deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-17 03:13:44 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main' into fr-meta-bitlocker

Browse Source
This commit is contained in:
Angela Fleischmann
2022-11-18 09:55:22 -07:00
committed by GitHub
parent 047c6ee97a 8d8521c4e0
commit c4b7d04cde
34 changed files with 124 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
education/docfx.json
View File

@ -63,9 +63,6 @@
]
},
"fileMetadata": {
"ms.localizationpriority": {
"windows/tutorial-school-deployment/**/**.md": "medium"
},
"ms.topic": {
"windows/tutorial-school-deployment/**/**.md": "tutorial"
}

1
education/windows/windows-11-se-overview.md
View File

@ -82,7 +82,6 @@ The following applications can also run on Windows 11 SE, and can be deployed us
| Application | Supported version | App Type | Vendor |
|-----------------------------------------|-------------------|----------|------------------------------|
| 3d builder | 15.2.10821.1070 | Win32 | Microsoft |
| Absolute Software Endpoint Agent | 7.21-15655 | Win32 | Absolute Software Corporation|
| AirSecure | 8.0.0 | Win32 | AIR |
| Alertus Desktop | 5.4.44.0 | Win32 | Alertus technologies |
| Brave Browser | 106.0.5249.65 | Win32 | Brave |

4
windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
View File

@ -143,8 +143,8 @@ When you configure your MDT Build Lab deployment share, you can also add applica
On **MDT01**:
1. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (AcroRdrDC2200320263_en_US.exe) to **D:\\setup\\adobe** on MDT01.
2. Extract the .exe file that you downloaded to a .msi (ex: .\AcroRdrDC2200320263_en_US.exe -sfx_o"d:\setup\adobe\install\" -sfx_ne).
1. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (AcroRdrDC2200320282_en_US.exe) to **D:\\setup\\adobe** on MDT01.
2. Extract the .exe file that you downloaded to a .msi (ex: .\AcroRdrDC2200320282_en_US.exe -sfx_o"d:\setup\adobe\install\" -sfx_ne).
3. In the Deployment Workbench, expand the **MDT Production** node and navigate to the **Applications** node.
4. Right-click the **Applications** node, and create a new folder named **Adobe**.

6
windows/deployment/usmt/getting-started-with-the-user-state-migration-tool.md
View File

@ -34,7 +34,7 @@ This article outlines the general process that you should follow to migrate file
6. Create a [Config.xml File](usmt-configxml-file.md) if you want to exclude any components from the migration. To create this file, use the [ScanState Syntax](usmt-scanstate-syntax.md) option together with the other .xml files when you use the `ScanState.exe` command. For example, the following command creates a `Config.xml` file by using the `MigDocs.xml` and `MigApp.xml` files:
``` syntax
```cmd
ScanState.exe /genconfig:Config.xml /i:MigDocs.xml /i:MigApp.xml /v:13 /l:ScanState.log
```
@ -51,7 +51,7 @@ This article outlines the general process that you should follow to migrate file
3. Run the `ScanState.exe` command on the source computer to collect files and settings. You should specify all of the .xml files that you want the `ScanState.exe` command to use. For example,
``` syntax
```cmd
ScanState.exe \\server\migration\mystore /config:Config.xml /i:MigDocs.xml /i:MigApp.xml /v:13 /l:ScanState.log
```
@ -78,7 +78,7 @@ This article outlines the general process that you should follow to migrate file
For example, the following command migrates the files and settings:
``` syntax
```cmd
LoadState.exe \\server\migration\mystore /config:Config.xml /i:MigDocs.xml /i:MigApp.xml /v:13 /l:LoadState.log
```

2
windows/deployment/usmt/migrate-application-settings.md
View File

@ -131,7 +131,7 @@ On a test computer, install the operating system that will be installed on the d
To speed up the time it takes to collect and migrate the data, you can migrate only one user at a time, and you can exclude all other components from the migration except the application that you're testing. To specify only **User1** in the migration, enter:
``` syntax
```cmd
/ue:*\* /ui:user1
```

8
windows/deployment/usmt/understanding-migration-xml-files.md
View File

@ -164,7 +164,7 @@ You can use multiple XML files with the ScanState and LoadState tools. Each of t
For example, you can use all of the XML migration file types for a single migration, as in the following example:
``` syntax
```cmd
ScanState.exe <store> /config:c:\myFolder\Config.xml /i:migapps.xml /i:MigDocs.xml /i:CustomRules.xml
```
@ -194,14 +194,14 @@ To generate the XML migration rules file for a source computer:
4. At the command prompt, enter:
``` syntax
```cmd
cd /d <USMTpath>
ScanState.exe /genmigxml: <filepath.xml>
```
Where *&lt;USMTpath&gt;* is the location on your source computer where you've saved the USMT files and tools, and *&lt;filepath.xml&gt;* is the full path to a file where you can save the report. For example, enter:
``` syntax
```cmd
cd /d c:\USMT
ScanState.exe /genmigxml:"C:\Documents and Settings\USMT Tester\Desktop\genMig.xml"
```
@ -230,7 +230,7 @@ The `MigDocs.xml` file calls the `GenerateDocPatterns` function, which takes thr
**Usage:**
``` syntax
```cmd
MigXmlHelper.GenerateDocPatterns ("<ScanProgramFiles>", "<IncludePatterns>", "<SystemDrive>")
```

10
windows/deployment/usmt/usmt-common-issues.md
View File

@ -107,7 +107,7 @@ To remove encryption from files that have already been migrated incorrectly, you
**Resolution:** You can use the `/mu` option when you run the **LoadState** tool to specify a new name for the user. For example,
``` syntax
```cmd
LoadState.exe /i:MigApp.xml /i:MigDocs.xml \\server\share\migration\mystore
/progress:Progress.log /l:LoadState.log /mu:fareast\user1:farwest\user1
```
@ -138,7 +138,7 @@ The following sections describe common XML file problems. Expand the section to
**Resolution:** Install all of the desired applications on the computer before running the `/genconfig` option. Then run `ScanState.exe` with all of the .xml files. For example, run the following command:
``` syntax
```cmd
ScanState.exe /genconfig:Config.xml /i:MigDocs.xml /i:MigApp.xml /v:5 /l:ScanState.log
```
@ -248,7 +248,7 @@ The following sections describe common offline migration problems. Expand the se
**Resolution:** Use a Security Identifier (SID) to include a user when running the **ScanState** tool. For example:
``` syntax
```cmd
ScanState.exe /ui:S1-5-21-124525095-708259637-1543119021*
```
@ -262,7 +262,7 @@ You can also use patterns for SIDs that identify generic users or groups. For ex
**Resolution:** Reboot the computer or unload the registry hive at the command prompt after the **ScanState** tool has finished running. For example, at a command prompt, enter:
``` syntax
```cmd
reg.exe unload hklm\$dest$software
```
@ -282,7 +282,7 @@ The following sections describe common hard-link migration problems. Expand the
**Resolution:** Use the UsmtUtils tool to delete the store or change the store name. For example, at a command prompt, enter:
``` syntax
```cmd
UsmtUtils.exe /rd <storedir>
```

6
windows/deployment/usmt/usmt-estimate-migration-store-size.md
View File

@ -47,7 +47,7 @@ To run the ScanState tool on the source computer with USMT installed:
2. Navigate to the USMT tools. For example, enter:
``` syntax
```cmd
cd /d "C:\Program Files (x86)\Windows Kits\8.0\Assessment and Deployment Kit\User State Migration Tool\<architecture>"
```
@ -55,13 +55,13 @@ To run the ScanState tool on the source computer with USMT installed:
3. Run the **ScanState** tool to generate an XML report of the space requirements. At the command prompt, enter:
``` syntax
```cmd
ScanState.exe <StorePath> /p:<path to a file>
```
Where *&lt;StorePath&gt;* is a path to a directory where the migration store will be saved and *&lt;path to a file&gt;* is the path and filename where the XML report for space requirements will be saved. For example:
``` syntax
```cmd
ScanState.exe c:\store /p:c:\spaceRequirements.xml
```

10
windows/deployment/usmt/usmt-extract-files-from-a-compressed-migration-store.md
View File

@ -29,7 +29,7 @@ In addition, you can specify the file patterns that you want to extract by using
To extract files from the compressed migration store onto the destination computer, use the following UsmtUtils syntax:
``` syntax
```cmd
UsmtUtils.exe /extract <filePath> <destinationPath> [/i:<includePattern>] [/e:<excludePattern>] [/l:<logfile>] [/decrypt[:<AlgID>] {/key:<keystring> | /keyfile:<filename>}] [/o]
```
@ -57,7 +57,7 @@ Where the placeholders have the following values:
To extract everything from a compressed migration store to a file on the `C:\` drive, enter:
``` syntax
```cmd
UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig C:\ExtractedStore
```
@ -65,7 +65,7 @@ UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig C:\ExtractedStore
To extract specific files, such as `.txt` and `.pdf` files, from an encrypted compressed migration store, enter:
``` syntax
```cmd
UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /i:"*.txt,*.pdf" C:\ExtractedStore /decrypt /keyfile:D:\encryptionKey.txt
```
@ -75,7 +75,7 @@ In this example, the file is encrypted and the encryption key is located in a te
To extract all files except for one file type, such as `.exe` files, from an encrypted compressed migration store, enter:
``` syntax
```cmd
UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /e:*.exe C:\ExtractedStore /decrypt:AES_128 /key:password /l:C:\usmtutilslog.txt
```
@ -83,7 +83,7 @@ UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /e:*.exe C:\ExtractedS
To extract files from a compressed migration store, and to exclude files of one type (such as .exe files) while including only specific files, use both the include pattern and the exclude pattern, as in this example:
``` syntax
```cmd
UsmtUtils.exe /extract D:\MyMigrationStore\USMT\store.mig /i:myProject.* /e:*.exe C:\ExtractedStore /o
```

4
windows/deployment/usmt/usmt-general-conventions.md
View File

@ -55,13 +55,13 @@ You can use the XML helper functions in the [XML elements library](usmt-xml-elem
As with parameters with a default value convention, if you have a NULL parameter at the end of a list, you can leave it out. For example, the following function:
``` syntax
```cmd
SomeFunction("My String argument",NULL,NULL)
```
is equivalent to:
``` syntax
```cmd
SomeFunction("My String argument")
```

2
windows/deployment/usmt/usmt-hard-link-migration-store.md
View File

@ -92,7 +92,7 @@ It isn't necessary to estimate the size of a hard-link migration store since har
Separate hard-link migration stores are created on each NTFS volume that contain data being migrated. In this scenario, the primary migration-store location will be specified on the command line, and should be the operating-system volume. Migration stores with identical names and directory names will be created on every volume containing data being migrated. For example:
``` syntax
```cmd
ScanState.exe /hardlink c:\USMTMIG […]
```

2
windows/deployment/usmt/usmt-migrate-efs-files-and-certificates.md
View File

@ -34,7 +34,7 @@ Before using the **ScanState** tool for a migration that includes encrypted file
You can run the [Cipher.exe](/windows-server/administration/windows-commands/cipher) tool at a Windows command prompt to review and change encryption settings on files and folders. For example, to remove encryption from a folder, at a command prompt enter:
``` syntax
```cmd
cipher.exe /D /S:<PATH>
```

14
windows/deployment/usmt/usmt-migrate-user-accounts.md
View File

@ -23,7 +23,7 @@ Links to detailed explanations of commands are available in the [Related article
2. Enter the following `ScanState.exe` command line in a command prompt window:
``` syntax
```cmd
ScanState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml /o
````
@ -33,13 +33,13 @@ Links to detailed explanations of commands are available in the [Related article
- If you're migrating domain accounts, enter:
``` syntax
```cmd
LoadState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml
```
- If you're migrating local accounts along with domain accounts, enter:
``` syntax
```cmd
LoadState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml /lac /lae
```
@ -54,7 +54,7 @@ Links to detailed explanations of commands are available in the [Related article
2. Enter the following `ScanState.exe` command line in a command prompt window:
``` syntax
```cmd
ScanState.exe \\server\share\migration\mystore /ue:*\* /ui:contoso\user1 /ui:fabrikam\user2 /i:MigDocs.xml /i:MigApp.xml /o
```
@ -62,7 +62,7 @@ Links to detailed explanations of commands are available in the [Related article
4. Enter the following `LoadState.exe ` command line in a command prompt window:
``` syntax
```cmd
LoadState.exe \\server\share\migration\mystore /i:MigDocs.xml /i:MigApp.xml
```
@ -74,7 +74,7 @@ Links to detailed explanations of commands are available in the [Related article
2. Enter the following `ScanState.exe` command line in a command prompt window:
``` syntax
```cmd
ScanState.exe \\server\share\migration\mystore /ue:*\* /ui:contoso\user1 /ui:contoso\user2 /i:MigDocs.xml /i:MigApp.xml /o
```
@ -82,7 +82,7 @@ Links to detailed explanations of commands are available in the [Related article
4. Enter the following `LoadState.exe ` command line in a command prompt window:
``` syntax
```cmd
LoadState.exe \\server\share\migration\mystore /mu:contoso\user1:fabrikam\user2 /i:MigDocs.xml /i:MigApp.xml
```

2
windows/deployment/usmt/usmt-scanstate-syntax.md
View File

@ -43,7 +43,7 @@ The `ScanState.exe` command's syntax is:
For example, to create a `Config.xml` file in the current directory, use:
``` syntax
```cmd
ScanState.exe /i:MigApp.xml /i:MigDocs.xml /genconfig:Config.xml /v:13
```

8
windows/deployment/usmt/verify-the-condition-of-a-compressed-migration-store.md
View File

@ -59,7 +59,7 @@ Where the placeholders have the following values:
To verify whether the migration store is intact or whether it contains corrupted files or a corrupted catalog, enter:
``` syntax
```cmd
UsmtUtils.exe /verify D:\MyMigrationStore\store.mig
```
@ -69,7 +69,7 @@ Because no report type is specified, **UsmtUtils** displays the default summary
To verify whether the catalog file is corrupted or intact, enter:
``` syntax
```cmd
UsmtUtils.exe /verify:catalog D:\MyMigrationStore\store.mig
```
@ -77,7 +77,7 @@ UsmtUtils.exe /verify:catalog D:\MyMigrationStore\store.mig
To verify whether there are any corrupted files in the compressed migration store, and to specify the name and location of the log file, enter:
``` syntax
```cmd
UsmtUtils.exe /verify:all D:\MyMigrationStore\store.mig /decrypt /l:D:\UsmtUtilsLog.txt`
```
@ -87,7 +87,7 @@ In addition to verifying the status of all files, this example decrypts the file
In this example, the log file will only list the files that became corrupted during the **ScanState** process. This list will include the catalog file if it's also corrupted.
``` syntax
```cmd
UsmtUtils.exe /verify:failureonly D:\MyMigrationStore\USMT\store.mig /decrypt:AES_192 /keyfile:D:\encryptionKey.txt
```

21
windows/security/docfx.json
View File

@ -36,9 +36,10 @@
"recommendations": true,
"breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
"uhfHeaderId": "MSDocsHeader-M365-IT",
"ms.topic": "article",
"manager": "dansimp",
"audience": "ITPro",
"ms.localizationpriority": "medium",
"ms.prod": "windows-client",
"ms.technology": "itpro-security",
"manager": "aaroncz",
"feedback_system": "GitHub",
"feedback_github_repo": "MicrosoftDocs/windows-itpro-docs",
"feedback_product_url": "https://support.microsoft.com/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332",
@ -48,7 +49,6 @@
"folder_relative_path_in_docset": "./"
}
},
"titleSuffix": "Windows security",
"contributors_to_exclude": [
"rjagiewich",
"traya1",
@ -56,13 +56,22 @@
"claydetels19",
"jborsecnik",
"tiburd",
"AngelaMotherofDragons",
"dstrome",
"v-dihans",
"garycentric"
],
"searchScope": ["Windows 10"]
},
"fileMetadata": {
"titleSuffix":{
"threat-protection/**/*.md": "Windows security"
"author":{
"/identity-protection/hello-for-business/**/*.md": "paolomatarazzo"
},
"ms.author":{
"/identity-protection/hello-for-business/**/*.md": "paoloma"
},
"ms.reviewer":{
"/identity-protection/hello-for-business/**/*.md": "erikdau"
}
},
"template": [],

2
windows/security/threat-protection/auditing/audit-directory-service-access.md
View File

@ -1,6 +1,6 @@
---
title: Audit Directory Service Access (Windows 10)
description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (ADA DS) object is accessed.
description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (AD DS) object is accessed.
ms.assetid: ba2562ba-4282-4588-b87c-a3fcb771c7d0
ms.reviewer:
manager: aaroncz

4
windows/security/threat-protection/auditing/event-4616.md
View File

@ -163,9 +163,9 @@ For 4616(S): The system time was changed.
> [!IMPORTANT]
> For this event, also see [Appendix A: Security monitoring recommendations for many audit events](appendix-a-security-monitoring-recommendations-for-many-audit-events.md).
- Report all “**Subject\\Security ID**” not equals **“LOCAL SERVICE”**, which means that the time change was not made not by Windows Time service.
- Report all “**Subject\\Security ID**” not equals **“LOCAL SERVICE”**, which means that the time change was not made by Windows Time service.
- Report all “**Process Information\\Name**” not equals **“C:\\Windows\\System32\\svchost.exe”** (path to svchost.exe can be different, you can search for “svchost.exe” substring), which means that the time change was not made not by Windows Time service.
- Report all “**Process Information\\Name**” not equals **“C:\\Windows\\System32\\svchost.exe”** (path to svchost.exe can be different, you can search for “svchost.exe” substring), which means that the time change was not made by Windows Time service.
<!-- -->

3
windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md
View File

@ -22,7 +22,8 @@ ms.technology: itpro-security
**Applies to**
- Windows 10
- Windows 11
- Windows 10
This article discusses different methods to administer security policy settings on a local device or throughout a small- or medium-sized organization.

3
windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md
View File

@ -22,7 +22,8 @@ ms.technology: itpro-security
# Configure security policy settings
**Applies to**
- Windows 10
- Windows 11
- Windows 10
Describes steps to configure a security policy setting on the local device, on a domain-joined device, and on a domain controller.

6
windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md
View File

@ -21,7 +21,13 @@ ms.technology: itpro-security
# Network access: Restrict anonymous access to Named Pipes and Shares
**Applies to**
- Windows 11
- Windows 10
- Windows 8.1
- Windows Server 2022
- Windows Server 2019
- Windows Server 2016
- Windows Server 2012 R2
Describes the best practices, location, values, policy management and security considerations for the **Network access: Restrict anonymous access to Named Pipes and Shares** security policy setting.

3
windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md
View File

@ -21,7 +21,8 @@ ms.technology: itpro-security
# Network List Manager policies
**Applies to**
- Windows 10
- Windows 11
- Windows 10
Network List Manager policies are security settings that you can use to configure different aspects of how networks are listed and displayed on one device or on many devices.

3
windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md
View File

@ -21,7 +21,8 @@ ms.technology: itpro-security
# Security policy settings reference
**Applies to**
- Windows 10
- Windows 11
- Windows 10
This reference of security settings provides information about how to implement and manage security policies, including setting options and security considerations.

2
windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
View File

@ -66,7 +66,7 @@ There are several ways to get and use security baselines:
2. [Mobile device management (MDM) security baselines](/windows/client-management/mdm/#mdm-security-baseline) function like the Microsoft group policy-based security baselines and can easily integrate these baselines into an existing MDM management tool.
3. MDM security baselines can easily be configures in Microsoft Intune on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all).
3. MDM security baselines can easily be configured in Microsoft Intune on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all).
## Community