose to onboard servers through Windows Defender Security Center. - For Windows Server 2012 R2: Configure and update System Center Endpoint Protection clients. @@ -53,7 +67,7 @@ To onboard Windows Server 2012 R2 and Windows Server 2016 to Windows Defender AT >This step is required only if your organization uses System Center Endpoint Protection (SCEP) and you're onboarding Windows Server 2012 R2. - Turn on server monitoring from Windows Defender Security Center. -- If you're already leveraging System Center Operations Manager (SCOM) or Operations Management Suite (OMS), simply attach the Microsoft Monitoring Agent (MMA) to report to your Windows Defender ATP workspace through [Multi Homing support](https://blogs.technet.microsoft.com/msoms/2016/05/26/oms-log-analytics-agent-multi-homing-support/). Otherwise, install and configure MMA to report sensor data to Windows Defender ATP as instructed below. +- If you're already leveraging System Center Operations Manager (SCOM) or Operations Management Suite (OMS), simply attach the Microsoft Monitoring Agent (MMA) to report to your Windows Defender ATP workspace through Multi Homing support. Otherwise, install and configure MMA to report sensor data to Windows Defender ATP as instructed below. >[!TIP] > After onboarding the machine, you can choose to run a detection test to verify that it is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Windows Defender ATP endpoint](run-detection-test-windows-defender-advanced-threat-protection.md). @@ -73,7 +87,7 @@ The following steps are required to enable this integration: 1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**. -2. Select Windows Server 2012R2 and 2016 as the operating system. +2. Select Windows Server 2012 R2 and 2016 as the operating system. 3. Click **Turn on server monitoring** and confirm that you'd like to proceed with the environment set up. When the set up completes, the **Workspace ID** and **Workspace key** fields are populated with unique values. You'll need to use these values to configure the MMA agent. @@ -201,7 +215,7 @@ To offboard the server, you can use either of the following methods: 1. Get your Workspace ID: a. In the navigation pane, select **Settings** > **Onboarding**. - b. Select **Windows Server 2012R2 and 2016** as the operating system and get your Workspace ID: + b. Select **Windows Server 2012 R2 and 2016** as the operating system and get your Workspace ID: ![Image of server onboarding](images/atp-server-offboarding-workspaceid.png) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md index 04c596750a..239c4d95db 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md @@ -22,7 +22,6 @@ ms.date: 10/16/2017 **Applies to:** - - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) diff --git a/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md index 632b9691c5..4998ae8a80 100644 --- a/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md +++ b/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/29/2018 --- diff --git a/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md index e293b7a30d..6399e4f311 100644 --- a/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md @@ -1,6 +1,6 @@ --- -title: Delete Ti Indicator. -description: Deletes Ti Indicator entity by ID. +title: Delete Indicator API. +description: Deletes Indicator entity by ID. keywords: apis, public api, supported apis, delete, ti indicator, entity, id search.product: eADQiWindows 10XVcnh ms.prod: w10 @@ -14,33 +14,33 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/08/2017 --- -# Delete TI Indicator API +# Delete Indicator API + +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prereleaseinformation](prerelease.md)] >[!Note] -> Currently this API is supported only for AppOnly context requests. (See [Get access without a user](exposed-apis-create-app-webapp.md) for more information) +> Currently this API is supported only for AppOnly context requests. (See [Get access with application context](exposed-apis-create-app-webapp.md) for more information) -**Applies to:** - -- Windows Defender Advanced Threat Protection (Windows Defender ATP) -Retrieves a TI Indicator entity by ID. +- Deletes an Indicator entity by ID. ## Permissions -One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md) +One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Get started](apis-intro.md) Permission type | Permission | Permission display name :---|:---|:--- Application | Ti.ReadWrite | 'Read and write TI Indicators' +Application | Ti.ReadWrite.All | 'Read and write Indicators' ## HTTP request ``` -Delete https://api.securitycenter.windows.com/api/tiindicators/{id} +Delete https://api.securitycenter.windows.com/api/indicators/{id} ``` [!include[Improve request performance](improverequestperformance-new.md)] @@ -57,8 +57,8 @@ Authorization | String | Bearer {token}. **Required**. Empty ## Response -If TI Indicator exist and deleted successfully - 204 OK without content. -If TI Indicator with the specified id was not found - 404 Not Found. +If Indicator exist and deleted successfully - 204 OK without content. +If Indicator with the specified id was not found - 404 Not Found. ## Example @@ -67,7 +67,7 @@ If TI Indicator with the specified id was not found - 404 Not Found. Here is an example of the request. ``` -DELETE https://api.securitycenter.windows.com/api/tiindicators/220e7d15b0b3d7fac48f2bd61114db1022197f7f +DELETE https://api.securitycenter.windows.com/api/indicators/220e7d15b0b3d7fac48f2bd61114db1022197f7f ``` **Response** diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md index 9109892c6d..56c66b472e 100644 --- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md +++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md @@ -19,33 +19,30 @@ ms.date: 09/03/2018 # Use Windows Defender ATP APIs -**Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) - - ->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) +> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) [!include[Prerelease information](prerelease.md)] -This page describe how to create an application to get programmatical access to Windows Defender ATP on behalf of a user. +This page describes how to create an application to get programmatic access to Windows Defender ATP on behalf of a user. -If you need programmatical access Windows Defender ATP without a user, refer to [Access Windows Defender ATP without a user](exposed-apis-create-app-webapp.md). +If you need programmatic access Windows Defender ATP without a user, refer to [Access Windows Defender ATP with application context](exposed-apis-create-app-webapp.md). If you are not sure which access you need, read the [Introduction page](apis-intro.md). -Windows Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Windows Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). +Windows Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate work flows and innovate based on Windows Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). In general, you’ll need to take the following steps to use the APIs: -- Create an app -- Get an access token +- Create an AAD application +- Get an access token using this application - Use the token to access Windows Defender ATP API -This page explains how to create an app, get an access token to Windows Defender ATP and validate the token includes the required permission. +This page explains how to create an AAD application, get an access token to Windows Defender ATP and validate the token. >[!NOTE] -> When accessing Windows Defender ATP API on behalf of a user, you will need the correct app permission and user permission. +> When accessing Windows Defender ATP API on behalf of a user, you will need the correct App permission and user permission. > If you are not familiar with user permissions on Windows Defender ATP, see [Manage portal access using role-based access control](rbac-windows-defender-advanced-threat-protection.md). >[!TIP] @@ -53,7 +50,7 @@ This page explains how to create an app, get an access token to Windows Defender ## Create an app -1. Log on to [Azure](https://portal.azure.com). +1. Log on to [Azure](https://portal.azure.com) with user that has Global Administrator role. 2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**. @@ -78,13 +75,10 @@ This page explains how to create an app, get an access token to Windows Defender ![Image of API access and API selection](images/webapp-add-permission-2.png) -6. Click **Select permissions** > check **Read alerts** and **Collect forensics** > **Select**. +6. Click **Select permissions** > **Check the desired permissions** > **Select**. >[!IMPORTANT] >You need to select the relevant permissions. 'Read alerts' and 'Collect forensics' are only an example. - - ![Image of select permissions](images/nativeapp-select-permissions.png) - For instance, - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission @@ -92,6 +86,8 @@ This page explains how to create an app, get an access token to Windows Defender To determine which permission you need, look at the **Permissions** section in the API you are interested to call. + ![Image of select permissions](images/nativeapp-select-permissions.png) + 7. Click **Done** @@ -116,39 +112,51 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co ### Using C# -The code was below tested with nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8 - -- Create a new Console Application -- Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/) -- Add the below using +- Copy/Paste the below class in your application. +- Use **AcquireUserTokenAsync** method with the your application ID, tenant ID, user name and password to acquire a token. ``` - using Microsoft.IdentityModel.Clients.ActiveDirectory; - ``` + namespace WindowsDefenderATP + { + using System.Net.Http; + using System.Text; + using System.Threading.Tasks; + using Newtonsoft.Json.Linq; -- Copy/Paste the below code in your application (pay attention to the comments in the code) + public static class WindowsDefenderATPUtils + { + private const string Authority = "https://login.windows.net"; - ``` - const string authority = "https://login.windows.net"; - const string wdatpResourceId = "https://api.securitycenter.windows.com"; + private const string WdatpResourceId = "https://api.securitycenter.windows.com"; - string tenantId = "00000000-0000-0000-0000-000000000000"; // Paste your own tenant ID here - string appId = "11111111-1111-1111-1111-111111111111"; // Paste your own app ID here + public static async Task AcquireUserTokenAsync(string username, string password, string appId, string tenantId) + { + using (var httpClient = new HttpClient()) + { + var urlEncodedBody = $"resource={WdatpResourceId}&client_id={appId}&grant_type=password&username={username}&password={password}"; - string username = "SecurityAdmin123@microsoft.com"; // Paste your username here - string password = GetPasswordFromSafePlace(); // Paste your own password here for a test, and then store it in a safe place! + var stringContent = new StringContent(urlEncodedBody, Encoding.UTF8, "application/x-www-form-urlencoded"); - UserPasswordCredential userCreds = new UserPasswordCredential(username, password); + using (var response = await httpClient.PostAsync($"{Authority}/{tenantId}/oauth2/token", stringContent).ConfigureAwait(false)) + { + response.EnsureSuccessStatusCode(); - AuthenticationContext auth = new AuthenticationContext($"{authority}/{tenantId}"); - AuthenticationResult authenticationResult = auth.AcquireTokenAsync(wdatpResourceId, appId, userCreds).GetAwaiter().GetResult(); - string token = authenticationResult.AccessToken; + var json = await response.Content.ReadAsStringAsync().ConfigureAwait(false); + + var jObject = JObject.Parse(json); + + return jObject["access_token"].Value(); + } + } + } + } + } ``` ## Validate the token Sanity check to make sure you got a correct token: -- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it +- Copy/paste into [JWT](https://jwt.ms) the token you got in the previous step in order to decode it - Validate you get a 'scp' claim with the desired app permissions - In the screenshot below you can see a decoded token acquired from the app in the tutorial: @@ -168,12 +176,11 @@ Sanity check to make sure you got a correct token: request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); - var response = await httpClient.SendAsync(request).ConfigureAwait(false); + var response = httpClient.SendAsync(request).GetAwaiter().GetResult(); // Do something useful with the response ``` ## Related topics -- [Windows Defender ATP APIs](apis-intro.md) -- [Supported Windows Defender ATP APIs](exposed-apis-list.md) -- [Access Windows Defender ATP without a user](exposed-apis-create-app-webapp.md) \ No newline at end of file +- [Windows Defender ATP APIs](exposed-apis-list.md) +- [Access Windows Defender ATP with application context](exposed-apis-create-app-webapp.md) \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md index a3afcae8bd..4d6b21364d 100644 --- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md +++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md @@ -19,32 +19,30 @@ ms.date: 09/03/2018 # Create an app to access Windows Defender ATP without a user -**Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) - ->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) [!include[Prerelease information](prerelease.md)] -This page describes how to create an application to get programmatical access to Windows Defender ATP without a user. +This page describes how to create an application to get programmatic access to Windows Defender ATP without a user. -If you need programmatical access Windows Defender ATP on behalf of a user, see [Access Windows Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md) +If you need programmatic access Windows Defender ATP on behalf of a user, see [Get access wtih user context](exposed-apis-create-app-nativeapp.md) -If you are not sure which access you need, see [Use Windows Defender ATP APIs](apis-intro.md). +If you are not sure which access you need, see [Get started](apis-intro.md). Windows Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate workflows and innovate based on Windows Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). In general, you’ll need to take the following steps to use the APIs: -- Create an app -- Get an access token +- Create an AAD application +- Get an access token using this application - Use the token to access Windows Defender ATP API -This page explains how to create an app, get an access token to Windows Defender ATP and validate the token includes the required permission. +This page explains how to create an AAD application, get an access token to Windows Defender ATP and validate the token. ## Create an app -1. Log on to [Azure](https://portal.azure.com). +1. Log on to [Azure](https://portal.azure.com) with user that has Global Administrator role. 2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**. @@ -54,9 +52,9 @@ This page explains how to create an app, get an access token to Windows Defender ![Image of Create application window](images/webapp-create.png) - - **Name:** WdatpEcosystemPartner + - **Name:** Choose your own name. - **Application type:** Web app / API - - **Redirect URI:** `https://WdatpEcosystemPartner.com` (The URL where user can sign in and use your app. You can change this URL later.) + - **Redirect URI:** `https://127.0.0.1` 4. Click **Settings** > **Required permissions** > **Add**. @@ -69,18 +67,17 @@ This page explains how to create an app, get an access token to Windows Defender ![Image of API access and API selection](images/webapp-add-permission-2.png) -6. Click **Select permissions** > **Run advanced queries** > **Select**. +6. Click **Select permissions** > **Check the desired permissions** > **Select**. - **Important note**: You need to select the relevant permission. 'Run advanced queries' is only an example! - - ![Image of select permissions](images/webapp-select-permission.png) + **Important note**: You need to select the relevant permissions. 'Run advanced queries' is only an example! For instance, - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission - To [isolate a machine](isolate-machine-windows-defender-advanced-threat-protection-new.md), select 'Isolate machine' permission + - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. + ![Image of select permissions](images/webapp-select-permission.png) 7. Click **Done** @@ -94,7 +91,7 @@ This page explains how to create an app, get an access token to Windows Defender ![Image of Grant permissions](images/webapp-grant-permissions.png) -9. Click **Keys** and type a key name and click **Save**. +9. Click **Keys**, type a key name and click **Save**. **Important**: After you save, **copy the key value**. You won't be able to retrieve after you leave! @@ -102,9 +99,9 @@ This page explains how to create an app, get an access token to Windows Defender 10. Write down your application ID. - ![Image of app ID](images/webapp-get-appid.png) + ![Image of created app id](images/webapp-app-id1.png) -11. Set your application to be multi-tenanted +11. **For Windows Defender ATP Partners only** - Set your application to be multi-tenanted This is **required** for 3rd party apps (for example, if you create an application that is intended to run in multiple customers tenant). @@ -114,26 +111,54 @@ This page explains how to create an app, get an access token to Windows Defender ![Image of multi tenant](images/webapp-edit-multitenant.png) + - Application consent for your multi-tenant App: + + You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Windows Defender ATP application on behalf of your customer. -## Application consent -You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with WDATP application on behalf of your customer. + You (or your customer if you are writing a 3rd party application) need to click the consent link and approve your application. The consent should be done with a user who has admin privileges in the active directory. -You (or your customer if you are writing a 3rd party application) need to click the consent link and approve your application. The consent should be done with a user who has admin privileges in the active directory. + Consent link is of the form: -Consent link is of the form: + ``` + https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true​ + ``` -``` -https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true​ -``` - -where 00000000-0000-0000-0000-000000000000​ should be replaced with your Azure application ID + where 00000000-0000-0000-0000-000000000000​ should be replaced with your Azure application ID -## Get an access token +- **Done!** You have successfully registered an application! +- See examples below for token acquisition and validation. + +## Get an access token examples: For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds) -### Using C# +### Using PowerShell + +``` +# That code gets the App Context Token and save it to a file named "Latest-token.txt" under the current directory +# Paste below your Tenant ID, App ID and App Secret (App key). + +$tenantId = '' ### Paste your tenant ID here +$appId = '' ### Paste your app ID here +$appSecret = '' ### Paste your app key here + +$resourceAppIdUri = 'https://api.securitycenter.windows.com' +$oAuthUri = "https://login.windows.net/$TenantId/oauth2/token" +$authBody = [Ordered] @{ + resource = "$resourceAppIdUri" + client_id = "$appId" + client_secret = "$appSecret" + grant_type = 'client_credentials' +} +$authResponse = Invoke-RestMethod -Method Post -Uri $oAuthUri -Body $authBody -ErrorAction Stop +$token = $authResponse.access_token +Out-File -FilePath "./Latest-token.txt" -InputObject $token +return $token + +``` + +### Using C#: >The below code was tested with nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8 @@ -161,9 +186,6 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co string token = authenticationResult.AccessToken; ``` -### Using PowerShell - -Refer to [Get token using PowerShell](run-advanced-query-sample-powershell.md#get-token) ### Using Python @@ -177,7 +199,7 @@ Refer to [Get token using Python](run-advanced-query-sample-python.md#get-token) - Open a command window - ​Set CLIENT_ID to your Azure application ID - Set CLIENT_SECRET to your Azure application secret -- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access WDATP application +- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access Windows Defender ATP application - Run the below command: ``` @@ -195,7 +217,7 @@ You will get an answer of the form: Sanity check to make sure you got a correct token: - Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it - Validate you get a 'roles' claim with the desired permissions -- In the screenshot below you can see a decoded token acquired from an app with permissions to all of Wdatp's roles: +- In the screenshot below you can see a decoded token acquired from an app with permissions to all of Windows Defender ATP's roles: ![Image of token validation](images/webapp-decoded-token.png) @@ -213,12 +235,11 @@ Sanity check to make sure you got a correct token: request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); - var response = await httpClient.SendAsync(request).ConfigureAwait(false); + var response = httpClient.SendAsync(request).GetAwaiter().GetResult(); // Do something useful with the response ``` ## Related topics -- [Windows Defender ATP APIs](apis-intro.md) - [Supported Windows Defender ATP APIs](exposed-apis-list.md) - [Access Windows Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md) \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md index b65c98cd30..80c3f2dfdf 100644 --- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md +++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md @@ -19,7 +19,7 @@ ms.date: 09/24/2018 # Windows Defender ATP APIs using PowerShell **Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prerelease information](prerelease.md)] @@ -48,7 +48,7 @@ Set-ExecutionPolicy -ExecutionPolicy Bypass - Run the below > - $tenantId: ID of the tenant on behalf of which you want to run the query (i.e., the query will be run on the data of this tenant) -> - $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to WDATP) +> - $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to Windows Defender ATP) > - $appSecret: Secret of your AAD app > - $suspiciousUrl: The URL diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md index 55933fb093..2be8b96e04 100644 --- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md +++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-list.md @@ -14,7 +14,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 30/07/2018 --- # Supported Windows Defender ATP query APIs diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-odata-samples.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-odata-samples.md index 581c198d4a..8892195292 100644 --- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-odata-samples.md +++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-odata-samples.md @@ -64,7 +64,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "High", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2", "ExampleTag" ] }, @@ -149,7 +148,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "High", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2", "ExampleTag" ] }, @@ -191,7 +189,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "High", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2", "ExampleTag" ] }, @@ -233,7 +230,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "High", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2", "ExampleTag" ] }, @@ -278,5 +274,23 @@ Content-type: application/json } ``` +### Example 7 + +- Get the count of open alerts for a specific machine: + +``` +HTTP GET https://api.securitycenter.windows.com/api/machines/123321d0c675eaa415b8e5f383c6388bff446c62/alerts/$count?$filter=status ne 'Resolved' +``` + +**Response:** + +``` +HTTP/1.1 200 OK +Content-type: application/json + +4 + +``` + ## Related topic - [Windows Defender ATP APIs](apis-intro.md) diff --git a/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md index 6a846b32c3..0491fe98c9 100644 --- a/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md @@ -14,14 +14,15 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/08/2017 --- # File resource type +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prerelease information](prerelease.md)] -Represent a file entity in WDATP. +Represent a file entity in Windows Defender ATP. # Methods Method|Return Type |Description @@ -49,5 +50,5 @@ fileProductName | String | Product name. signer | String | File signer. issuer | String | File issuer. signerHash | String | Hash of the signing certificate. -isValidCertificate | Boolean | Was signing certificate successfully verified by WDATP agent. +isValidCertificate | Boolean | Was signing certificate successfully verified by Windows Defender ATP agent. diff --git a/windows/security/threat-protection/windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md index a3f532f281..687f9ab304 100644 --- a/windows/security/threat-protection/windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md @@ -102,7 +102,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2" ] } diff --git a/windows/security/threat-protection/windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md index 3a5158d272..f6ed806476 100644 --- a/windows/security/threat-protection/windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md @@ -44,6 +44,11 @@ A reinstalled or renamed machine will generate a new machine entity in Windows D **Machine was offboarded**
If the machine was offboarded it will still appear in machines list. After 7 days, the machine health state should change to inactive. + +**Machine is not sending signals** +If the machine is not sending any signals for more than 7 days to any of the Windows Defender ATP channels for any reason including conditions that fall under misconfigured machines classification, a machine can be considered inactive. + + Do you expect a machine to be in ‘Active’ status? [Open a support ticket ticket](https://support.microsoft.com/getsupport?wf=0&tenant=ClassicCommercial&oaspworkflow=start_1.0.0.0&locale=en-us&supportregion=en-us&pesid=16055&ccsid=636206786382823561). ## Misconfigured machines diff --git a/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection-new.md index 00bff8380f..c1136545a5 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection-new.md @@ -98,7 +98,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2" ] }, @@ -117,7 +116,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": false, "aadDeviceId": null, "machineTags": [ "test tag 1" ] } diff --git a/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection-new.md index bf738b355a..cf9e003f26 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection-new.md @@ -98,7 +98,6 @@ Content-type: application/json "healthStatus": "Active", "rbacGroupId": 140, "riskScore": "Low", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2" ] }, @@ -116,7 +115,6 @@ Content-type: application/json "healthStatus": "Inactive", "rbacGroupId": 140, "riskScore": "Low", - "isAadJoined": false, "aadDeviceId": null, "machineTags": [ "test tag 1" ] } diff --git a/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection-new.md index 28d4703b18..e17c0a1457 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection-new.md @@ -98,7 +98,6 @@ Content-type: application/json "rbacGroupId": 140, "riskScore": "Low", "rbacGroupName": "The-A-Team", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2" ] }, @@ -117,7 +116,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": false, "aadDeviceId": null, "machineTags": [ "test tag 1" ] } diff --git a/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md index 3612531147..5a6a77b908 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection-new.md @@ -99,7 +99,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2" ] } diff --git a/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md index 907c5e5838..7e2ad2eaf1 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md @@ -14,18 +14,16 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/08/2017 --- # List machines API **Applies to:** - -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prereleaseinformation](prerelease.md)] -- Retrieves a collection of machines that have communicated with WDATP cloud on the last 30 days. +- Retrieves a collection of machines that have communicated with Windows Defender ATP cloud on the last 30 days. - Get Machines collection API supports [OData V4 queries](https://www.odata.org/documentation/). - The OData's Filter query is supported on: "Id", "ComputerDnsName", "LastSeen", "LastIpAddress", "HealthStatus", "OsPlatform", "RiskScore", "MachineTags" and "RbacGroupId". - See examples at [OData queries with Windows Defender ATP](exposed-apis-odata-samples.md) diff --git a/windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md deleted file mode 100644 index ffef895d91..0000000000 --- a/windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md +++ /dev/null @@ -1,96 +0,0 @@ ---- -title: Get Ti Indicator by ID API -description: Retrieves Ti Indicator entity by ID. -keywords: apis, public api, supported apis, get, ti indicator, entity, id -search.product: eADQiWindows 10XVcnh -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: article -ms.date: 12/08/2017 ---- - -# Get TI Indicator by ID API - -[!include[Prereleaseinformation](prerelease.md)] - ->[!Note] -> Currently this API is supported only for AppOnly context requests. (See [Get access without a user](exposed-apis-create-app-webapp.md) for more information) - - -**Applies to:** - -- Windows Defender Advanced Threat Protection (Windows Defender ATP) -Retrieves a TI Indicator entity by ID. - -## Permissions -One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md) - -Permission type | Permission | Permission display name -:---|:---|:--- -Application | Ti.ReadWrite | 'Read and write TI Indicators' - - -## HTTP request -``` -GET https://api.securitycenter.windows.com/api/tiindicators/{id} -``` - -[!include[Improve request performance](improverequestperformance-new.md)] - - -## Request headers - -Name | Type | Description -:---|:---|:--- -Authorization | String | Bearer {token}. **Required**. - - -## Request body -Empty - -## Response -If successful and TI Indicator exists - 200 OK with the [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity in the body. -If TI Indicator with the specified id was not found - 404 Not Found. - - -## Example - -**Request** - -Here is an example of the request. - -``` -GET https://api.securitycenter.windows.com/api/tiindicators/220e7d15b0b3d7fac48f2bd61114db1022197f7f -``` - -**Response** - -Here is an example of the response. - - -``` -HTTP/1.1 200 OK -Content-type: application/json -{ - "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#TiIndicators/$entity", - "indicator": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", - "indicatorType": "FileSha1", - "title": "test", - "creationTimeDateTimeUtc": "2018-10-24T10:54:23.2009016Z", - "createdBy": "45097602-0cfe-4cc6-925f-9f453233e62c", - "expirationTime": "2020-12-12T00:00:00Z", - "action": "AlertAndBlock", - "severity": "Informational", - "description": "test", - "recommendedActions": "TEST" -} - -``` diff --git a/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md index c08f3eba3d..837155f677 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md @@ -1,7 +1,7 @@ --- -title: List TiIndicators API -description: Use this API to create calls related to get TiIndicators collection -keywords: apis, public api, supported apis, TiIndicators collection +title: List Indicators API +description: Use this API to create calls related to get Indicators collection +keywords: apis, public api, supported apis, Indicators collection search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy @@ -17,32 +17,32 @@ ms.topic: article ms.date: 12/08/2017 --- -# List TiIndicators API +# List Indicators API + +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prereleaseinformation](prerelease.md)] >[!Note] -> Currently this API is supported only for AppOnly context requests. (See [Get access without a user](exposed-apis-create-app-webapp.md) for more information) +> Currently this API is supported only for AppOnly context requests. (See [Get access with application context](exposed-apis-create-app-webapp.md) for more information) -**Applies to:** - -- Windows Defender Advanced Threat Protection (Windows Defender ATP) - - Gets collection of TI Indicators. - Get TI Indicators collection API supports [OData V4 queries](https://www.odata.org/documentation/). +- Gets collection of TI Indicators. +- Get TI Indicators collection API supports [OData V4 queries](https://www.odata.org/documentation/). ## Permissions -One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md) +One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Get started](apis-intro.md) Permission type | Permission | Permission display name :---|:---|:--- -Application | Ti.ReadWrite | 'Read and write TI Indicators' +Application | Ti.ReadWrite | 'Read and write Indicators' +Application | Ti.ReadWrite.All | 'Read and write All Indicators' ## HTTP request ``` -GET https://api.securitycenter.windows.com/api/tiindicators +GET https://api.securitycenter.windows.com/api/indicators ``` [!include[Improve request performance](improverequestperformance-new.md)] @@ -58,20 +58,19 @@ Authorization | String | Bearer {token}. **Required**. Empty ## Response -If successful, this method returns 200, Ok response code with a collection of [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities. +If successful, this method returns 200, Ok response code with a collection of [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities. >[!Note] -> The response will only include TI Indicators that submitted by the calling Application. +> If the Application has 'Ti.ReadWrite.All' permission, it will be exposed to all Indicators. Otherwise, it will be exposed only to the Indicators it created. - -## Example +## Example 1: **Request** -Here is an example of a request that gets all TI Indicators +Here is an example of a request that gets all Indicators ``` -GET https://api.securitycenter.windows.com/api/tiindicators +GET https://api.securitycenter.windows.com/api/indicators ``` **Response** @@ -82,22 +81,23 @@ Here is an example of the response. HTTP/1.1 200 Ok Content-type: application/json { - "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#TiIndicators", + "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Indicators", "value": [ { - "indicator": "12.13.14.15", + "indicatorValue": "12.13.14.15", "indicatorType": "IpAddress", "title": "test", "creationTimeDateTimeUtc": "2018-10-24T11:15:35.3688259Z", "createdBy": "45097602-1234-5678-1234-9f453233e62c", "expirationTime": "2020-12-12T00:00:00Z", - "action": "AlertAndBlock", + "action": "Alert", "severity": "Informational", "description": "test", - "recommendedActions": "test" + "recommendedActions": "test", + "rbacGroupNames": [] }, { - "indicator": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", + "indicatorValue": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", "indicatorType": "FileSha1", "title": "test", "creationTimeDateTimeUtc": "2018-10-24T10:54:23.2009016Z", @@ -106,8 +106,48 @@ Content-type: application/json "action": "AlertAndBlock", "severity": "Informational", "description": "test", - "recommendedActions": "TEST" + "recommendedActions": "TEST", + "rbacGroupNames": [ "Group1", "Group2" ] } + ... + ] +} +``` + +## Example 2: + +**Request** + +Here is an example of a request that gets all Indicators with 'AlertAndBlock' action + +``` +GET https://api.securitycenter.windows.com/api/indicators?$filter=action eq 'AlertAndBlock' +``` + +**Response** + +Here is an example of the response. + +``` +HTTP/1.1 200 Ok +Content-type: application/json +{ + "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Indicators", + "value": [ + { + "indicatorValue": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", + "indicatorType": "FileSha1", + "title": "test", + "creationTimeDateTimeUtc": "2018-10-24T10:54:23.2009016Z", + "createdBy": "45097602-1234-5678-1234-9f453233e62c", + "expirationTime": "2020-12-12T00:00:00Z", + "action": "AlertAndBlock", + "severity": "Informational", + "description": "test", + "recommendedActions": "TEST", + "rbacGroupNames": [ "Group1", "Group2" ] + } + ... ] } ``` diff --git a/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md index c0f03256f8..75c9bc7f08 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md @@ -14,17 +14,14 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/08/2017 --- # Get user information API +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prerelease information](prerelease.md)] -**Applies to:** - -- Windows Defender Advanced Threat Protection (Windows Defender ATP) - Retrieve a User entity by key (user name). ## Permissions diff --git a/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md index 85086a77ec..a3597ff7ac 100644 --- a/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md @@ -101,7 +101,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": true, "aadDeviceId": "80fe8ff8-2624-418e-9591-41f0491218f9", "machineTags": [ "test tag 1", "test tag 2" ] }, @@ -120,7 +119,6 @@ Content-type: application/json "rbacGroupId": 140, "rbacGroupName": "The-A-Team", "riskScore": "Low", - "isAadJoined": false, "aadDeviceId": null, "machineTags": [ "test tag 1" ] } diff --git a/windows/security/threat-protection/windows-defender-atp/images/api-jwt-ms.png b/windows/security/threat-protection/windows-defender-atp/images/api-jwt-ms.png new file mode 100644 index 0000000000..c8a117dffe Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/api-jwt-ms.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/api-tenant-id.png b/windows/security/threat-protection/windows-defender-atp/images/api-tenant-id.png new file mode 100644 index 0000000000..ebac0b0e34 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/api-tenant-id.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/creating-account.png b/windows/security/threat-protection/windows-defender-atp/images/creating-account.png new file mode 100644 index 0000000000..54599d4b99 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/creating-account.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/setup-preferences.png b/windows/security/threat-protection/windows-defender-atp/images/setup-preferences.png new file mode 100644 index 0000000000..b1b9ba11c9 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/setup-preferences.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/setup-preferences2.png b/windows/security/threat-protection/windows-defender-atp/images/setup-preferences2.png new file mode 100644 index 0000000000..083f3a098d Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/setup-preferences2.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/webapp-add-permission-readalerts.png b/windows/security/threat-protection/windows-defender-atp/images/webapp-add-permission-readalerts.png new file mode 100644 index 0000000000..2872b71881 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/webapp-add-permission-readalerts.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/webapp-app-id1.png b/windows/security/threat-protection/windows-defender-atp/images/webapp-app-id1.png new file mode 100644 index 0000000000..4c058c2f93 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/webapp-app-id1.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/webapp-create.png b/windows/security/threat-protection/windows-defender-atp/images/webapp-create.png index a091db0189..dea9d8493d 100644 Binary files a/windows/security/threat-protection/windows-defender-atp/images/webapp-create.png and b/windows/security/threat-protection/windows-defender-atp/images/webapp-create.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/welcome1.png b/windows/security/threat-protection/windows-defender-atp/images/welcome1.png new file mode 100644 index 0000000000..7a52f49989 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/welcome1.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/initiate-autoir-investigation-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/initiate-autoir-investigation-windows-defender-advanced-threat-protection-new.md new file mode 100644 index 0000000000..7e91cf5285 --- /dev/null +++ b/windows/security/threat-protection/windows-defender-atp/initiate-autoir-investigation-windows-defender-advanced-threat-protection-new.md @@ -0,0 +1,98 @@ +--- +title: Initiate machine investigation API +description: Use this API to create calls related to initiating an investigation on a machine. +keywords: apis, graph api, supported apis, initiate AutoIR investigation +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +--- + +# Initiate machine investigation API (Preview) +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +> [!IMPORTANT] +> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. + +Initiate AutoIR investigation on a machine. + +>[!Note] +> This page focuses on performing an automated investigation on a machine. See [Automated Investigation](automated-investigations-windows-defender-advanced-threat-protection.md) for more information. + +## Limitations +1. The number of executions is limited (up to 5 calls per hour). +2. For Automated Investigation limitations, see [Automated Investigation](automated-investigations-windows-defender-advanced-threat-protection.md). + +## Permissions +One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md) + +Permission type | Permission | Permission display name +:---|:---|:--- +Application | Alert.ReadWrite.All | 'Read and write all alerts' +Delegated (work or school account) | Alert.ReadWrite | 'Read and write alerts' + +>[!Note] +> When obtaining a token using user credentials: +>- The user needs to have at least the following role permission: 'Alerts Investigation' (See [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md) for more information) +>- The user needs to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information) + +## HTTP request +``` +POST https://api.securitycenter.windows.com/api/machines/{id}/InitiateInvestigation +``` + +## Request headers + +Name | Type | Description +:---|:---|:--- +Authorization | String | Bearer {token}. **Required**. +Content-Type | string | application/json. **Required**. + +## Request body +In the request body, supply a JSON object with the following parameters: + +Parameter | Type | Description +:---|:---|:--- +Comment | String | Comment to associate with the action. **Required**. + +## Response +If successful, this method returns 200 OK response code with object that holds the investigation ID in the "value" parameter. If machine was not found - 404 Not Found. + +## Example + +**Request** + +Here is an example of the request. + +[!include[Improve request performance](improverequestperformance-new.md)] + +``` +POST https://api.securitycenter.windows.com/api/machines/fb9ab6be3965095a09c057be7c90f0a2/InitiateInvestigation +Content-type: application/json +{ + "Comment": "Initiate an investigation on machine fb9ab6be3965095a09c057be7c90f0a2" +} +``` + +**Response** + +Here is an example of the response. + +``` +HTTP/1.1 200 Created +Content-type: application/json +{ + "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Edm.Int64", + "value": 5146 +} + +``` diff --git a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md index c1e9c27b9c..9dcb0b6f60 100644 --- a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md @@ -57,67 +57,56 @@ When accessing [Windows Defender Security Center](https://SecurityCenter.Windows 1. Each time you access the portal you will need to validate that you are authorized to access the product. This **Set up your permissions** step will only be available if you are not currently authorized to access the product. - ![Image of Set up your permissions for WDATP](images\atp-setup-permissions-wdatp-portal.png) + ![Image of Set up your permissions for Windows Defender ATP](images\atp-setup-permissions-wdatp-portal.png) Once the authorization step is completed, the **Welcome** screen will be displayed. 2. The **Welcome** screen will provide some details as to what is about to occur during the set up wizard. - ![Image of Welcome screen for portal set up](images\atp-portal-welcome-screen.png) + ![Image of Welcome screen for portal set up](images\welcome1.png) You will need to set up your preferences for Windows Defender Security Center. -3. When onboarding the service for the first time, you can choose to store your data in the Microsoft Azure datacenters in the European Union, the United Kingdom, or the United States. Once configured, you cannot change the location where your data is stored. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations where your data will reside. Microsoft will not transfer the data from the specified geolocation. +3. Set up preferences + + ![Image of geographic location in set up](images\setup-preferences.png) - > [!WARNING] - > This option cannot be changed without completely offboarding from Windows Defender ATP and completing a new enrollment process. + 1. **Select data storage location**
When onboarding the service for the first time, you can choose to store your data in the Microsoft Azure datacenters in the United States, the European Union, or the United Kingdom. Once configured, you cannot change the location where your data is stored. This provides a convenient way to minimize compliance risk by actively selecting the geographic locations where your data will reside. Microsoft will not transfer the data from the specified geolocation. - ![Image of geographic location in set up](images\atp-geographic-location-setup.png) + > [!WARNING] + > This option cannot be changed without completely offboarding from Windows Defender ATP and completing a new enrollment process. -4. Windows Defender ATP will store data up to a period of 6 months in your cloud instance, however, you have the option to set the data retention period for a shorter timeframe during this step of the set up process. + 2. **Select the data retention policy**
Windows Defender ATP will store data up to a period of 6 months in your cloud instance, however, you have the option to set the data retention period for a shorter timeframe during this step of the set up process. - > [!NOTE] - > This option can be changed at a later time. + > [!NOTE] + > This option can be changed at a later time. - ![Image of data retention set up](images\atp-data-retention-policy.png) + 3. **Select the size of your organization**
You will need to indicate the size of your organization based on an estimate of the number of employees currently employed. -5. You will need to indicate the size of your organization based on an estimate of the number of employees currently employed. + > [!NOTE] + > The **organization size** question is not related to how many licenses were purchased for your organization. It is used by the service to optimize the creation of the data cluster for your organization. - > [!NOTE] - > The **organization size** question is not related to how many licenses were purchased for your organization. It is used by the service to optimize the creation of the data cluster for your organization. + 4. **Turn on preview features**
Learn about new features in the Windows Defender ATP preview release and be among the first to try upcoming features by turning on **Preview features**. - ![Image of organization size](images\atp-organization-size.png) - -6. The customer industry information is helpful in collecting data for the Windows Security Team, and while optional, would be useful if completed. - - > [!NOTE] - > This option can be changed at a later time. - - ![Image of industry information](images\atp-industry-information.png) - -7. Learn about new features in the Windows Defender ATP preview release and be among the first to try upcoming features by turning on **Preview features**. - - You'll have access to upcoming features which you can provide feedback on to help improve the overall experience before features are generally available. + You'll have access to upcoming features which you can provide feedback on to help improve the overall experience before features are generally available. - Toggle the setting between On and Off to choose **Preview features**. - > [!NOTE] - > This option can be changed at a later time. + > [!NOTE] + > This option can be changed at a later time. - ![Image of preview experience](images\atp-preview-experience.png) - -8. You will receive a warning notifying you that you won't be able to change some of your preferences once you click **Continue**. +4. You will receive a warning notifying you that you won't be able to change some of your preferences once you click **Continue**. > [!NOTE] > Some of these options can be changed at a later time in Windows Defender Security Center. - ![Image of final preference set up](images\atp-final-preference-setup.png) + ![Image of final preference set up](images\setup-preferences2.png) -9. A dedicated cloud instance of Windows Defender Security Center is being created at this time. This step will take an average of 5 minutes to complete. +5. A dedicated cloud instance of Windows Defender Security Center is being created at this time. This step will take an average of 5 minutes to complete. - ![Image of Windows Defender ATP cloud instance](images\atp-windows-cloud-instance-creation.png) + ![Image of Windows Defender ATP cloud instance](images\creating-account.png) -10. You are almost done. Before you can start using Windows Defender ATP you'll need to: +6. You are almost done. Before you can start using Windows Defender ATP you'll need to: - [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md) @@ -129,7 +118,7 @@ When accessing [Windows Defender Security Center](https://SecurityCenter.Windows > If you click **Start using Windows Defender ATP** before onboarding machines you will receive the following notification: >![Image of setup imcomplete](images\atp-setup-incomplete.png) -11. After onboarding machines you can click **Start using Windows Defender ATP**. You will now launch Windows Defender ATP for the first time. +7. After onboarding machines you can click **Start using Windows Defender ATP**. You will now launch Windows Defender ATP for the first time. ![Image of onboard machines](images\atp-onboard-endpoints-WDATP-portal.png) diff --git a/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md index 653407fdf7..d983539915 100644 --- a/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 05/08/2018 --- # Create and manage machine groups in Windows Defender ATP @@ -34,6 +33,9 @@ In Windows Defender ATP, you can create machine groups and use them to: - Limit access to related alerts and data to specific Azure AD user groups with [assigned RBAC roles](rbac-windows-defender-advanced-threat-protection.md) - Configure different auto-remediation settings for different sets of machines +>[!TIP] +> For a comprehensive look into RBAC application, read: [Is your SOC running flat with RBAC](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Is-your-SOC-running-flat-with-limited-RBAC/ba-p/320015). + As part of the process of creating a machine group, you'll: - Set the automated remediation level for that group. For more information on remediation levels, see [Use Automated investigation to investigate and remediate threats](automated-investigations-windows-defender-advanced-threat-protection.md). - Specify the matching rule that determines which machine group belongs to the group based on the machine name, domain, tags, and OS platform. If a machine is also matched to other groups, it is added only to the highest ranked machine group. @@ -44,6 +46,7 @@ As part of the process of creating a machine group, you'll: >A machine group is accessible to all users if you don’t assign any Azure AD groups to it. + ## Create a machine group 1. In the navigation pane, select **Settings** > **Machine groups**. diff --git a/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md index 72b05d4072..40687ef4f7 100644 --- a/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md @@ -14,10 +14,11 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 11/11/2018 --- # Machine resource type +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) # Methods @@ -35,18 +36,17 @@ Property | Type | Description :---|:---|:--- id | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) identity. computerDnsName | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) fully qualified name. -firstSeen | DateTimeOffset | First date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by WDATP. -lastSeen | DateTimeOffset | Last date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by WDATP. +firstSeen | DateTimeOffset | First date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by Windows Defender ATP. +lastSeen | DateTimeOffset | Last date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by Windows Defender ATP. osPlatform | String | OS platform. osVersion | String | OS Version. lastIpAddress | String | Last IP on local NIC on the [machine](machine-windows-defender-advanced-threat-protection-new.md). lastExternalIpAddress | String | Last IP through which the [machine](machine-windows-defender-advanced-threat-protection-new.md) accessed the internet. -agentVersion | String | Version of WDATP agent. +agentVersion | String | Version of Windows Defender ATP agent. osBuild | Nullable long | OS build number. healthStatus | Enum | [machine](machine-windows-defender-advanced-threat-protection-new.md) health status. Possible values are: "Active", "Inactive", "ImpairedCommunication", "NoSensorData" and "NoSensorDataImpairedCommunication" rbacGroupId | Int | RBAC Group ID. rbacGroupName | String | RBAC Group Name. -riskScore | Nullable Enum | Risk score as evaluated by WDATP. Possible values are: 'None', 'Low', 'Medium' and 'High'. -isAadJoined | Nullable Boolean | Is [machine](machine-windows-defender-advanced-threat-protection-new.md) AAD joined. +riskScore | Nullable Enum | Risk score as evaluated by Windows Defender ATP. Possible values are: 'None', 'Low', 'Medium' and 'High'. aadDeviceId | Nullable Guid | AAD Device ID (when [machine](machine-windows-defender-advanced-threat-protection-new.md) is Aad Joined). machineTags | String collection | Set of [machine](machine-windows-defender-advanced-threat-protection-new.md) tags. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md index 29d142c046..c4f16727e0 100644 --- a/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md @@ -20,7 +20,7 @@ ms.date: 12/08/2017 # MachineAction resource type **Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prereleaseinformation](prerelease.md)] @@ -35,7 +35,7 @@ Method|Return Type |Description [Restrict app execution](restrict-code-execution-windows-defender-advanced-threat-protection-new.md) | [Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Restrict application execution. [Remove app restriction](unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md) | [Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Remove application execution restriction. [Run antivirus scan](run-av-scan-windows-defender-advanced-threat-protection-new.md) | [Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Run an AV scan using Windows Defender (when applicable). -[Offboard machine](offboard-machine-api-windows-defender-advanced-threat-protection-new.md)|[Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Offboard [machine](machine-windows-defender-advanced-threat-protection-new.md) from WDATP. +[Offboard machine](offboard-machine-api-windows-defender-advanced-threat-protection-new.md)|[Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Offboard [machine](machine-windows-defender-advanced-threat-protection-new.md) from Windows Defender ATP. # Properties Property | Type | Description diff --git a/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md b/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md index fcbd68ecec..3f4a20dcbc 100644 --- a/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md +++ b/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md @@ -3,4 +3,4 @@ ms.date: 08/28/2017 author: zavidor --- >[!Note] -> This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via WDATP. +> This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via Windows Defender ATP. diff --git a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md index 56f599b483..fe70b2cba7 100644 --- a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md @@ -67,7 +67,15 @@ Create custom rules to control when alerts are suppressed, or resolved. You can 1. Select the alert you'd like to suppress. This brings up the **Alert management** pane. -2. Select **Create a supression rule**. +2. Select **Create a suppression rule**. + + You can create a suppression rule based on the following attributes: + + * File hash + * File name - wild card supported + * File path - wild card supported + * IP + * URL - wild card supported 3. Select the **Trigerring IOC**. diff --git a/windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..c11ff2b24d --- /dev/null +++ b/windows/security/threat-protection/windows-defender-atp/manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md @@ -0,0 +1,82 @@ +--- +title: Manage allowed/blocked lists +description: Create indicators for a file hash, IP address, URLs or domains that define the detection, prevention, and exclusion of entities. +keywords: manage, allowed, blocked, whitelist, blacklist, block, clean, malicious, file hash, ip address, urls, domain +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +--- + +# Manage allowed/blocked lists + +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +[!include[Prerelease information](prerelease.md)] + +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) + + +Create indicators that define the detection, prevention, and exclusion of entities. You can define the action to be taken as well as the duration for when to apply the action as well as the scope of the machine group to apply it to. + +On the top navigation you can: +- Import a list +- Add an indicator +- Customize columns to add or remove columns +- Export the entire list in CSV format +- Select the items to show per page +- Navigate between pages +- Apply filters + +## Create an indicator +1. In the navigation pane, select **Settings** > **Allowed/blocked list**. + +2. Select the tab of the type of entity you'd like to create an indicator for. You can choose any of the following entities: + - File hash + - IP address + - URLs/Domains + +3. Click **Add indicator**. + +4. For each attribute specify the following details: + - Indicator - Specify the entity details and define the expiration of the indicator. + - Action - Specify the action to be taken and provide a description. + - Scope - Define the scope of the machine group. + +5. Review the details in the Summary tab, then click **Save**. + + +>[!NOTE] +>Blocking IPs, domains, or URLs is currently available on limited preview only. This requires sending your custom list to [network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection) to be enforeced. While the option is not yet generally available, it will only be used when identified during an investigation. + + +## Manage indicators +1. In the navigation pane, select **Settings** > **Allowed/blocked list**. + +2. Select the tab of the entity type you'd like to manage. + +3. Update the details of the indicator and click **Save** or click the **Delete** button if you'd like to remove the entity from the list. + +## Import a list +You can also choose to upload a CSV file that defines the attributes of indicators, the action to be taken, and other details. + +Download the sample CSV to know the supported column attributes. + + +## Related topics +- [Manage automation allowed/blocked lists](manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md) + + + + + diff --git a/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md index 47c3f41079..5afed1e6df 100644 --- a/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md @@ -15,14 +15,11 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 06/14/2018 --- # Manage automation allowed/blocked lists **Applies to:** - - - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) @@ -70,4 +67,5 @@ You can define the conditions for when entities are identified as malicious or s ## Related topics - [Manage automation file uploads](manage-automation-file-uploads-windows-defender-advanced-threat-protection.md) -- [Manage automation folder exclusions](manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md) \ No newline at end of file +- [Manage allowed/blocked lists](manage-allowed-blocked-list-windows-defender-advanced-threat-protection.md) +- [Manage automation folder exclusions](manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/management-apis.md b/windows/security/threat-protection/windows-defender-atp/management-apis.md index f28e7a6997..c0408e9e5f 100644 --- a/windows/security/threat-protection/windows-defender-atp/management-apis.md +++ b/windows/security/threat-protection/windows-defender-atp/management-apis.md @@ -61,7 +61,7 @@ Managed security service provider | Get a quick overview on managed security ser ## Related topics - [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md) - [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md) -- [Use the Windows Defender ATP exposed APIs](use-apis.md) +- [Windows Defender ATP Public API](use-apis.md) - [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md) - [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md) - [Role-based access control](rbac-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md index 27b07e63d4..afd1ba57b5 100644 --- a/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md @@ -1,7 +1,7 @@ --- title: Minimum requirements for Windows Defender ATP -description: Minimum network and data storage configuration, machine hardware and software requirements, and deployment channel requirements for Windows Defender ATP. -keywords: minimum requirements, Windows Defender Advanced Threat Protection minimum requirements, network and data storage, machine configuration, deployment channel +description: Understand the licensing requirements and requirements for onboarding machines to the sercvie +keywords: minimum requirements, licensing, comparison table search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 11/20/2018 --- # Minimum requirements for Windows Defender ATP @@ -43,6 +42,7 @@ For more information on the array of features in Windows 10 editions, see [Compa For a detailed comparison table of Windows 10 commercial edition comparison, see the [comparison PDF](https://go.microsoft.com/fwlink/p/?linkid=2069559). +For more information about licensing requirements for Windows Defender ATP platform on Windows Server, see [Protecting Windows Servers with Windows Defender ATP](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Protecting-Windows-Server-with-Windows-Defender-ATP/ba-p/267114). ## Related topic diff --git a/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md index a228a7ad08..50855b0351 100644 --- a/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md @@ -14,16 +14,15 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/08/2017 --- # Offboard machine API **Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prereleaseinformation](prerelease.md)] -Offboard machine from WDATP. +Offboard machine from Windows Defender ATP. [!include[Machine actions note](machineactionsnote.md)] diff --git a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md index 0cb3ee7552..700436d636 100644 --- a/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection.md @@ -66,7 +66,7 @@ Review the following details to verify minimum system requirements: - Install either [.NET framework 4.5](https://www.microsoft.com/en-us/download/details.aspx?id=30653) (or later) or [KB3154518](https://support.microsoft.com/help/3154518/support-for-tls-system-default-versions-included-in-the-net-framework) - >[NOTE] + >[!NOTE] >Only applicable for Windows 7 SP1 Enterprise and Windows 7 SP1 Pro. >Don't install .NET framework 4.0.x, since it will negate the above installation. diff --git a/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md index 05d103da75..352394a662 100644 --- a/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md @@ -44,7 +44,7 @@ When you open the portal, you’ll see the main areas of the application: - (3) Search, Community center, Time settings, Help and support, Feedback > [!NOTE] -> Malware related detections will only appear if your machines are using [Windows Defender Antivirus](https://technet.microsoft.com/library/mt622091(v=vs.85).aspx) as the default real-time protection antimalware product. +> Malware related detections will only appear if your machines are using Windows Defender Antivirus as the default real-time protection antimalware product. You can navigate through the portal using the menu options available in all sections. Refer to the following table for a description of each section. diff --git a/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md index 52645783c6..1116788ea1 100644 --- a/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md @@ -1,7 +1,7 @@ --- -title: Submit or Update Ti Indicator API -description: Use this API to submit or Update Ti Indicator. -keywords: apis, graph api, supported apis, submit, ti, ti indicator, update +title: Submit or Update Indicator API +description: Use this API to submit or Update Indicator. +keywords: apis, graph api, supported apis, submit, ti, indicator, update search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy @@ -17,32 +17,32 @@ ms.topic: article ms.date: 12/08/2017 --- -# Submit or Update TI Indicator API +# Submit or Update Indicator API + +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prerelease information](prerelease.md)] >[!Note] -> Currently this API is supported only for AppOnly context requests. (See [Get access without a user](exposed-apis-create-app-webapp.md) for more information) +> Currently this API is supported only for AppOnly context requests. (See [Get access with application context](exposed-apis-create-app-webapp.md) for more information) -**Applies to:** - -- Windows Defender Advanced Threat Protection (Windows Defender ATP) - -- Submits or Updates new [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. +- Submits or Updates new [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. ## Permissions -One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md) +One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Get started](apis-intro.md) Permission type | Permission | Permission display name :---|:---|:--- -Application | Ti.ReadWrite | 'Read and write TI Indicators' +Application | Ti.ReadWrite | 'Read and write Indicators' +Application | Ti.ReadWrite.All | 'Read and write All Indicators' ## HTTP request ``` -POST https://api.securitycenter.windows.com/api/tiindicators +POST https://api.securitycenter.windows.com/api/indicators ``` [!include[Improve request performance](improverequestperformance-new.md)] @@ -60,10 +60,10 @@ In the request body, supply a JSON object with the following parameters: Parameter | Type | Description :---|:---|:--- -indicator | String | Identity of the [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. **Required** +indicatorValue | String | Identity of the [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. **Required** indicatorType | Enum | Type of the indicator. Possible values are: "FileSha1", "FileSha256", "IpAddress", "DomainName" and "Url". **Required** action | Enum | The action that will be taken if the indicator will be discovered in the organization. Possible values are: "Alert", "AlertAndBlock", and "Allowed". **Required** -title | String | TI indicator alert title. **Optional** +title | String | Indicator alert title. **Optional** expirationTime | DateTimeOffset | The expiration time of the indicator. **Optional** severity | Enum | The severity of the indicator. possible values are: "Informational", "Low", "Medium" and "High". **Optional** description | String | Description of the indicator. **Optional** @@ -71,8 +71,8 @@ recommendedActions | String | TI indicator alert recommended actions. **Optional ## Response -- If successful, this method returns 200 - OK response code and the created / updated [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity in the response body. -- If not successful: this method return 400 - Bad Request / 409 - Conflict with the failure reason. Bad request usually indicates incorrect body and Conflict can happen if you try to submit a TI Indicator with existing indicator value but with different Indicator type or Action. +- If successful, this method returns 200 - OK response code and the created / updated [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity in the response body. +- If not successful: this method return 400 - Bad Request / 409 - Conflict with the failure reason. Bad request usually indicates incorrect body and Conflict can happen if you try to submit an Indicator that conflicts with an existing Indicator type or Action. ## Example @@ -81,10 +81,10 @@ recommendedActions | String | TI indicator alert recommended actions. **Optional Here is an example of the request. ``` -POST https://api.securitycenter.windows.com/api/tiindicators +POST https://api.securitycenter.windows.com/api/indicators Content-type: application/json { - "indicator": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", + "indicatorValue": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", "indicatorType": "FileSha1", "title": "test", "expirationTime": "2020-12-12T00:00:00Z", @@ -103,8 +103,8 @@ Here is an example of the response. HTTP/1.1 200 OK Content-type: application/json { - "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#MachineActions/$entity", - "indicator": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", + "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Indicators/$entity", + "indicatorValue": "220e7d15b0b3d7fac48f2bd61114db1022197f7f", "indicatorType": "FileSha1", "title": "test", "creationTimeDateTimeUtc": "2018-10-24T10:54:23.2009016Z", @@ -113,7 +113,8 @@ Content-type: application/json "action": "AlertAndBlock", "severity": "Informational", "description": "test", - "recommendedActions": "TEST" + "recommendedActions": "TEST", + "rbacGroupNames": [] } ``` diff --git a/windows/security/threat-protection/windows-defender-atp/prerelease.md b/windows/security/threat-protection/windows-defender-atp/prerelease.md index c910af7f12..f3b45c2b5a 100644 --- a/windows/security/threat-protection/windows-defender-atp/prerelease.md +++ b/windows/security/threat-protection/windows-defender-atp/prerelease.md @@ -1,6 +1,6 @@ --- ms.date: 08/28/2017 --- ->[!IMPORTANT] +>[!IMPORTANT] >Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md index a29f67c9e1..22a8c2fd31 100644 --- a/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md @@ -17,7 +17,7 @@ ms.collection: M365-security-compliance ms.topic: article --- -# Pull Windows Defender ATP alerts using REST API +# Pull Windows Defender ATP alerts using SIEM REST API **Applies to:** - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-api.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-api.md index b3d7d901b7..5077e43d6c 100644 --- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-api.md +++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-api.md @@ -18,22 +18,19 @@ ms.date: 09/03/2018 --- # Advanced hunting API -**Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) [!include[Prerelease information](prerelease.md)] - - This API allows you to run programmatic queries that you are used to running from [Windows Defender ATP Portal](https://securitycenter.windows.com/hunting). ## Limitations -This API is a beta version only and is currently restricted to the following actions: -1. ​You can only run a query on data from the last 30 days +1. You can only run a query on data from the last 30 days 2. The results will include a maximum of 10,000 rows -3. The number of executions is limited​ (up to 15 calls per minute, 15 minutes of running time every hour and 4 hours of running time a day) +3. The number of executions is limited (up to 15 calls per minute, 15 minutes of running time every hour and 4 hours of running time a day) +4. The maximal execution time of a single request is 10 minutes. ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md) @@ -45,7 +42,7 @@ Delegated (work or school account) | AdvancedQuery.Read | 'Run advanced queries' >[!Note] > When obtaining a token using user credentials: ->- The user needs to have 'Global Admin' AD role (note: will be updated soon to 'View Data') +>- The user needs to have 'View Data' AD role >- The user needs to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information) ## HTTP request @@ -135,7 +132,7 @@ Content-Type: application/json​ ## T​roubl​eshoot issues -- Error: (403) Forbidden +- Error: (403) Forbidden / (401) Unauthorized If you get this error when calling Windows Defender ATP API, your token might not include the necessary permission. diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md index dbbd0cd122..9282b0c321 100644 --- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md +++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-app-token.md @@ -14,7 +14,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 30/07/2018 --- # Create custom reports using Power BI (app authentication) diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md index f4b88a4481..336ac77edb 100644 --- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md +++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-power-bi-user-token.md @@ -14,7 +14,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 30/07/2018 --- # Create custom reports using Power BI (user authentication) diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md index 88eb22a167..547b531909 100644 --- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md +++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md @@ -19,7 +19,7 @@ ms.date: 09/24/2018 # Advanced Hunting using PowerShell **Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prerelease information](prerelease.md)] @@ -65,7 +65,7 @@ $aadToken = $response.access_token where - $tenantId: ID of the tenant on behalf of which you want to run the query (i.e., the query will be run on the data of this tenant) -- $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to WDATP) +- $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to Windows Defender ATP) - $appSecret: Secret of your AAD app ## Run query diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md index 2b39edf624..07bb15a7cf 100644 --- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md +++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md @@ -14,7 +14,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 30/07/2018 --- # Advanced Hunting using Python @@ -65,7 +64,7 @@ aadToken = jsonResponse["access_token"] where - tenantId: ID of the tenant on behalf of which you want to run the query (i.e., the query will be run on the data of this tenant) -- appId: ID of your AAD app (the app must have 'Run advanced queries' permission to WDATP) +- appId: ID of your AAD app (the app must have 'Run advanced queries' permission to Windows Defender ATP) - appSecret: Secret of your AAD app ## Run query diff --git a/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md deleted file mode 100644 index 225465fee0..0000000000 --- a/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md +++ /dev/null @@ -1,57 +0,0 @@ ---- -title: Threat analytics for Spectre and Meltdown -description: Get a tailored organizational risk evaluation and actionable steps you can take to minimize risks in your organization. -keywords: threat analytics, risk evaluation, OS mitigation, microcode mitigation, mitigation status -search.product: eADQiWindows 10XVcnh -search.appverid: met150 -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: article -ms.date: 09/03/2018 ---- - -# Threat analytics for Spectre and Meltdown -**Applies to:** -- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -The **Threat analytics** dashboard provides insight on how emerging threats affect your organization. It provides information that's specific for your organization. - -[Spectre and Meltdown](https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/) is a new class of exploits that take advantage of critical vulnerabilities in the CPU processors, allowing attackers running user-level, non-admin code to steal data from kernel memory. These exploits can potentially allow arbitrary non-admin code running on a host machine to harvest sensitive data belonging to other apps or system processes, including apps on guest VMs. - -Mitigating these vulnerabilities involves a complex multivendor update. It requires updates to Windows and Microsoft browsers using the [January 2018 Security Updates from Microsoft](https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/858123b8-25ca-e711-a957-000d3a33cf99) and updates to processor microcode using fixes released by OEM and CPU vendors. - -## Prerequisites -Note the following requirements and limitations of the charts and what you might be able to do to improve visibility of the mitigation status of machines in your network: - -- Only active machines running Windows 10 are checked for OS mitigations. -- When checking for microcode mitgations, Windows Defender ATP currently checks for updates applicable to Intel CPU processors only. -- To determine microcode mitigation status, machines must enable Windows Defender Antivirus and update to Security intelligence version 1.259.1545.0 or above. -- To be covered under the overall mitigation status, machines must have both OS and microcode mitigation information. - -## Assess organizational risk with Threat analytics - -Threat analytics helps you continually assess and control risk exposure to Spectre and Meltdown. Use the charts to quickly identify machines for the presence or absence of the following mitigations: - -- **OS mitigation**: Identifies machines that have installed the January 2018 Security Updates from Microsoft and have not explicitly disabled any of the OS mitigations provided with these updates -- **Microcode mitigation**: Identifies machines that have installed the necessary microcode updates or those that do not require them -- **Overall mitigation status**: Identifies the completeness by which machines have mitigated against the Spectre and Meltdown exploits - - -To access Threat analytics, from the navigation pane select **Dashboards** > **Threat analytics**. - -Click a section of each chart to get a list of the machines in the corresponding mitigation status. - -## Related topics -- [Threat analytics](threat-analytics.md) -- [Overview of Secure Score in Windows Defender Security Center](overview-secure-score-windows-defender-advanced-threat-protection.md) -- [Configure the security controls in Secure score](secure-score-dashboard-windows-defender-advanced-threat-protection.md) - - diff --git a/windows/security/threat-protection/windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md index e7d1f84fe2..ae5f7b984d 100644 --- a/windows/security/threat-protection/windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md @@ -1,7 +1,7 @@ --- -title: TiIndicator resource type -description: TiIndicator entity description. -keywords: apis, supported apis, get, TiIndicator, recent +title: Indicator resource type +description: Indicator entity description. +keywords: apis, supported apis, get, TiIndicator, Indicator, recent search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy @@ -14,36 +14,35 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 12/08/2017 --- -# TI(threat intelligence) Indicator resource type +# Indicator resource type -**Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +**Applies to:** - Windows Defender Advanced Threat Protection (Windows Defender ATP) -[!include[Prereleaseinformation](prerelease.md)] +[!include[Prerelease information](prerelease.md)] Method|Return Type |Description :---|:---|:--- -[List TI Indicators](get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md) | [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) Collection | List [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities. -[Get TI Indicator by ID](get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) | [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) | Gets the requested [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. -[Submit TI Indicator](post-ti-indicator-windows-defender-advanced-threat-protection-new.md) | [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) | Submits [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. -[Delete TI Indicator](delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) | No Content | Deletes [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. +[List Indicators](get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md) | [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) Collection | List [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities. +[Submit Indicator](post-ti-indicator-windows-defender-advanced-threat-protection-new.md) | [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) | Submits [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. +[Delete Indicator](delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) | No Content | Deletes [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. +- See the corresponding [page](https://securitycenter.windows.com/preferences2/custom_ti_indicators/files) in the portal: # Properties Property | Type | Description :---|:---|:--- -indicator | String | Identity of the [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. +indicatorValue | String | Identity of the [Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. indicatorType | Enum | Type of the indicator. Possible values are: "FileSha1", "FileSha256", "IpAddress", "DomainName" and "Url" -title | String | Ti indicator alert title. +title | String | Indicator alert title. creationTimeDateTimeUtc | DateTimeOffset | The date and time when the indicator was created. createdBy | String | Identity of the user/application that submitted the indicator. expirationTime | DateTimeOffset | The expiration time of the indicator action | Enum | The action that will be taken if the indicator will be discovered in the organization. Possible values are: "Alert", "AlertAndBlock", and "Allowed" severity | Enum | The severity of the indicator. possible values are: "Informational", "Low", "Medium" and "High" description | String | Description of the indicator. -recommendedActions | String | TI indicator alert recommended actions. +recommendedActions | String | Indicator alert recommended actions. +rbacGroupNames | List of strings | RBAC group names where the indicator is exposed. Empty list in case it exposed to all groups. diff --git a/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md index 18107685ed..38a88cfe19 100644 --- a/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md @@ -1,313 +1,312 @@ ---- -title: Troubleshoot Windows Defender ATP onboarding issues -description: Troubleshoot issues that might arise during the onboarding of machines or to the Windows Defender ATP service. -keywords: troubleshoot onboarding, onboarding issues, event viewer, data collection and preview builds, sensor data and diagnostics -search.product: eADQiWindows 10XVcnh -search.appverid: met150 -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: troubleshooting -ms.date: 09/07/2018 ---- - -# Troubleshoot Windows Defender Advanced Threat Protection onboarding issues - -**Applies to:** -- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -- Windows Server 2012 R2 -- Windows Server 2016 - - - -You might need to troubleshoot the Windows Defender ATP onboarding process if you encounter issues. -This page provides detailed steps to troubleshoot onboarding issues that might occur when deploying with one of the deployment tools and common errors that might occur on the machines. - -If you have completed the onboarding process and don't see machines in the [Machines list](investigate-machines-windows-defender-advanced-threat-protection.md) after an hour, it might indicate an onboarding or connectivity problem. - -## Troubleshoot onboarding when deploying with Group Policy -Deployment with Group Policy is done by running the onboarding script on the machines. The Group Policy console does not indicate if the deployment has succeeded or not. - -If you have completed the onboarding process and don't see machines in the [Machines list](investigate-machines-windows-defender-advanced-threat-protection.md) after an hour, you can check the output of the script on the machines. For more information, see [Troubleshoot onboarding when deploying with a script](#troubleshoot-onboarding-when-deploying-with-a-script). - -If the script completes successfully, see [Troubleshoot onboarding issues](#troubleshoot-onboarding-issues) for additional errors that might occur. - -## Troubleshoot onboarding issues when deploying with System Center Configuration Manager -When onboarding machines using the following versions of System Center Configuration Manager: -- System Center 2012 Configuration Manager -- System Center 2012 R2 Configuration Manager -- System Center Configuration Manager (current branch) version 1511 -- System Center Configuration Manager (current branch) version 1602 - - -Deployment with the above-mentioned versions of System Center Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console. - -If the deployment fails, you can check the output of the script on the machines. - -If the onboarding completed successfully but the machines are not showing up in the **Machines list** after an hour, see [Troubleshoot onboarding issues](#troubleshoot-onboarding-issues) for additional errors that might occur. - -## Troubleshoot onboarding when deploying with a script - -**Check the result of the script on the machine**: -1. Click **Start**, type **Event Viewer**, and press **Enter**. - -2. Go to **Windows Logs** > **Application**. - -3. Look for an event from **WDATPOnboarding** event source. - -If the script fails and the event is an error, you can check the event ID in the following table to help you troubleshoot the issue. -> [!NOTE] -> The following event IDs are specific to the onboarding script only. - -Event ID | Error Type | Resolution steps -:---|:---|:--- -5 | Offboarding data was found but couldn't be deleted | Check the permissions on the registry, specifically ```HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection```. -10 | Onboarding data couldn't be written to registry | Check the permissions on the registry, specifically
```HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat```.
Verify that the script was ran as an administrator. -15 | Failed to start SENSE service |Check the service health (```sc query sense``` command). Make sure it's not in an intermediate state (*'Pending_Stopped'*, *'Pending_Running'*) and try to run the script again (with administrator rights).

If the machine is running Windows 10, version 1607 and running the command `sc query sense` returns `START_PENDING`, reboot the machine. If rebooting the machine doesn't address the issue, upgrade to KB4015217 and try onboarding again. -15 | Failed to start SENSE service | If the message of the error is: System error 577 has occurred. You need to enable the Windows Defender Antivirus ELAM driver, see [Ensure that Windows Defender Antivirus is not disabled by a policy](#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy) for instructions. -30 | The script failed to wait for the service to start running | The service could have taken more time to start or has encountered errors while trying to start. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md). -35 | The script failed to find needed onboarding status registry value | When the SENSE service starts for the first time, it writes onboarding status to the registry location
```HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status```.
The script failed to find it after several seconds. You can manually test it and check if it's there. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md). -40 | SENSE service onboarding status is not set to **1** | The SENSE service has failed to onboard properly. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md). -65 | Insufficient privileges| Run the script again with administrator privileges. - -## Troubleshoot onboarding issues using Microsoft Intune -You can use Microsoft Intune to check error codes and attempt to troubleshoot the cause of the issue. - -If you have configured policies in Intune and they are not propagated on machines, you might need to configure automatic MDM enrollment. - -Use the following tables to understand the possible causes of issues while onboarding: - -- Microsoft Intune error codes and OMA-URIs table -- Known issues with non-compliance table -- Mobile Device Management (MDM) event logs table - -If none of the event logs and troubleshooting steps work, download the Local script from the **Machine management** section of the portal, and run it in an elevated command prompt. - -**Microsoft Intune error codes and OMA-URIs**: - - -Error Code Hex | Error Code Dec | Error Description | OMA-URI | Possible cause and troubleshooting steps -:---|:---|:---|:---|:--- -0x87D1FDE8 | -2016281112 | Remediation failed | Onboarding
Offboarding | **Possible cause:** Onboarding or offboarding failed on a wrong blob: wrong signature or missing PreviousOrgIds fields.

**Troubleshooting steps:**
Check the event IDs in the [View agent onboarding errors in the machine event log](#view-agent-onboarding-errors-in-the-endpoint-event-log) section.

Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://msdn.microsoft.com/library/windows/hardware/mt632120%28v=vs.85%29.aspx). - | | | | Onboarding
Offboarding
SampleSharing | **Possible cause:** Windows Defender ATP Policy registry key does not exist or the OMA DM client doesn't have permissions to write to it.

**Troubleshooting steps:** Ensure that the following registry key exists: ```HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection```

If it doesn't exist, open an elevated command and add the key. - | | | | SenseIsRunning
OnboardingState
OrgId | **Possible cause:** An attempt to remediate by read-only property. Onboarding has failed.

**Troubleshooting steps:** Check the troubleshooting steps in [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](#troubleshoot-windows-defender-advanced-threat-protection-onboarding-issues).

Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://msdn.microsoft.com/library/windows/hardware/mt632120%28v=vs.85%29.aspx). - || | | All | **Possible cause:** Attempt to deploy Windows Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

Currently is supported platforms: Enterprise, Education, and Professional.
Server is not supported. - 0x87D101A9 | -2016345687 |Syncml(425): The requested command failed because the sender does not have adequate access control permissions (ACL) on the recipient. | All | **Possible cause:** Attempt to deploy Windows Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

Currently is supported platforms: Enterprise, Education, and Professional. - -
-**Known issues with non-compliance** - -The following table provides information on issues with non-compliance and how you can address the issues. - -Case | Symptoms | Possible cause and troubleshooting steps -:---|:---|:--- -1 | Machine is compliant by SenseIsRunning OMA-URI. But is non-compliant by OrgId, Onboarding and OnboardingState OMA-URIs. | **Possible cause:** Check that user passed OOBE after Windows installation or upgrade. During OOBE onboarding couldn't be completed but SENSE is running already.

**Troubleshooting steps:** Wait for OOBE to complete. -2 | Machine is compliant by OrgId, Onboarding, and OnboardingState OMA-URIs, but is non-compliant by SenseIsRunning OMA-URI. | **Possible cause:** Sense service's startup type is set as "Delayed Start". Sometimes this causes the Microsoft Intune server to report the machine as non-compliant by SenseIsRunning when DM session occurs on system start.

**Troubleshooting steps:** The issue should automatically be fixed within 24 hours. -3 | Machine is non-compliant | **Troubleshooting steps:** Ensure that Onboarding and Offboarding policies are not deployed on the same machine at same time. - -
-**Mobile Device Management (MDM) event logs** - -View the MDM event logs to troubleshoot issues that might arise during onboarding: - -Log name: Microsoft\Windows\DeviceManagement-EnterpriseDiagnostics-Provider - -Channel name: Admin - -ID | Severity | Event description | Troubleshooting steps -:---|:---|:---|:--- -1819 | Error | Windows Defender Advanced Threat Protection CSP: Failed to Set Node's Value. NodeId: (%1), TokenName: (%2), Result: (%3). | Download the [Cumulative Update for Windows 10, 1607](https://go.microsoft.com/fwlink/?linkid=829760). - -## Troubleshoot onboarding issues on the machine -If the deployment tools used does not indicate an error in the onboarding process, but machines are still not appearing in the machines list in an hour, go through the following verification topics to check if an error occurred with the Windows Defender ATP agent: -- [View agent onboarding errors in the machine event log](#view-agent-onboarding-errors-in-the-endpoint-event-log) -- [Ensure the diagnostic data service is enabled](#ensure-the-diagnostics-service-is-enabled) -- [Ensure the service is set to start](#ensure-the-service-is-set-to-start) -- [Ensure the machine has an Internet connection](#ensure-the-endpoint-has-an-internet-connection) -- [Ensure that Windows Defender Antivirus is not disabled by a policy](#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy) - - -### View agent onboarding errors in the machine event log - -1. Click **Start**, type **Event Viewer**, and press **Enter**. - -2. In the **Event Viewer (Local)** pane, expand **Applications and Services Logs** > **Microsoft** > **Windows** > **SENSE**. - - > [!NOTE] - > SENSE is the internal name used to refer to the behavioral sensor that powers Windows Defender ATP. - -3. Select **Operational** to load the log. - -4. In the **Action** pane, click **Filter Current log**. - -5. On the **Filter** tab, under **Event level:** select **Critical**, **Warning**, and **Error**, and click **OK**. - - ![Image of Event Viewer log filter](images/filter-log.png) - -6. Events which can indicate issues will appear in the **Operational** pane. You can attempt to troubleshoot them based on the solutions in the following table: - -Event ID | Message | Resolution steps -:---|:---|:--- -5 | Windows Defender Advanced Threat Protection service failed to connect to the server at _variable_ | [Ensure the machine has Internet access](#ensure-the-endpoint-has-an-internet-connection). -6 | Windows Defender Advanced Threat Protection service is not onboarded and no onboarding parameters were found. Failure code: _variable_ | [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md). -7 | Windows Defender Advanced Threat Protection service failed to read the onboarding parameters. Failure code: _variable_ | [Ensure the machine has Internet access](#ensure-the-endpoint-has-an-internet-connection), then run the entire onboarding process again. -9 | Windows Defender Advanced Threat Protection service failed to change its start type. Failure code: variable | If the event happened during onboarding, reboot and re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md).

If the event happened during offboarding, contact support. -10 | Windows Defender Advanced Threat Protection service failed to persist the onboarding information. Failure code: variable | If the event happened during onboarding, re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md).

If the problem persists, contact support. -15 | Windows Defender Advanced Threat Protection cannot start command channel with URL: _variable_ | [Ensure the machine has Internet access](#ensure-the-endpoint-has-an-internet-connection). -17 | Windows Defender Advanced Threat Protection service failed to change the Connected User Experiences and Telemetry service location. Failure code: variable | [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md). If the problem persists, contact support. -25 | Windows Defender Advanced Threat Protection service failed to reset health status in the registry. Failure code: _variable_ | Contact support. -27 | Failed to enable Windows Defender Advanced Threat Protection mode in Windows Defender. Onboarding process failed. Failure code: variable | Contact support. -29 | Failed to read the offboarding parameters. Error type: %1, Error code: %2, Description: %3 | Ensure the machine has Internet access, then run the entire offboarding process again. -30 | Failed to disable $(build.sense.productDisplayName) mode in Windows Defender Advanced Threat Protection. Failure code: %1 | Contact support. -32 | $(build.sense.productDisplayName) service failed to request to stop itself after offboarding process. Failure code: %1 | Verify that the service start type is manual and reboot the machine. -55 | Failed to create the Secure ETW autologger. Failure code: %1 | Reboot the machine. -63 | Updating the start type of external service. Name: %1, actual start type: %2, expected start type: %3, exit code: %4 | Identify what is causing changes in start type of mentioned service. If the exit code is not 0, fix the start type manually to expected start type. -64 | Starting stopped external service. Name: %1, exit code: %2 | Contact support if the event keeps re-appearing. -68 | The start type of the service is unexpected. Service name: %1, actual start type: %2, expected start type: %3 | Identify what is causing changes in start type. Fix mentioned service start type. -69 | The service is stopped. Service name: %1 | Start the mentioned service. Contact support if persists. - -
-There are additional components on the machine that the Windows Defender ATP agent depends on to function properly. If there are no onboarding related errors in the Windows Defender ATP agent event log, proceed with the following steps to ensure that the additional components are configured correctly. - - -### Ensure the diagnostic data service is enabled -If the machines aren't reporting correctly, you might need to check that the Windows 10 diagnostic data service is set to automatically start and is running on the machine. The service might have been disabled by other programs or user configuration changes. - -First, you should check that the service is set to start automatically when Windows starts, then you should check that the service is currently running (and start it if it isn't). - -### Ensure the service is set to start - -**Use the command line to check the Windows 10 diagnostic data service startup type**: - -1. Open an elevated command-line prompt on the machine: - - a. Click **Start**, type **cmd**, and press **Enter**. - - b. Right-click **Command prompt** and select **Run as administrator**. - -2. Enter the following command, and press **Enter**: - - ```text - sc qc diagtrack - ``` - - If the service is enabled, then the result should look like the following screenshot: - - ![Result of the sc query command for diagtrack](images/windefatp-sc-qc-diagtrack.png) - - If the `START_TYPE` is not set to `AUTO_START`, then you'll need to set the service to automatically start. - - -**Use the command line to set the Windows 10 diagnostic data service to automatically start:** - -1. Open an elevated command-line prompt on the machine: - - a. Click **Start**, type **cmd**, and press **Enter**. - - b. Right-click **Command prompt** and select **Run as administrator**. - -2. Enter the following command, and press **Enter**: - - ```text - sc config diagtrack start=auto - ``` - -3. A success message is displayed. Verify the change by entering the following command, and press **Enter**: - - ```text - sc qc diagtrack - ``` - -4. Start the service. - - a. In the command prompt, type the following command and press **Enter**: - - ```text - sc start diagtrack - ``` - -### Ensure the machine has an Internet connection - -The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Windows Defender ATP service. - -WinHTTP is independent of the Internet browsing proxy settings and other user context applications and must be able to detect the proxy servers that are available in your particular environment. - -To ensure that sensor has service connectivity, follow the steps described in the [Verify client connectivity to Windows Defender ATP service URLs](configure-proxy-internet-windows-defender-advanced-threat-protection.md#verify-client-connectivity-to-windows-defender-atp-service-urls) topic. - -If the verification fails and your environment is using a proxy to connect to the Internet, then follow the steps described in [Configure proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) topic. - -### Ensure that Windows Defender Antivirus is not disabled by a policy -**Problem**: The Windows Defender ATP service does not start after onboarding. - -**Symptom**: Onboarding successfully completes, but you see error 577 when trying to start the service. - -**Solution**: If your machines are running a third-party antimalware client, the Windows Defender ATP agent needs the Windows Defender Early Launch Antimalware (ELAM) driver to be enabled. You must ensure that it's not disabled in system policy. - -- Depending on the tool that you use to implement policies, you'll need to verify that the following Windows Defender policies are cleared: - - - DisableAntiSpyware - - DisableAntiVirus - - For example, in Group Policy there should be no entries such as the following values: - - - `````` - - `````` -- After clearing the policy, run the onboarding steps again. - -- You can also check the following registry key values to verify that the policy is disabled: - - 1. Open the registry ```key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender```. - 2. Ensure that the value ```DisableAntiSpyware``` is not present. - - ![Image of registry key for Windows Defender Antivirus](images/atp-disableantispyware-regkey.png) - - -## Troubleshoot onboarding issues on a server -If you encounter issues while onboarding a server, go through the following verification steps to address possible issues. - -- [Ensure Microsoft Monitoring Agent (MMA) is installed and configured to report sensor data to the service](configure-server-endpoints-windows-defender-advanced-threat-protection.md#server-mma) -- [Ensure that the server proxy and Internet connectivity settings are configured properly](configure-server-endpoints-windows-defender-advanced-threat-protection.md#server-proxy) - -You might also need to check the following: -- Check that there is a Windows Defender Advanced Threat Protection Service running in the **Processes** tab in **Task Manager**. For example: - - ![Image of process view with Windows Defender Advanced Threat Protection Service running](images/atp-task-manager.png) - -- Check **Event Viewer** > **Applications and Services Logs** > **Operation Manager** to see if there are any errors. - -- In **Services**, check if the **Microsoft Monitoring Agent** is running on the server. For example, - - ![Image of Services](images/atp-services.png) - -- In **Microsoft Monitoring Agent** > **Azure Log Analytics (OMS)**, check the Workspaces and verify that the status is running. - - ![Image of Microsoft Monitoring Agent Properties](images/atp-mma-properties.png) - -- Check to see that machines are reflected in the **Machines list** in the portal. - - -## Licensing requirements -Windows Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers: - - - Windows 10 Enterprise E5 - - Windows 10 Education E5 - - Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5 - -For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2). - - ->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troubleshootonboarding-belowfoldlink) - - -## Related topics -- [Troubleshoot Windows Defender ATP](troubleshoot-windows-defender-advanced-threat-protection.md) -- [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md) -- [Configure machine proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) - +--- +title: Troubleshoot Windows Defender ATP onboarding issues +description: Troubleshoot issues that might arise during the onboarding of machines or to the Windows Defender ATP service. +keywords: troubleshoot onboarding, onboarding issues, event viewer, data collection and preview builds, sensor data and diagnostics +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: troubleshooting +--- + +# Troubleshoot Windows Defender Advanced Threat Protection onboarding issues + +**Applies to:** +- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +- Windows Server 2012 R2 +- Windows Server 2016 + + + +You might need to troubleshoot the Windows Defender ATP onboarding process if you encounter issues. +This page provides detailed steps to troubleshoot onboarding issues that might occur when deploying with one of the deployment tools and common errors that might occur on the machines. + +If you have completed the onboarding process and don't see machines in the [Machines list](investigate-machines-windows-defender-advanced-threat-protection.md) after an hour, it might indicate an onboarding or connectivity problem. + +## Troubleshoot onboarding when deploying with Group Policy +Deployment with Group Policy is done by running the onboarding script on the machines. The Group Policy console does not indicate if the deployment has succeeded or not. + +If you have completed the onboarding process and don't see machines in the [Machines list](investigate-machines-windows-defender-advanced-threat-protection.md) after an hour, you can check the output of the script on the machines. For more information, see [Troubleshoot onboarding when deploying with a script](#troubleshoot-onboarding-when-deploying-with-a-script). + +If the script completes successfully, see [Troubleshoot onboarding issues on the machines](#troubleshoot-onboarding-issues-on-the-machine) for additional errors that might occur. + +## Troubleshoot onboarding issues when deploying with System Center Configuration Manager +When onboarding machines using the following versions of System Center Configuration Manager: +- System Center 2012 Configuration Manager +- System Center 2012 R2 Configuration Manager +- System Center Configuration Manager (current branch) version 1511 +- System Center Configuration Manager (current branch) version 1602 + + +Deployment with the above-mentioned versions of System Center Configuration Manager is done by running the onboarding script on the machines. You can track the deployment in the Configuration Manager Console. + +If the deployment fails, you can check the output of the script on the machines. + +If the onboarding completed successfully but the machines are not showing up in the **Machines list** after an hour, see [Troubleshoot onboarding issues on the machine](#troubleshoot-onboarding-issues-on-the-machine) for additional errors that might occur. + +## Troubleshoot onboarding when deploying with a script + +**Check the result of the script on the machine**: +1. Click **Start**, type **Event Viewer**, and press **Enter**. + +2. Go to **Windows Logs** > **Application**. + +3. Look for an event from **WDATPOnboarding** event source. + +If the script fails and the event is an error, you can check the event ID in the following table to help you troubleshoot the issue. +> [!NOTE] +> The following event IDs are specific to the onboarding script only. + +Event ID | Error Type | Resolution steps +:---|:---|:--- +5 | Offboarding data was found but couldn't be deleted | Check the permissions on the registry, specifically ```HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection```. +10 | Onboarding data couldn't be written to registry | Check the permissions on the registry, specifically
```HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat```.
Verify that the script was ran as an administrator. +15 | Failed to start SENSE service |Check the service health (```sc query sense``` command). Make sure it's not in an intermediate state (*'Pending_Stopped'*, *'Pending_Running'*) and try to run the script again (with administrator rights).

If the machine is running Windows 10, version 1607 and running the command `sc query sense` returns `START_PENDING`, reboot the machine. If rebooting the machine doesn't address the issue, upgrade to KB4015217 and try onboarding again. +15 | Failed to start SENSE service | If the message of the error is: System error 577 has occurred. You need to enable the Windows Defender Antivirus ELAM driver, see [Ensure that Windows Defender Antivirus is not disabled by a policy](#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy) for instructions. +30 | The script failed to wait for the service to start running | The service could have taken more time to start or has encountered errors while trying to start. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md). +35 | The script failed to find needed onboarding status registry value | When the SENSE service starts for the first time, it writes onboarding status to the registry location
```HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status```.
The script failed to find it after several seconds. You can manually test it and check if it's there. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md). +40 | SENSE service onboarding status is not set to **1** | The SENSE service has failed to onboard properly. For more information on events and errors related to SENSE, see [Review events and errors using Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md). +65 | Insufficient privileges| Run the script again with administrator privileges. + +## Troubleshoot onboarding issues using Microsoft Intune +You can use Microsoft Intune to check error codes and attempt to troubleshoot the cause of the issue. + +If you have configured policies in Intune and they are not propagated on machines, you might need to configure automatic MDM enrollment. + +Use the following tables to understand the possible causes of issues while onboarding: + +- Microsoft Intune error codes and OMA-URIs table +- Known issues with non-compliance table +- Mobile Device Management (MDM) event logs table + +If none of the event logs and troubleshooting steps work, download the Local script from the **Machine management** section of the portal, and run it in an elevated command prompt. + +**Microsoft Intune error codes and OMA-URIs**: + + +Error Code Hex | Error Code Dec | Error Description | OMA-URI | Possible cause and troubleshooting steps +:---|:---|:---|:---|:--- +0x87D1FDE8 | -2016281112 | Remediation failed | Onboarding
Offboarding | **Possible cause:** Onboarding or offboarding failed on a wrong blob: wrong signature or missing PreviousOrgIds fields.

**Troubleshooting steps:**
Check the event IDs in the [View agent onboarding errors in the machine event log](#view-agent-onboarding-errors-in-the-machine-event-log) section.

Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://msdn.microsoft.com/library/windows/hardware/mt632120%28v=vs.85%29.aspx). + | | | | Onboarding
Offboarding
SampleSharing | **Possible cause:** Windows Defender ATP Policy registry key does not exist or the OMA DM client doesn't have permissions to write to it.

**Troubleshooting steps:** Ensure that the following registry key exists: ```HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection```

If it doesn't exist, open an elevated command and add the key. + | | | | SenseIsRunning
OnboardingState
OrgId | **Possible cause:** An attempt to remediate by read-only property. Onboarding has failed.

**Troubleshooting steps:** Check the troubleshooting steps in [Troubleshoot onboarding issues on the machine](#troubleshoot-onboarding-issues-on-the-machine).

Check the MDM event logs in the following table or follow the instructions in [Diagnose MDM failures in Windows 10](https://msdn.microsoft.com/library/windows/hardware/mt632120%28v=vs.85%29.aspx). + || | | All | **Possible cause:** Attempt to deploy Windows Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

Currently is supported platforms: Enterprise, Education, and Professional.
Server is not supported. + 0x87D101A9 | -2016345687 |Syncml(425): The requested command failed because the sender does not have adequate access control permissions (ACL) on the recipient. | All | **Possible cause:** Attempt to deploy Windows Defender ATP on non-supported SKU/Platform, particularly Holographic SKU.

Currently is supported platforms: Enterprise, Education, and Professional. + +
+**Known issues with non-compliance** + +The following table provides information on issues with non-compliance and how you can address the issues. + +Case | Symptoms | Possible cause and troubleshooting steps +:---|:---|:--- +1 | Machine is compliant by SenseIsRunning OMA-URI. But is non-compliant by OrgId, Onboarding and OnboardingState OMA-URIs. | **Possible cause:** Check that user passed OOBE after Windows installation or upgrade. During OOBE onboarding couldn't be completed but SENSE is running already.

**Troubleshooting steps:** Wait for OOBE to complete. +2 | Machine is compliant by OrgId, Onboarding, and OnboardingState OMA-URIs, but is non-compliant by SenseIsRunning OMA-URI. | **Possible cause:** Sense service's startup type is set as "Delayed Start". Sometimes this causes the Microsoft Intune server to report the machine as non-compliant by SenseIsRunning when DM session occurs on system start.

**Troubleshooting steps:** The issue should automatically be fixed within 24 hours. +3 | Machine is non-compliant | **Troubleshooting steps:** Ensure that Onboarding and Offboarding policies are not deployed on the same machine at same time. + +
+**Mobile Device Management (MDM) event logs** + +View the MDM event logs to troubleshoot issues that might arise during onboarding: + +Log name: Microsoft\Windows\DeviceManagement-EnterpriseDiagnostics-Provider + +Channel name: Admin + +ID | Severity | Event description | Troubleshooting steps +:---|:---|:---|:--- +1819 | Error | Windows Defender Advanced Threat Protection CSP: Failed to Set Node's Value. NodeId: (%1), TokenName: (%2), Result: (%3). | Download the [Cumulative Update for Windows 10, 1607](https://go.microsoft.com/fwlink/?linkid=829760). + +## Troubleshoot onboarding issues on the machine +If the deployment tools used does not indicate an error in the onboarding process, but machines are still not appearing in the machines list in an hour, go through the following verification topics to check if an error occurred with the Windows Defender ATP agent: +- [View agent onboarding errors in the machine event log](#view-agent-onboarding-errors-in-the-machine-event-log) +- [Ensure the diagnostic data service is enabled](#ensure-the-diagnostics-service-is-enabled) +- [Ensure the service is set to start](#ensure-the-service-is-set-to-start) +- [Ensure the machine has an Internet connection](#ensure-the-machine-has-an-internet-connection) +- [Ensure that Windows Defender Antivirus is not disabled by a policy](#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy) + + +### View agent onboarding errors in the machine event log + +1. Click **Start**, type **Event Viewer**, and press **Enter**. + +2. In the **Event Viewer (Local)** pane, expand **Applications and Services Logs** > **Microsoft** > **Windows** > **SENSE**. + + > [!NOTE] + > SENSE is the internal name used to refer to the behavioral sensor that powers Windows Defender ATP. + +3. Select **Operational** to load the log. + +4. In the **Action** pane, click **Filter Current log**. + +5. On the **Filter** tab, under **Event level:** select **Critical**, **Warning**, and **Error**, and click **OK**. + + ![Image of Event Viewer log filter](images/filter-log.png) + +6. Events which can indicate issues will appear in the **Operational** pane. You can attempt to troubleshoot them based on the solutions in the following table: + +Event ID | Message | Resolution steps +:---|:---|:--- +5 | Windows Defender Advanced Threat Protection service failed to connect to the server at _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection). +6 | Windows Defender Advanced Threat Protection service is not onboarded and no onboarding parameters were found. Failure code: _variable_ | [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md). +7 | Windows Defender Advanced Threat Protection service failed to read the onboarding parameters. Failure code: _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection), then run the entire onboarding process again. +9 | Windows Defender Advanced Threat Protection service failed to change its start type. Failure code: variable | If the event happened during onboarding, reboot and re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md).

If the event happened during offboarding, contact support. +10 | Windows Defender Advanced Threat Protection service failed to persist the onboarding information. Failure code: variable | If the event happened during onboarding, re-attempt running the onboarding script. For more information, see [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md).

If the problem persists, contact support. +15 | Windows Defender Advanced Threat Protection cannot start command channel with URL: _variable_ | [Ensure the machine has Internet access](#ensure-the-machine-has-an-internet-connection). +17 | Windows Defender Advanced Threat Protection service failed to change the Connected User Experiences and Telemetry service location. Failure code: variable | [Run the onboarding script again](configure-endpoints-script-windows-defender-advanced-threat-protection.md). If the problem persists, contact support. +25 | Windows Defender Advanced Threat Protection service failed to reset health status in the registry. Failure code: _variable_ | Contact support. +27 | Failed to enable Windows Defender Advanced Threat Protection mode in Windows Defender. Onboarding process failed. Failure code: variable | Contact support. +29 | Failed to read the offboarding parameters. Error type: %1, Error code: %2, Description: %3 | Ensure the machine has Internet access, then run the entire offboarding process again. +30 | Failed to disable $(build.sense.productDisplayName) mode in Windows Defender Advanced Threat Protection. Failure code: %1 | Contact support. +32 | $(build.sense.productDisplayName) service failed to request to stop itself after offboarding process. Failure code: %1 | Verify that the service start type is manual and reboot the machine. +55 | Failed to create the Secure ETW autologger. Failure code: %1 | Reboot the machine. +63 | Updating the start type of external service. Name: %1, actual start type: %2, expected start type: %3, exit code: %4 | Identify what is causing changes in start type of mentioned service. If the exit code is not 0, fix the start type manually to expected start type. +64 | Starting stopped external service. Name: %1, exit code: %2 | Contact support if the event keeps re-appearing. +68 | The start type of the service is unexpected. Service name: %1, actual start type: %2, expected start type: %3 | Identify what is causing changes in start type. Fix mentioned service start type. +69 | The service is stopped. Service name: %1 | Start the mentioned service. Contact support if persists. + +
+There are additional components on the machine that the Windows Defender ATP agent depends on to function properly. If there are no onboarding related errors in the Windows Defender ATP agent event log, proceed with the following steps to ensure that the additional components are configured correctly. + + +### Ensure the diagnostic data service is enabled +If the machines aren't reporting correctly, you might need to check that the Windows 10 diagnostic data service is set to automatically start and is running on the machine. The service might have been disabled by other programs or user configuration changes. + +First, you should check that the service is set to start automatically when Windows starts, then you should check that the service is currently running (and start it if it isn't). + +### Ensure the service is set to start + +**Use the command line to check the Windows 10 diagnostic data service startup type**: + +1. Open an elevated command-line prompt on the machine: + + a. Click **Start**, type **cmd**, and press **Enter**. + + b. Right-click **Command prompt** and select **Run as administrator**. + +2. Enter the following command, and press **Enter**: + + ```text + sc qc diagtrack + ``` + + If the service is enabled, then the result should look like the following screenshot: + + ![Result of the sc query command for diagtrack](images/windefatp-sc-qc-diagtrack.png) + + If the `START_TYPE` is not set to `AUTO_START`, then you'll need to set the service to automatically start. + + +**Use the command line to set the Windows 10 diagnostic data service to automatically start:** + +1. Open an elevated command-line prompt on the machine: + + a. Click **Start**, type **cmd**, and press **Enter**. + + b. Right-click **Command prompt** and select **Run as administrator**. + +2. Enter the following command, and press **Enter**: + + ```text + sc config diagtrack start=auto + ``` + +3. A success message is displayed. Verify the change by entering the following command, and press **Enter**: + + ```text + sc qc diagtrack + ``` + +4. Start the service. + + a. In the command prompt, type the following command and press **Enter**: + + ```text + sc start diagtrack + ``` + +### Ensure the machine has an Internet connection + +The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Windows Defender ATP service. + +WinHTTP is independent of the Internet browsing proxy settings and other user context applications and must be able to detect the proxy servers that are available in your particular environment. + +To ensure that sensor has service connectivity, follow the steps described in the [Verify client connectivity to Windows Defender ATP service URLs](configure-proxy-internet-windows-defender-advanced-threat-protection.md#verify-client-connectivity-to-windows-defender-atp-service-urls) topic. + +If the verification fails and your environment is using a proxy to connect to the Internet, then follow the steps described in [Configure proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) topic. + +### Ensure that Windows Defender Antivirus is not disabled by a policy +**Problem**: The Windows Defender ATP service does not start after onboarding. + +**Symptom**: Onboarding successfully completes, but you see error 577 when trying to start the service. + +**Solution**: If your machines are running a third-party antimalware client, the Windows Defender ATP agent needs the Windows Defender Early Launch Antimalware (ELAM) driver to be enabled. You must ensure that it's not disabled in system policy. + +- Depending on the tool that you use to implement policies, you'll need to verify that the following Windows Defender policies are cleared: + + - DisableAntiSpyware + - DisableAntiVirus + + For example, in Group Policy there should be no entries such as the following values: + + - `````` + - `````` +- After clearing the policy, run the onboarding steps again. + +- You can also check the following registry key values to verify that the policy is disabled: + + 1. Open the registry ```key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender```. + 2. Ensure that the value ```DisableAntiSpyware``` is not present. + + ![Image of registry key for Windows Defender Antivirus](images/atp-disableantispyware-regkey.png) + + +## Troubleshoot onboarding issues on a server +If you encounter issues while onboarding a server, go through the following verification steps to address possible issues. + +- [Ensure Microsoft Monitoring Agent (MMA) is installed and configured to report sensor data to the service](configure-server-endpoints-windows-defender-advanced-threat-protection.md#server-mma) +- [Ensure that the server proxy and Internet connectivity settings are configured properly](configure-server-endpoints-windows-defender-advanced-threat-protection.md#server-proxy) + +You might also need to check the following: +- Check that there is a Windows Defender Advanced Threat Protection Service running in the **Processes** tab in **Task Manager**. For example: + + ![Image of process view with Windows Defender Advanced Threat Protection Service running](images/atp-task-manager.png) + +- Check **Event Viewer** > **Applications and Services Logs** > **Operation Manager** to see if there are any errors. + +- In **Services**, check if the **Microsoft Monitoring Agent** is running on the server. For example, + + ![Image of Services](images/atp-services.png) + +- In **Microsoft Monitoring Agent** > **Azure Log Analytics (OMS)**, check the Workspaces and verify that the status is running. + + ![Image of Microsoft Monitoring Agent Properties](images/atp-mma-properties.png) + +- Check to see that machines are reflected in the **Machines list** in the portal. + + +## Licensing requirements +Windows Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers: + + - Windows 10 Enterprise E5 + - Windows 10 Education E5 + - Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5 + +For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2). + + +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-troubleshootonboarding-belowfoldlink) + + +## Related topics +- [Troubleshoot Windows Defender ATP](troubleshoot-windows-defender-advanced-threat-protection.md) +- [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md) +- [Configure machine proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) + diff --git a/windows/security/threat-protection/windows-defender-atp/use-apis.md b/windows/security/threat-protection/windows-defender-atp/use-apis.md index 20e1451805..9104f53a2b 100644 --- a/windows/security/threat-protection/windows-defender-atp/use-apis.md +++ b/windows/security/threat-protection/windows-defender-atp/use-apis.md @@ -1,7 +1,7 @@ --- -title: Use the Windows Defender Advanced Threat Protection APIs +title: Windows Defender ATP Public API description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph. -keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file +keywords: apis, api, wdatp, open api, windows defender atp api, public api, alerts, machine, user, domain, ip, file search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy @@ -17,14 +17,15 @@ ms.topic: conceptual ms.date: 11/28/2018 --- -# Use the Windows Defender ATP exposed APIs +# Windows Defender ATP Public API -**Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) +**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) + +> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## In this section Topic | Description :---|:--- -Create your app | Learn how to create an application to get programmatical access to Windows Defender ATP [on behalf of a user](exposed-apis-create-app-nativeapp.md) or [without a user](exposed-apis-create-app-webapp.md). -Supported Windows Defender ATP APIs | Learn more about the individual supported entities where you can run API calls to and details such as HTTP request values, request headers and expected responses. Examples include APIs for [alert resource type](alerts-windows-defender-advanced-threat-protection-new.md), [domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection-new.md), or even actions such as [isolate machine](isolate-machine-windows-defender-advanced-threat-protection-new.md). +[Windows Defender ATP API overview](apis-intro.md) | Learn how to access to Windows Defender ATP Public API and on which context. +[Supported Windows Defender ATP APIs](exposed-apis-list.md) | Learn more about the individual supported entities where you can run API calls to and details such as HTTP request values, request headers and expected responses. Examples include APIs for [alert resource type](alerts-windows-defender-advanced-threat-protection-new.md), [domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection-new.md), or even actions such as [isolate machine](isolate-machine-windows-defender-advanced-threat-protection-new.md). How to use APIs - Samples | Learn how to use Advanced hunting APIs and multiple APIs such as PowerShell. Other examples include [schedule advanced hunting using Microsoft Flow](run-advanced-query-sample-ms-flow.md) or [OData queries](exposed-apis-odata-samples.md). diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md index 653d7f2a5e..ab6498dcae 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md @@ -11,6 +11,7 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic +ms.date: 03/26/2018 --- # Reduce attack surfaces with attack surface reduction rules @@ -235,6 +236,16 @@ SCCM name: Not applicable GUID: 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c +## Review attack surface reduction events in Windows Event Viewer + +You can review the Windows event log to see events that are created when attack surface rules block (or audit) an app: + +Event ID | Description +5007 | Event when settings are changed +1121 | Event when an attack surface reduction rule fires in audit mode +1122 | Event when an attack surface reduction rule fires in block mode + + ## Related topics - [Enable attack surface reduction rules](enable-attack-surface-reduction.md) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md index 13222c4b4d..5f21c349ae 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md @@ -40,10 +40,10 @@ You can use Group Policy, PowerShell, and configuration service providers (CSPs) Audit options | How to enable audit mode | How to view events - | - | - -Audit applies to all events | [Enable controlled folder access](enable-controlled-folders-exploit-guard.md#enable-and-audit-controlled-folder-access) | [Controlled folder access events](controlled-folders-exploit-guard.md#review-controlled-folder-access-events-in-windows-event-viewer) -Audit applies to individual rules | [Enable attack surface reduction rules](enable-attack-surface-reduction.md) | [Attack surface reduction rule events](attack-surface-reduction-exploit-guard.md) -Audit applies to all events | [Enable network protection](enable-network-protection.md#enable-and-audit-network-protection) | [Network protection events](network-protection-exploit-guard.md#review-network-protection-events-in-windows-event-viewer) -Audit applies to individual mitigations | [Enable exploit protection](enable-exploit-protection.md#enable-and-audit-exploit-protection) | [Exploit protection events](exploit-protection-exploit-guard.md#review-exploit-protection-events-in-windows-event-viewer) +Audit applies to all events | [Enable controlled folder access](enable-controlled-folders-exploit-guard.md) | [Controlled folder access events](evaluate-controlled-folder-access.md#review-controlled-folder-access-events-in-windows-event-viewer) +Audit applies to individual rules | [Enable attack surface reduction rules](enable-attack-surface-reduction.md) | [Attack surface reduction rule events](attack-surface-reduction-exploit-guard.md#review-attack-surface-reduction-events-in-windows-event-viewer) +Audit applies to all events | [Enable network protection](enable-network-protection.md) | [Network protection events](evaluate-network-protection.md#review-network-protection-events-in-windows-event-viewer) +Audit applies to individual mitigations | [Enable exploit protection](enable-exploit-protection.md) | [Exploit protection events](exploit-protection-exploit-guard.md#review-exploit-protection-events-in-windows-event-viewer) You can also use the a custom PowerShell script that enables the features in audit mode automatically: diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md b/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md index 2906976656..3ed20a187b 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md @@ -42,13 +42,13 @@ Before attempting this process, ensure you have met all required pre-requisites 2. Navigate to the Windows Defender directory. By default, this is C:\Program Files\Windows Defender, as in the following example: - ```Dos + ```console cd c:\program files\windows defender ``` 3. Enter the following command and press **Enter** - ```Dos + ```console mpcmdrun -getfiles ``` diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md index ce3d7cb53f..c49eae7912 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md @@ -11,7 +11,7 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 11/16/2018 +ms.date: 03/26/2019 --- # Customize exploit protection @@ -106,7 +106,7 @@ Validate stack integrity (StackPivot) | Ensures that the stack has not been redi 2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection**. -3. Under the **System settings** section, find the mitigation you want to configure and select one of the following. Apps that aren't configured individually in the **Program settings** section will use the settings configured here: +3. Under the **System settings** section, find the mitigation you want to configure and select one of the following. Apps that aren't configured individually in the **Program settings** section will use the settings configured here: - **On by default** - The mitigation is *enabled* for apps that don't have this mitigation set in the app-specific **Program settings** section - **Off by default** - The mitigation is *disabled* for apps that don't have this mitigation set in the app-specific **Program settings** section - **Use default** - The mitigation is either enabled or disabled, depending on the default configuration that is set up by Windows 10 installation; the default value (**On** or **Off**) is always specified next to the **Use default** label for each mitigation @@ -114,32 +114,23 @@ Validate stack integrity (StackPivot) | Ensures that the stack has not been redi >[!NOTE] >You may see a User Account Control window when changing some settings. Enter administrator credentials to apply the setting. - Changing some settings may required a restart, which will be indicated in red text underneath the setting. + Changing some settings may require a restart. 4. Repeat this for all the system-level mitigations you want to configure. -You can now [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) or continue on to configure app-specific mitigations. +3. Go to the **Program settings** section and choose the app you want to apply mitigations to: -Exporting the configuration as an XML file allows you to copy the configuration from one machine onto other machines. - -### Configure app-specific mitigations with the Windows Security app - -1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**. - -2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection settings** at the bottom of the screen. - -3. Go to the **Program settings** section and choose the app you want to apply mitigations to: - - 1. If the app you want to configure is already listed, click it and then click **Edit** - 2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app: + 1. If the app you want to configure is already listed, click it and then click **Edit** + 2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app: - Use **Add by program name** to have the mitigation applied to any running process with that name. You must specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location. - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want. 4. After selecting the app, you'll see a list of all the mitigations that can be applied. To enable the mitigation, click the check box and then change the slider to **On**. Select any additional options. Choosing **Audit** will apply the mitigation in audit mode only. You will be notified if you need to restart the process or app, or if you need to restart Windows. 5. Repeat this for all the apps and mitigations you want to configure. Click **Apply** when you're done setting up your configuration. - -You can now [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) or return to configure system-level mitigations. + + +You can now [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) or continue on to configure app-specific mitigations. Exporting the configuration as an XML file allows you to copy the configuration from one machine onto other machines. @@ -165,7 +156,7 @@ Get-ProcessMitigation -Name processName.exe > >For app-level settings, `NOTSET` indicates the system-level setting for the mitigation will be applied. > ->The default setting for each system-level mitigation can be seen in the Windows Security, as described in the [Configure system-level mitigations with the Windows Security app section above](#configure-system-level-mitigations-with-the-windows-defender-security-center-app). +>The default setting for each system-level mitigation can be seen in the Windows Security. Use `Set` to configure each mitigation in the following format: diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md index 8d9f86a947..ea057afc07 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md @@ -38,13 +38,13 @@ You can enable controlled folder access with the Security Center app, Group Poli >- System Center Endpoint Protection **Allow users to add exclusions and overrides** >For more information about disabling local list merging, see [Prevent or allow users to locally modify Windows Defender AV policy settings](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-local-policy-overrides-windows-defender-antivirus#configure-how-locally-and-globally-defined-threat-remediation-and-exclusions-lists-are-merged). -### Use the Windows Defender Security app to enable controlled folder access +## Windows Security app to enable controlled folder access 1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**. 2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Ransomware protection**. -3. Set the switch for **Controlled folder access** to **On**. +3. Set the switch for **Controlled folder access** to **On**. ### Use Group Policy to enable Controlled folder access diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md index 2349416c84..04abdfa702 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md @@ -11,7 +11,7 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 02/14/2019 +ms.date: 03/26/2019 --- # Enable exploit protection @@ -24,23 +24,192 @@ ms.date: 02/14/2019 Many features from the Enhanced Mitigation Experience Toolkit (EMET) are included in exploit protection. -## Enable and audit exploit protection +You can also set mitigations to [audit mode](evaluate-exploit-protection.md). Audit mode allows you to test how the mitigations would work (and review events) without impacting the normal use of the machine. + +## Enable exploit protection + +You enable and configure each exploit protection mitigation separately either by using the Windows Security app or PowerShell. +They are configured by default in Windows 10. + +You can set each mitigation to on, off, or to its default value. +Some mitigations have additional options. + +You can [export these settings as an XML file](import-export-exploit-protection-emet-xml.md) and deploy it to other machines by using Group Policy. + +### Windows Security app + +1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**. + +2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection**. + +3. Go to **Program settings** and choose the app you want to apply mitigations to: + + 1. If the app you want to configure is already listed, click it and then click **Edit** + 2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app: + - Use **Add by program name** to have the mitigation applied to any running process with that name. You must specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location. + - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want. + +4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit** will apply the mitigation in audit mode only. You will be notified if you need to restart the process or app, or if you need to restart Windows. + +5. Repeat this for all the apps and mitigations you want to configure. + +3. Under the **System settings** section, find the mitigation you want to configure and select one of the following. Apps that aren't configured individually in the **Program settings** section will use the settings configured here: + - **On by default** - The mitigation is *enabled* for apps that don't have this mitigation set in the app-specific **Program settings** section + - **Off by default** - The mitigation is *disabled* for apps that don't have this mitigation set in the app-specific **Program settings** section + - **Use default** - The mitigation is either enabled or disabled, depending on the default configuration that is set up by Windows 10 installation; the default value (**On** or **Off**) is always specified next to the **Use default** label for each mitigation + +5. Repeat this for all the system-level mitigations you want to configure. Click **Apply** when you're done setting up your configuration. + +If you add an app to the **Program settings** section and configure individual mitigation settings there, they will be honored above the configuration for the same mitigations specified in the **System settings** section. The following matrix and examples help to illustrate how defaults work: + +Enabled in **Program settings** | Enabled in **System settings** | Behavior +:-: | :-: | :-: +[!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark no](images/svg/check-no.svg)] | As defined in **Program settings** +[!include[Check mark yes](images/svg/check-yes.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | As defined in **Program settings** +[!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | As defined in **System settings** +[!include[Check mark no](images/svg/check-no.svg)] | [!include[Check mark yes](images/svg/check-yes.svg)] | Default as defined in **Use default** option + +**Example 1** + +Mikael configures **Data Execution Prevention (DEP)** in the **System settings** section to be **Off by default**. + +Mikael then adds the app *test.exe* to the **Program settings** section. In the options for that app, under **Data Execution Prevention (DEP)**, he enables the **Override system settings** option and sets the switch to **On**. There are no other apps listed in the **Program settings** section. + +The result will be that DEP only will be enabled for *test.exe*. All other apps will not have DEP applied. + +**Example 2** + +Josie configures **Data Execution Prevention (DEP)** in the **System settings** section to be **Off by default**. + +Josie then adds the app *test.exe* to the **Program settings** section. In the options for that app, under **Data Execution Prevention (DEP)**, she enables the **Override system settings** option and sets the switch to **On**. + +Josie also adds the app *miles.exe* to the **Program settings** section and configures **Control flow guard (CFG)** to **On**. She doesn't enable the **Override system settings** option for DEP or any other mitigations for that app. + +The result will be that DEP will be enabled for *test.exe*. DEP will not be enabled for any other app, including *miles.exe*. +CFG will be enabled for *miles.exe*. + +1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**. + +2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection**. + +3. Go to **Program settings** and choose the app you want to apply mitigations to: + + 1. If the app you want to configure is already listed, click it and then click **Edit** + 2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app: + - Use **Add by program name** to have the mitigation applied to any running process with that name. You must specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location. + - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want. + +4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit** will apply the mitigation in audit mode only. You will be notified if you need to restart the process or app, or if you need to restart Windows. + +5. Repeat this for all the apps and mitigations you want to configure. Click **Apply** when you're done setting up your configuration. + + + +### PowerShell + +You can use the PowerShell verb `Get` or `Set` with the cmdlet `ProcessMitigation`. Using `Get` will list the current configuration status of any mitigations that have been enabled on the device - add the `-Name` cmdlet and app exe to see mitigations for just that app: + +```PowerShell +Get-ProcessMitigation -Name processName.exe +``` + +>[!IMPORTANT] +>System-level mitigations that have not been configured will show a status of `NOTSET`. +> +>For system-level settings, `NOTSET` indicates the default setting for that mitigation has been applied. +> +>For app-level settings, `NOTSET` indicates the system-level setting for the mitigation will be applied. +> +>The default setting for each system-level mitigation can be seen in the Windows Security. + +Use `Set` to configure each mitigation in the following format: + +```PowerShell +Set-ProcessMitigation - - ,, +``` +Where: + +- \: + - `-Name` to indicate the mitigations should be applied to a specific app. Specify the app's executable after this flag. + - `-System` to indicate the mitigation should be applied at the system level +- \: + - `-Enable` to enable the mitigation + - `-Disable` to disable the mitigation +- \: + - The mitigation's cmdlet along with any suboptions (surrounded with spaces). Each mitigation is separated with a comma. + +For example, to enable the Data Execution Prevention (DEP) mitigation with ATL thunk emulation and for an executable called *testing.exe* in the folder *C:\Apps\LOB\tests*, and to prevent that executable from creating child processes, you'd use the following command: + +```PowerShell +Set-ProcessMitigation -Name c:\apps\lob\tests\testing.exe -Enable DEP, EmulateAtlThunks, DisallowChildProcessCreation +``` + +>[!IMPORTANT] +>Separate each mitigation option with commas. + +If you wanted to apply DEP at the system level, you'd use the following command: + +```PowerShell +Set-Processmitigation -System -Enable DEP +``` + +To disable mitigations, you can replace `-Enable` with `-Disable`. However, for app-level mitigations, this will force the mitigation to be disabled only for that app. + +If you need to restore the mitigation back to the system default, you need to include the `-Remove` cmdlet as well, as in the following example: + +```PowerShell +Set-Processmitigation -Name test.exe -Remove -Disable DEP +``` + +This table lists the PowerShell cmdlets (and associated audit mode cmdlet) that can be used to configure each mitigation. + + +Mitigation | Applies to | PowerShell cmdlets | Audit mode cmdlet +- | - | - | - +Control flow guard (CFG) | System and app-level | CFG, StrictCFG, SuppressExports | Audit not available +Data Execution Prevention (DEP) | System and app-level | DEP, EmulateAtlThunks | Audit not available +Force randomization for images (Mandatory ASLR) | System and app-level | ForceRelocateImages | Audit not available +Randomize memory allocations (Bottom-Up ASLR) | System and app-level | BottomUp, HighEntropy | Audit not available +Validate exception chains (SEHOP) | System and app-level | SEHOP, SEHOPTelemetry | Audit not available +Validate heap integrity | System and app-level | TerminateOnHeapError | Audit not available +Arbitrary code guard (ACG) | App-level only | DynamicCode | AuditDynamicCode +Block low integrity images | App-level only | BlockLowLabel | AuditImageLoad +Block remote images | App-level only | BlockRemoteImages | Audit not available +Block untrusted fonts | App-level only | DisableNonSystemFonts | AuditFont, FontAuditOnly +Code integrity guard | App-level only | BlockNonMicrosoftSigned, AllowStoreSigned | AuditMicrosoftSigned, AuditStoreSigned +Disable extension points | App-level only | ExtensionPoint | Audit not available +Disable Win32k system calls | App-level only | DisableWin32kSystemCalls | AuditSystemCall +Do not allow child processes | App-level only | DisallowChildProcessCreation | AuditChildProcess +Export address filtering (EAF) | App-level only | EnableExportAddressFilterPlus, EnableExportAddressFilter \[1\] | Audit not available +Import address filtering (IAF) | App-level only | EnableImportAddressFilter | Audit not available +Simulate execution (SimExec) | App-level only | EnableRopSimExec | Audit not available +Validate API invocation (CallerCheck) | App-level only | EnableRopCallerCheck | Audit not available +Validate handle usage | App-level only | StrictHandle | Audit not available +Validate image dependency integrity | App-level only | EnforceModuleDepencySigning | Audit not available +Validate stack integrity (StackPivot) | App-level only | EnableRopStackPivot | Audit not available + + + +\[1\]: Use the following format to enable EAF modules for dlls for a process: + +```PowerShell +Set-ProcessMitigation -Name processName.exe -Enable EnableExportAddressFilterPlus -EAFModules dllName1.dll,dllName2.dll +``` + + +## Customize the notification + +See the [Windows Security](../windows-defender-security-center/windows-defender-security-center.md#customize-notifications-from-the-windows-defender-security-center) topic for more information about customizing the notification when a rule is triggered and blocks an app or file. + + + -You enable and configure each exploit protection mitigation separately. Some mitigations apply to the entire operating system, while others can be targeted towards specific apps. -The mitigations available in exploit protection are enabled or configured to their default values automatically in Windows 10. However, you can customize the configuration to suit your organization and then deploy that configuration across your network. -You can also set mitigations to [audit mode](audit-windows-defender-exploit-guard.md). Audit mode allows you to test how the mitigations would work (and review events) without impacting the normal use of the machine. ->[!WARNING] ->Some security mitigation technologies may have compatibility issues with some applications. You should test exploit protection in all target use scenarios by using audit mode before deploying in production. -You can also convert an existing EMET configuration file (in XML format) and import it into exploit protection. This is useful if you have been using EMET and have a customized series of policies and mitigations that you want to keep using. -See the following topics for instructions on configuring exploit protection mitigations and importing, exporting, and converting configurations: -1. [Configure the mitigations you want to enable or audit](customize-exploit-protection.md) -2. [Export the configuration to an XML file that you can use to deploy the configuration to multiple machines](import-export-exploit-protection-emet-xml.md). ## Related topics @@ -48,6 +217,3 @@ See the following topics for instructions on configuring exploit protection miti - [Evaluate exploit protection](evaluate-exploit-protection.md) - [Configure and audit exploit protection mitigations](customize-exploit-protection.md) - [Import, export, and deploy exploit protection configurations](import-export-exploit-protection-emet-xml.md) - - - diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md index d07a56a851..9c6868f35a 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection.md @@ -11,7 +11,7 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 02/14/2019 +ms.date: 03/27/2019 --- # Enable network protection @@ -20,17 +20,20 @@ ms.date: 02/14/2019 - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -[Network protection](network-protection-exploit-guard.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. +[Network protection](network-protection-exploit-guard.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. +You can [audit network protection](evaluate-network-protection.md) in a test environment to see which apps would be blocked before you enable it. +You can enable network protection by using any of the these methods: -This topic describes how to enable network protection with Group Policy, PowerShell cmdlets, and configuration service providers (CSPs) for mobile device management (MDM). +- MDM +- Group Policy +- PowerShell cmdlets -## Enable and audit network protection -You can enable network protection in either audit or block mode with Group Policy, PowerShell, or MDM settings with CSP. +## MDM -For background information on how audit mode works, and when you might want to use it, see the [audit Windows Defender Exploit Guard topic](audit-windows-defender-exploit-guard.md). +Use the [./Vendor/MSFT/Policy/Config/Defender/EnableNetworkProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-enablenetworkprotection) configuration service provider (CSP) to enable and configure network protection. -### Use Group Policy to enable or audit network protection +## Group Policy 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. @@ -47,7 +50,8 @@ For background information on how audit mode works, and when you might want to u >[!IMPORTANT] >To fully enable network protection, you must set the Group Policy option to **Enabled** and also select **Block** in the options drop-down menu. - ### Use PowerShell to enable or audit network protection + +## PowerShell 1. Type **powershell** in the Start menu, right click **Windows PowerShell** and click **Run as administrator** 2. Enter the following cmdlet: @@ -65,11 +69,6 @@ Set-MpPreference -EnableNetworkProtection AuditMode Use `Disabled` insead of `AuditMode` or `Enabled` to turn the feature off. -### Use MDM CSPs to enable or audit network protection - -Use the [./Vendor/MSFT/Policy/Config/Defender/EnableNetworkProtection](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender#defender-enablenetworkprotection) configuration service provider (CSP) to enable and configure network protection. - - ## Related topics - [Protect your network](network-protection-exploit-guard.md) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md index eba904da4b..5efdacf7f8 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -10,7 +10,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 11/15/2018 +ms.date: 03/15/2019 --- # Enable virtualization-based protection of code integrity @@ -24,6 +24,18 @@ Some applications, including device drivers, may be incompatible with HVCI. This can cause devices or software to malfunction and in rare cases may result in a blue screen. Such issues may occur after HVCI has been turned on or during the enablement process itself. If this happens, see [Troubleshooting](#troubleshooting) for remediation steps. +>[!NOTE] +>HVCI works with modern 7th gen CPUs or higher and its equivalent on AMD. CPU new feature is required *Mode based execution control (MBE) Virtualization*. + +>[!TIP] +> "The Secure Kernel relies on the Mode-Based Execution Control (MBEC) feature, if present in hardware, which enhances the SLAT with a user/kernel executable bit, or the hypervisor’s software emulation of this feature, called Restricted User Mode (RUM).". Mark Russinovich and Alex Ionescu. Windows Internals 7th Edition book + +## HVCI Features + +* HVCI protects modification of the Code Flow Guard (CFG) bitmap. +* HVCI also ensure your other Truslets, like Credential Guard have a valid certificate. +* Modern device drivers must also have an EV (Extended Validation) certificate and should support HVCI. + ## How to turn on HVCI in Windows 10 To enable HVCI on Windows 10 devices with supporting hardware throughout an enterprise, use any of these options: @@ -215,6 +227,7 @@ This field indicates whether the Windows Defender Credential Guard or HVCI servi | **0.** | No services configured. | | **1.** | If present, Windows Defender Credential Guard is configured. | | **2.** | If present, HVCI is configured. | +| **3.** | If present, System Guard Secure Launch is configured. | #### SecurityServicesRunning @@ -225,7 +238,7 @@ This field indicates whether the Windows Defender Credential Guard or HVCI servi | **0.** | No services running. | | **1.** | If present, Windows Defender Credential Guard is running. | | **2.** | If present, HVCI is running. | - +| **3.** | If present, System Guard Secure Launch is running. | #### Version @@ -278,6 +291,6 @@ Set-VMSecurity -VMName -VirtualizationBasedSecurityOptOut $true ### Requirements for running HVCI in Hyper-V virtual machines - The Hyper-V host must run at least Windows Server 2016 or Windows 10 version 1607. - The Hyper-V virtual machine must be Generation 2, and running at least Windows Server 2016 or Windows 10. - - HVCI and [nested virtualization](https://docs.microsoft.com/virtualization/hyper-v-on-windows/user-guide/nested-virtualization) cannot be enabled at the same time. + - HVCI and [virtualization](https://docs.microsoft.com/virtualization/hyper-v-on-windows/user-guide/nested-virtualization) can be enabled at the same time - Virtual Fibre Channel adapters are not compatible with HVCI. Before attaching a virtual Fibre Channel Adapter to a virtual machine, you must first opt out of virtualization-based security using `Set-VMSecurity`. - The AllowFullSCSICommandSet option for pass-through disks is not compatible with HVCI. Before configuring a pass-through disk with AllowFullSCSICommandSet, you must first opt out of virtualization-based security using `Set-VMSecurity`. diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md index a34952ae85..667c554a43 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md @@ -45,7 +45,14 @@ Set-MpPreference -EnableControlledFolderAccess AuditMode >If you want to fully audit how controlled folder access will work in your organization, you'll need to use a management tool to deploy this setting to machines in your network(s). You can also use Group Policy, Intune, MDM, or System Center Configuration Manager to configure and deploy the setting, as described in the main [controlled folder access topic](controlled-folders-exploit-guard.md). -For further details on how audit mode works, and when you might want to use it, see the [audit Windows Defender Exploit Guard topic](audit-windows-defender-exploit-guard.md). +## Review controlled folder access events in Windows Event Viewer + +The following controlled folder access events appear in Windows Event Viewer. + +Event ID | Description +5007 | Event when settings are changed +1124 | Audited controlled folder access event +1123 | Blocked controlled folder access event ## Customize protected folders and apps diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md index f1870b1c48..47eb5e8ced 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md @@ -11,7 +11,7 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 11/16/2018 +ms.date: 03/26/2019 --- # Evaluate exploit protection @@ -20,26 +20,89 @@ ms.date: 11/16/2018 - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Exploit protection applies helps protect devices from malware that use exploits to spread and infect. It consists of a number of mitigations that can be applied at either the operating system level, or at the individual app level. +[Exploit protection](exploit-protection-exploit-guard.md) helps protect devices from malware that uses exploits to spread and infect other devices. +It consists of a number of mitigations that can be applied to either the operating system or an individual app. +Many of the features that were part of the [Enhanced Mitigation Experience Toolkit (EMET)](https://technet.microsoft.com/security/jj653751) are included in exploit protection. -Many of the features that are part of the [Enhanced Mitigation Experience Toolkit (EMET)](https://technet.microsoft.com/security/jj653751) are included in exploit protection. - -This topic helps you evaluate exploit protection. For more information about what exploit protection does and how to configure it for real-world deployment, see [Exploit protection](exploit-protection-exploit-guard.md). +This topic helps you enable exploit protection in audit mode and review related events in Event Viewer. +You can enable audit mode for certain app-level mitigations to see how they will work in a test environment. +This lets you see a record of what *would* have happened if you had enabled the mitigation in production. +You can make sure it doesn't affect your line-of-business apps, and see which suspicious or malicious events occur. >[!TIP] ->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. +>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to see how exploit protection works. -## Use audit mode to measure impact +## Enable exploit protection in audit mode -You can enable exploit protection in audit mode. You can enable audit mode for individual mitigations. +You can set mitigations in audit mode for specific programs either by using the Windows Security app or PowerShell. -This lets you see a record of what *would* have happened if you had enabled the mitigation. +### Windows Security app -You might want to do this when testing how the feature will work in your organization, to ensure it doesn't affect your line-of-business apps, and to get an idea of how many suspicious or malicious events generally occur over a certain period. +1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**. -See the [**PowerShell reference** section in customize exploit protection](customize-exploit-protection.md#powershell-reference) for a list of which mitigations can be audited and instructions on enabling the mode. +2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection**. + +3. Go to **Program settings** and choose the app you want to apply mitigations to: -For further details on how audit mode works, and when you might want to use it, see [audit Windows Defender Exploit Guard](audit-windows-defender-exploit-guard.md). + 1. If the app you want to configure is already listed, click it and then click **Edit** + 2. If the app is not listed, at the top of the list click **Add program to customize** and then choose how you want to add the app: + - Use **Add by program name** to have the mitigation applied to any running process with that name. You must specify a file with an extension. You can enter a full path to limit the mitigation to only the app with that name in that location. + - Use **Choose exact file path** to use a standard Windows Explorer file picker window to find and select the file you want. + +4. After selecting the app, you'll see a list of all the mitigations that can be applied. Choosing **Audit** will apply the mitigation in audit mode only. You will be notified if you need to restart the process or app, or if you need to restart Windows. + +5. Repeat this for all the apps and mitigations you want to configure. Click **Apply** when you're done setting up your configuration. + +### PowerShell + +To set app-level mitigations to audit mode, use `Set-ProcessMitigation` with the **Audit mode** cmdlet. + +Configure each mitigation in the following format: + + +```PowerShell +Set-ProcessMitigation - - ,, +``` + +Where: + +- \: + - `-Name` to indicate the mitigations should be applied to a specific app. Specify the app's executable after this flag. +- \: + - `-Enable` to enable the mitigation + - `-Disable` to disable the mitigation +- \: + - The mitigation's cmdlet as defined in the following table. Each mitigation is separated with a comma. + +| Mitigation | Audit mode cmdlet | +| - | - | +|Arbitrary code guard (ACG) | AuditDynamicCode | +|Block low integrity images | AuditImageLoad | +|Block untrusted fonts | AuditFont, FontAuditOnly | +|Code integrity guard | AuditMicrosoftSigned, AuditStoreSigned | +|Disable Win32k system calls | AuditSystemCall | +|Do not allow child processes | AuditChildProcess | + +For example, to enable Arbitrary Code Guard (ACG) in audit mode for an app named *testing.exe*, run the following command: + +```PowerShell +Set-ProcesMitigation -Name c:\apps\lob\tests\testing.exe -Enable AuditDynamicCode +``` + +You can disable audit mode by replacing `-Enable` with `-Disable`. + +## Review exploit protection audit events + +To review which apps would have been blocked, open Event Viewer and filter for the following events in the Security-Mitigations log. + +Feature | Provider/source | Event ID | Description +:-|:-|:-:|:- +Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 1 | ACG audit +Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 3 | Do not allow child processes audit +Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 5 | Block low integrity images audit +Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 7 | Block remote images audit +Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 9 | Disable win32k system calls audit +Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 11 | Code integrity guard audit ## Related topics - [Comparison with Enhanced Mitigation Experience Toolkit](emet-exploit-protection-exploit-guard.md) diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md index 7f7c825798..c15f7d5f95 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md @@ -12,7 +12,7 @@ ms.date: 04/16/2018 ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 08/08/2018 +ms.date: 03/26/2019 --- # View attack surface reduction events @@ -27,7 +27,7 @@ Reviewing the events is also handy when you are evaluating the features, as you This topic lists all the events, their associated feature or setting, and describes how to create custom views to filter to specific events. -You can also get detailed reporting into events and blocks as part of Windows Security, which you gain access to if you have an E5 subscription and use [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md). +You can also get detailed reporting into events and blocks as part of Windows Security, which you access if you have an E5 subscription and use [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md). ## Use custom views to review attack surface reduction capabilities @@ -35,7 +35,7 @@ You can create custom views in the Windows Event Viewer to only see events for s The easiest way to do this is to import a custom view as an XML file. You can copy the XML directly from this page. -You can also manually navigate to the event area that corresponds to the feature, see the [list of attack surface reduction events](#list-of-attack-surface-reduction-events) section at the end of this topic for more details. +You can also manually navigate to the event area that corresponds to the feature. ### Import an existing XML custom view @@ -43,11 +43,11 @@ You can also manually navigate to the event area that corresponds to the feature - Controlled folder access events custom view: *cfa-events.xml* - Exploit protection events custom view: *ep-events.xml* - Attack surface reduction events custom view: *asr-events.xml* - - Network protection events custom view: *np-events.xml* + - Network/ protection events custom view: *np-events.xml* -1. Type **event viewer** in the Start menu and open the Windows **Event Viewer**. +1. Type **event viewer** in the Start menu and open **Event Viewer**. -3. On the left panel, under **Actions**, click **Import Custom View...** +3. Click **Action** > **Import Custom View...** ![Animation highlighting Import custom view on the left of the Even viewer window](images/events-import.gif) @@ -55,7 +55,7 @@ You can also manually navigate to the event area that corresponds to the feature 4. Click **Open**. -5. This will create a custom view that filters to only show the [events related to that feature](#list-of-all-windows-defender-exploit-guard-events). +5. This will create a custom view that filters to only show the events related to that feature. ### Copy the XML directly @@ -73,7 +73,7 @@ You can also manually navigate to the event area that corresponds to the feature 4. Click **OK**. Specify a name for your filter. -5. This will create a custom view that filters to only show the [events related to that feature](#list-of-all-windows-defender-exploit-guard-events). +5. This will create a custom view that filters to only show the events related to that feature. ### XML for attack surface reduction rule events diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md index 41018cb2ea..3d5b5df71f 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md @@ -11,7 +11,7 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 11/29/2018 +ms.date: 03/26/2018 --- # Protect devices from exploits @@ -20,47 +20,33 @@ ms.date: 11/29/2018 - [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Exploit protection automatically applies a number of exploit mitigation techniques on both the operating system processes and on individual apps. +Exploit protection automatically applies a number of exploit mitigation techniques to operating system processes and apps. -It is part of [Windows Defender Exploit Guard](windows-defender-exploit-guard.md). Exploit protection is supported on Windows 10, version 1709 and later and Windows Server 2016, version 1803 or later. +It is part of [Windows Defender Exploit Guard](windows-defender-exploit-guard.md). Exploit protection is supported beginning with Windows 10, version 1709 and Windows Server 2016, version 1803. >[!TIP] >You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. Exploit protection works best with [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md) - which gives you detailed reporting into exploit protection events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md). - You [configure these settings using the Windows Security app or PowerShell](customize-exploit-protection.md) on an individual machine, and then [export the configuration as an XML file that you can deploy to other machines](import-export-exploit-protection-emet-xml.md). You can use Group Policy to distribute the XML file to multiple devices at once. +You can [enable exploit protection](enable-exploit-protection.md) on an individual machine, and then use [Group Policy](import-export-exploit-protection-emet-xml.md) to distribute the XML file to multiple devices at once. - When a mitigation is encountered on the machine, a notification will be displayed from the Action Center. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors. +When a mitigation is encountered on the machine, a notification will be displayed from the Action Center. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors. - You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evaluate how exploit protection would impact your organization if it were enabled. +You can also use [audit mode](evaluate-exploit-protection.md) to evaluate how exploit protection would impact your organization if it were enabled. - Many of the features in the [Enhanced Mitigation Experience Toolkit (EMET)](https://technet.microsoft.com/security/jj653751) have been included in Exploit protection, and you can convert and import existing EMET configuration profiles into Exploit protection. See [Comparison between Enhanced Mitigation Experience Toolkit and Windows Defender Exploit Guard](emet-exploit-protection-exploit-guard.md) for more information on how Exploit protection supersedes EMET and what the benefits are when considering moving to exploit protection on Windows 10. +Many of the features in the [Enhanced Mitigation Experience Toolkit (EMET)](https://technet.microsoft.com/security/jj653751) have been included in Exploit protection, and you can convert and import existing EMET configuration profiles into Exploit protection. See [Comparison between Enhanced Mitigation Experience Toolkit and Windows Defender Exploit Guard](emet-exploit-protection-exploit-guard.md) for more information on how Exploit protection supersedes EMET and what the benefits are when considering moving to exploit protection on Windows 10. - >[!IMPORTANT] - >If you are currently using EMET you should be aware that [EMET reached end of life on July 31, 2018](https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/). You should consider replacing EMET with exploit protection in Windows 10. You can [convert an existing EMET configuration file into exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings. +>[!IMPORTANT] +>If you are currently using EMET you should be aware that [EMET reached end of life on July 31, 2018](https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/). You should consider replacing EMET with exploit protection in Windows 10. You can [convert an existing EMET configuration file into exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings. >[!WARNING] >Some security mitigation technologies may have compatibility issues with some applications. You should test exploit protection in all target use scenarios by using [audit mode](audit-windows-defender-exploit-guard.md) before deploying the configuration across a production environment or the rest of your network. - ## Review exploit protection events in Windows Event Viewer +## Review exploit protection events in Windows Event Viewer You can review the Windows event log to see events that are created when exploit protection blocks (or audits) an app: -1. Download the [Exploit Guard Evaluation Package](https://aka.ms/mp7z2w) and extract the file *ep-events.xml* to an easily accessible location on the machine. - -2. Type **Event viewer** in the Start menu to open the Windows Event Viewer. - -3. On the left panel, under **Actions**, click **Import custom view...** - - ![Antimated GIF highlighting the import custom view button on the right pane ](images/events-import.gif) - -4. Navigate to where you extracted *ep-events.xml* and select it. Alternatively, [copy the XML directly](event-views-exploit-guard.md). - -5. Click **OK**. - -6. This will create a custom view that filters to only show the following events related to Exploit protection: - Provider/source | Event ID | Description -|:-:|- Security-Mitigations | 1 | ACG audit @@ -97,22 +83,8 @@ Win32K | 260 | Untrusted Font > >You can [convert an existing EMET configuration file into exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings. -This topic describes the differences between the Enhance Mitigation Experience Toolkit (EMET) and exploit protection in Windows Defender ATP. - -Exploit protection in Windows Defender ATP is our successor to EMET and provides stronger protection, more customization, an easier user interface, and better configuration and management options. - -EMET is a standalone product for earlier versions of Windows and provides some mitigation against older, known exploit techniques. - -After July 31, 2018, it will not be supported. - -For more information about the individual features and mitigations available in Windows Defender ATP, as well as how to enable, configure, and deploy them to better protect your network, see the following topics: - -- [Protect devices from exploits](exploit-protection-exploit-guard.md) -- [Configure and audit Exploit protection mitigations](customize-exploit-protection.md) - -## Feature comparison - - The table in this section illustrates the differences between EMET and Windows Defender Exploit Guard. +This section compares exploit protection in Windows Defender ATP with the Enhance Mitigation Experience Toolkit (EMET) for reference. +The table in this section illustrates the differences between EMET and Windows Defender Exploit Guard.   | Windows Defender Exploit Guard | EMET -|:-:|:-: diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md index 08ee562873..3f018f31f7 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md @@ -37,7 +37,7 @@ You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evalua ## Requirements -Network protection requires Windows 10 Enterprise E3 and Windows Defender AV real-time protection. +Network protection requires Windows 10 Pro, Enterprise E3, E5 and Windows Defender AV real-time protection. Windows 10 version | Windows Defender Antivirus - | - diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md index 524e3cc666..1696f26258 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md @@ -36,7 +36,7 @@ There are four steps to troubleshooting these problems: Attack surface reduction rules will only work on devices with the following conditions: >[!div class="checklist"] -> - Endpoints are running Windows 10 Enterprise E5, version 1709 (also known as the Fall Creators Update). +> - Endpoints are running Windows 10 Enterprise, version 1709 (also known as the Fall Creators Update). > - Endpoints are using Windows Defender Antivirus as the sole antivirus protection app. [Using any other antivirus app will cause Windows Defender AV to disable itself](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md). > - [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) is enabled. > - Audit mode is not enabled. Use Group Policy to set the rule to **Disabled** (value: **0**) as described in [Enable attack surface reduction rules](enable-attack-surface-reduction.md). diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-np.md b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-np.md index f7a384b615..7065ec7e12 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-np.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-np.md @@ -11,7 +11,7 @@ ms.pagetype: security ms.localizationpriority: medium author: andreabichsel ms.author: v-anbic -ms.date: 08/09/2018 +ms.date: 03/27/2019 --- # Troubleshoot network protection @@ -43,7 +43,7 @@ Network protection will only work on devices with the following conditions: > - Endpoints are using Windows Defender Antivirus as the sole antivirus protection app. [Using any other antivirus app will cause Windows Defender AV to disable itself](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md). > - [Real-time protection](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md) is enabled. > - [Cloud-delivered protection](../windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md) is enabled. -> - Audit mode is not enabled. Use Group Policy to set the rule to **Disabled** (value: **0**) as described in the [Enable network protection topic](enable-network-protection.md#use-group-policy-to-enable-or-audit-network-protection). +> - Audit mode is not enabled. Use [Group Policy](enable-network-protection.md#group-policy) to set the rule to **Disabled** (value: **0**). If these pre-requisites have all been met, proceed to the next step to test the rule in audit mode. @@ -60,7 +60,7 @@ If you encounter problems when running the evaluation scenario, check that the d You can also use audit mode and then attempt to visit the site or IP (IPv4) address you do or don't want to block. Audit mode lets network protection report to the Windows event log as if it actually blocked the site or connection to an IP address, but will still allow the file to run. -1. Enable audit mode for network protection. Use Group Policy to set the rule to **Audit mode** as described in the [Enable network protection topic](enable-network-protection.md#use-group-policy-to-enable-or-audit-network-protection). +1. Enable audit mode for network protection. Use Group Policy to set the rule to **Audit mode** as described in the [Enable network protection topic](enable-network-protection.md#group-policy). 2. Perform the connection activity that is causing an issue (for example, attempt to visit the site, or connect to the IP address you do or don't want to block). 3. [Review the network protection event logs](network-protection-exploit-guard.md#review-network-protection-events-in-windows-event-viewer) to see if the feature would have blocked the connection if it had been set to **Enabled**. diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md index 74f7688832..32055b2546 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md @@ -60,7 +60,7 @@ This section covers requirements for each feature in Windows Defender EG. | Feature | Windows 10 Home | Windows 10 Professional | Windows 10 E3 | Windows 10 E5 | | ----------------- | :------------------------------------: | :---------------------------: | :-------------------------: | :--------------------------------------: | | Exploit protection | ![supported](./images/ball_50.png) | ![supported](./images/ball_50.png) | ![supported, enhanced](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) | -| Attack surface reduction rules | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, full reporting](./images/ball_full.png) | +| Attack surface reduction rules | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) | | Network protection | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) | | Controlled folder access | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) | diff --git a/windows/security/threat-protection/windows-platform-common-criteria.md b/windows/security/threat-protection/windows-platform-common-criteria.md index 6e5a650a0c..a3f36f7725 100644 --- a/windows/security/threat-protection/windows-platform-common-criteria.md +++ b/windows/security/threat-protection/windows-platform-common-criteria.md @@ -9,7 +9,7 @@ manager: dansimp ms.collection: M365-identity-device-management ms.topic: article ms.localizationpriority: medium -ms.date: 10/8/2018 +ms.date: 3/20/2019 --- # Common Criteria Certifications @@ -22,6 +22,7 @@ Microsoft is committed to optimizing the security of its products and services. The Security Target describes security functionality and assurance measures used to evaluate Windows. + - [Microsoft Windows 10 (April 2018 Update)](http://download.microsoft.com/download/0/7/6/0764E933-DD0B-45A7-9144-1DD9F454DCEF/Windows%2010%201803%20GP%20OS%20Security%20Target.pdf) - [Microsoft Windows 10 (Fall Creators Update)](https://download.microsoft.com/download/B/6/A/B6A5EC2C-6351-4FB9-8FF1-643D4BD5BE6E/Windows%2010%201709%20GP%20OS%20Security%20Target.pdf) - [Microsoft Windows 10 (Creators Update)](https://download.microsoft.com/download/e/8/b/e8b8c42a-a0b6-4ba1-9bdc-e704e8289697/windows%2010%20version%201703%20gp%20os%20security%20target%20-%20public%20\(january%2016,%202018\)\(final\)\(clean\).pdf) - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](https://download.microsoft.com/download/1/c/3/1c3b5ab0-e064-4350-a31f-48312180d9b5/st_vid10823-st.pdf) @@ -58,6 +59,7 @@ These documents describe how to configure Windows to replicate the configuration **Windows 10, Windows 10 Mobile, Windows Server 2016, Windows Server 2012 R2** + - [Microsoft Windows 10 (April 2018 Update)](http://download.microsoft.com/download/6/C/1/6C13FBFF-9CB0-455F-A1C8-3E3CB0ACBD7B/Windows%2010%201803%20GP%20OS%20Administrative%20Guide.pdf) - [Microsoft Windows 10 (Fall Creators Update)](https://download.microsoft.com/download/5/D/2/5D26F473-0FCE-4AC4-9065-6AEC0FE5B693/Windows%2010%201709%20GP%20OS%20Administrative%20Guide.pdf) - [Microsoft Windows 10 (Creators Update)](https://download.microsoft.com/download/e/9/7/e97f0c7f-e741-4657-8f79-2c0a7ca928e3/windows%2010%20cu%20gp%20os%20operational%20guidance%20\(jan%208%202017%20-%20public\).pdf) - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](https://download.microsoft.com/download/d/c/4/dc40b5c8-49c2-4587-8a04-ab3b81eb6fc4/st_vid10823-agd.pdf) @@ -134,6 +136,7 @@ These documents describe how to configure Windows to replicate the configuration An Evaluation Technical Report (ETR) is a report submitted to the Common Criteria certification authority for how Windows complies with the claims made in the Security Target. A Certification / Validation Report provides the results of the evaluation by the validation team. + - [Microsoft Windows 10 (April 2018 Update)](http://download.microsoft.com/download/6/7/1/67167BF2-885D-4646-A61E-96A0024B52BB/Windows%2010%201803%20GP%20OS%20Certification%20Report.pdf) - [Microsoft Windows 10 (Fall Creators Update)](https://download.microsoft.com/download/2/C/2/2C20D013-0610-4047-B2FA-516819DFAE0A/Windows%2010%201709%20GP%20OS%20Certification%20Report.pdf) - [Microsoft Windows 10 (Creators Update)](https://download.microsoft.com/download/3/2/c/32cdf627-dd23-4266-90ff-2f9685fd15c0/2017-49%20inf-2218%20cr.pdf) - [Microsoft Windows Server 2016, Microsoft Windows Server 2012 R2, and Microsoft Windows 10 Hyper-V](https://download.microsoft.com/download/a/3/3/a336f881-4ac9-4c79-8202-95289f86bb7a/st_vid10823-vr.pdf) diff --git a/windows/whats-new/whats-new-windows-10-version-1803.md b/windows/whats-new/whats-new-windows-10-version-1803.md index 3baeb61f1b..a4846edc0d 100644 --- a/windows/whats-new/whats-new-windows-10-version-1803.md +++ b/windows/whats-new/whats-new-windows-10-version-1803.md @@ -135,7 +135,7 @@ Portions of the work done during the offline phases of a Windows update have bee ### Co-management -Intune and System Center Configuration Manager policies have been added to enable hyrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management. +Intune and System Center Configuration Manager policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management. For more information, see [What's New in MDM enrollment and management](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1803)