deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-21 17:57:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merged PR 5546: 1/26 AM Publish

Browse Source
This commit is contained in:
Alma Jenks 2018-01-29 18:30:08 +00:00
commit c73f441c46
19 changed files with 99 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
devices/surface-hub/troubleshoot-surface-hub.md
View File

@ -602,7 +602,7 @@ This section lists status codes, mapping, user messages, and actions an admin ca
 
## Related content
- [Troubleshooting Miracast connection to the Surface Hub](https://blogs.msdn.microsoft.com/surfacehub/2017/01/30/troubleshooting-miracast-connection-to-the-surface-hub/)
- [Troubleshooting Miracast connection to the Surface Hub](https://docs.microsoft.com/surface-hub/miracast-troubleshooting)
 

3
devices/surface/change-history-for-surface.md
View File

@ -5,7 +5,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: jdeckerms
ms.date: 11/03/2017
ms.date: 01/29/2018
---
# Change history for Surface documentation
@ -16,6 +16,7 @@ This topic lists new and updated topics in the Surface documentation library.
|New or changed topic | Description |
| --- | --- |
|[Windows AutoPilot and Surface devices](windows-autopilot-and-surface-devices.md) | New article |
|[Microsoft Surface Data Eraser](microsoft-surface-data-eraser.md) | Added version 3.2.45 information |
|[Surface device compatibility with Windows 10 Long-Term Servicing Channel (LTSC)](surface-device-compatibility-with-windows-10-ltsc.md) | Updated Current Branch (CB) or Current Branch for Business (CBB) servicing options with Semi-Annual Channel (SAC) information |
|[Wake On LAN for Surface devices](wake-on-lan-for-surface-devices.md) | Added Surface Book 2, Surface Laptop, Surface Pro, Surface Pro with LTE Advanced, and Surface Pro information |

8
devices/surface/deploy.md
View File

@ -5,8 +5,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: heatherpoulsen
ms.date: 04/11/2017
author: brecords
ms.date: 01/29/2018
ms.author: jdecker
---
# Deploy Surface devices
@ -17,7 +18,8 @@ Get deployment guidance for your Surface devices including information about MDT
| Topic | Description |
| --- | --- |
| [Surface device compatibility with Windows 10 Long-Term Servicing Channel](surface-device-compatibility-with-windows-10-ltsc.md) | Find out about compatibility and limitations of Surface devices running Windows 10 Enterprise LTSB edition. |
| [Windows AutoPilot and Surface devices](windows-autopilot-and-surface-devices.md) | Find out how to remotely deploy and configure devices with Windows AutoPilot. |
| [Surface device compatibility with Windows 10 Long-Term Servicing Channel](surface-device-compatibility-with-windows-10-ltsc.md) | Find out about compatibility and limitations of Surface devices running Windows 10 Enterprise LTSC edition. |
| [Deploy Windows 10 to Surface devices with MDT](deploy-windows-10-to-surface-devices-with-mdt.md) | Walk through the recommended process of how to deploy Windows 10 to your Surface devices with the Microsoft Deployment Toolkit.|
| [Upgrade Surface devices to Windows 10 with MDT](upgrade-surface-devices-to-windows-10-with-mdt.md)| Find out how to perform a Windows 10 upgrade deployment to your Surface devices. |
| [Customize the OOBE for Surface deployments](customize-the-oobe-for-surface-deployments.md)| Walk through the process of customizing the Surface out-of-box experience for end users in your organization.|

51
devices/surface/windows-autopilot-and-surface-devices.md Normal file
View File

@ -0,0 +1,51 @@
---
title: Windows AutoPilot and Surface Devices (Surface)
description: Find out about Windows AutoPilot deployment options for Surface devices.
keywords: autopilot, windows 10, surface, deployment
ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: brecords
ms.date: 01/31/2018
ms.author: jdecker
---
# Windows AutoPilot and Surface devices
Windows AutoPilot is a cloud-based deployment technology available in Windows 10. Using Windows AutoPilot, you can remotely deploy and configure devices in a truly zero-touch process right out of the box. Windows AutoPilot registered devices are identified over the internet at first boot using a unique device signature, known as the hardware hash, and automatically enrolled and configured using modern management solutions such as Azure Active Directory (AAD) and Mobile Device Management (MDM).
With Surface devices, you can choose to register your devices at the time of purchase when purchasing from a Surface partner enabled for Windows AutoPilot. New devices can be shipped directly to your end-users and will be automatically enrolled and configured when the units are unboxed and turned on for the first time. This process can eliminate need to reimage your devices as part of your deployment process, reducing the work required of your deployment staff and opening up new, agile methods for device management and distribution.
In this article learn how to enroll your Surface devices in Windows AutoPilot with a Surface partner and the options and considerations you will need to know along the way. This article focuses specifically on Surface devices, for more information about using Windows AutoPilot with other devices, or to read more about Windows AutoPilot and its capabilities, see [Overview of Windows AutoPilot](https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-10-autopilot) in the Windows Docs Library.
## Prerequisites
Enrollment of Surface devices in Windows AutoPilot with a Surface partner enabled for Windows AutoPilot has the following licensing requirements for each enrolled Surface device:
* **Azure Active Directory Premium** Required to enroll your devices in your organization and to automatically enroll devices in your organizations mobile management solution.
* **Mobile Device Management (such as Microsoft Intune)** Required to remotely deploy applications, configure, and manage your enrolled devices.
* **Office 365 ProPlus** Required to deploy Microsoft Office to your enrolled devices.
These requirements are also met by the following solutions:
* Microsoft 365 E3 or E5 (includes Azure Active Directory Premium, Microsoft Intune, and Office 365 ProPlus)
Or
* Enterprise Mobility + Security E3 or E5 (includes Azure Active Directory Premium and Microsoft Intune)
* Office 365 ProPlus, E3, or E5 (includes Office 365 ProPlus)
>[!NOTE]
>Deployment of devices using Windows AutoPilot to complete the Out-of-Box Experience (OOBE) is supported without these prerequisites, however will yield deployed devices without applications, configuration, or enrollment in a management solution and is highly discouraged.
### Windows version considerations
Support for broad deployments of Surface devices using Windows AutoPilot, including enrollment performed by Surface partners at the time of purchase, requires devices manufactured with or otherwise installed with Windows 10 Version 1709 (Fall Creators Update). Windows 10 Version 1709 uses a secure 4096-bit (4k) hash value to uniquely identify devices for Windows AutoPilot that is necessary for deployments at scale.
### Surface device support
Surface devices with support for out-of-box deployment with Windows AutoPilot, enrolled during the purchase process with a Surface partner, include the following devices, where the devices ship from the factory with Windows 10 Version 1709:
* Surface Pro (Model 1796)
* Surface Book 2
* Surface Laptop
* Surface Studio
## Surface partners enabled for Windows AutoPilot
Enrolling Surface devices in Windows AutoPilot at the time of purchase is a capability provided by select Surface partners that are enabled with the capability to identify individual Surface devices during the purchase process and perform enrollment on an organizations behalf. Devices enrolled by a Surface partner at time of purchase can be shipped directly to users and configured entirely through the zero-touch process of Windows AutoPilot, Azure Active Directory, and Mobile Device Management.
You can find a list of Surface partners enabled for Windows AutoPilot at the [Windows AutoPilot for Surface portal](https://www.microsoft.com/en-us/itpro/surface/windows-autopilot-for-surface).

2
education/windows/use-set-up-school-pcs-app.md
View File

@ -110,7 +110,7 @@ You can watch the descriptive audio version here: [Microsoft Education: Use the
- Install the app on your work PC and make sure you're connected to your school's network.
- You must have Office 365 and Azure Active Directory.
- You must have the Microsoft Store for Education configured.
- You must be a global admin, store admin, or purchaser in the Microsoft Store for Education.
- You must be a global admin in the Microsoft Store for Education.
- It's best if you sign up for and [configure Intune for Education](../get-started/use-intune-for-education.md) before using the Set up School PCs app.
- Have a USB drive, 1 GB or larger, to save the provisioning package. We recommend an 8 GB or larger USB drive if you're installing Office.

1
windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
View File

@ -1508,6 +1508,7 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
<li>Settings/AllowOnlineTips</li>
<li>System/DisableEnterpriseAuthProxy </li>
</ul>
<p>Security/RequireDeviceEncrption - updated to show it is supported in desktop.</p>
</tr>
<tr class="odd">
<td style="vertical-align:top">[BitLocker CSP](bitlocker-csp.md)</td>

2
windows/client-management/mdm/policy-configuration-service-provider.md
View File

@ -130,7 +130,7 @@ The following diagram shows the Policy configuration service provider in tree fo
<p style="margin-left: 20px">Supported operations are Add and Get. Does not support Delete.
> [!Note]
> The policies supported in Windows 10 S is the same as in Windows 10 Pro, except that policies under AppliationsDefaults are not suppported in Windows 10 S.
> The policies supported in Windows 10 S are the same as those supported in Windows 10 Pro with the exception of the policies under ApplicationDefaults. The ApplicationDefaults polices are not supported in Windows 10 S.
## Policies

11
windows/client-management/mdm/policy-csp-security.md
View File

@ -481,10 +481,10 @@ The following list shows the supported values:
</tr>
<tr>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td></td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
</tr>
@ -501,9 +501,6 @@ The following list shows the supported values:
<!--EndScope-->
<!--StartDescription-->
> [!NOTE]
> This policy is only enforced in Windows 10 Mobile. In Windows 10 for desktop, you can query encryption status by using the [DeviceStatus CSP](devicestatus-csp.md) node **DeviceStatus/Compliance/EncryptionCompliance**.
Allows enterprise to turn on internal storage encryption.
The following list shows the supported values:

2
windows/client-management/mdm/understanding-admx-backed-policies.md
View File

@ -131,6 +131,7 @@ The following SyncML examples describe how to set a MDM policy that is defined b
<Target>
<LocURI>./Device/Vendor/MSFT/Policy/Config/AppVirtualization/PublishingAllowServer2</LocURI>
</Target>
<Data>
<![CDATA[<enabled/><data id="Publishing_Server2_Name_Prompt" value="name prompt"/><data
id="Publishing_Server_URL_Prompt" value="URL prompt"/><data
id="Global_Publishing_Refresh_Options" value="1"/><data
@ -141,6 +142,7 @@ The following SyncML examples describe how to set a MDM policy that is defined b
id="User_Refresh_OnLogon_Options" value="0"/><data
id="User_Refresh_Interval_Prompt" value="15"/><data
id="User_Refresh_Unit_Options" value="1"/>]]>
</Data>
</Item>
</Replace>
<Final/>

1
windows/configuration/change-history-for-configure-windows-10.md
View File

@ -25,6 +25,7 @@ New or changed topic | Description
| [Diagnostic Data Viewer Overview](diagnostic-data-viewer-overview.md) | New topic |
[Configure Windows 10 taskbar](configure-windows-10-taskbar.md) | Added section for removing default apps from the taskbar.
[Manage Windows 10 connection endpoints](manage-windows-endpoints-version-1709.md) | New topic for Windows 10, version 1709 that explains the purpose for connections to Microsoft services and how to manage them.
[Configure Windows Spotlight on the lock screen](windows-spotlight.md) | Added section for resolution of custom lock screen images.
## November 2017

4
windows/configuration/customize-and-export-start-layout.md
View File

@ -82,7 +82,7 @@ To prepare a Start layout for export, you simply customize the Start layout on a
## Export the Start layout
When you have the Start layout that you want your users to see, use the [Export-StartLayout](https://go.microsoft.com/fwlink/p/?LinkId=620879) cmdlet in Windows PowerShell to export the Start layout to an .xml file.
When you have the Start layout that you want your users to see, use the [Export-StartLayout](https://docs.microsoft.com/powershell/module/startlayout/export-startlayout?view=win10-ps) cmdlet in Windows PowerShell to export the Start layout to an .xml file.
>[!IMPORTANT]
>If you include secondary Microsoft Edge tiles (tiles that link to specific websites in Microsoft Edge), see [Add custom images to Microsoft Edge secondary tiles](start-secondary-tiles.md) for instructions.
@ -97,7 +97,7 @@ When you have the Start layout that you want your users to see, use the [Export-
In the previous command, `-path` is a required parameter that specifies the path and file name for the export file. You can specify a local path or a UNC path (for example, \\\\FileServer01\\StartLayouts\\StartLayoutMarketing.xml).
Use a file name of your choice—for example, StartLayoutMarketing.xml. Include the .xml file name extension. The [Export-StartLayout](https://go.microsoft.com/fwlink/p/?LinkId=620879) cmdlet does not append the file name extension, and the policy settings require the extension.
Use a file name of your choice—for example, StartLayoutMarketing.xml. Include the .xml file name extension. The [Export-StartLayout](https://docs.microsoft.com/powershell/module/startlayout/export-startlayout?view=win10-ps) cmdlet does not append the file name extension, and the policy settings require the extension.
Example of a layout file produced by `Export-StartLayout`:

2
windows/configuration/customize-windows-10-start-screens-by-using-group-policy.md
View File

@ -44,7 +44,7 @@ The GPO can be configured from any computer on which the necessary ADMX and ADML
Three features enable Start and taskbar layout control:
- The [Export-StartLayout](https://go.microsoft.com/fwlink/p/?LinkID=620879) cmdlet in Windows PowerShell exports a description of the current Start layout in .xml file format.
- The [Export-StartLayout](https://docs.microsoft.com/powershell/module/startlayout/export-startlayout?view=win10-ps) cmdlet in Windows PowerShell exports a description of the current Start layout in .xml file format.
>[!NOTE]  
>To import the layout of Start to a mounted Windows image, use the [Import-StartLayout](https://docs.microsoft.com/powershell/module/startlayout/import-startlayout) cmdlet.

6
windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
View File

@ -9,7 +9,7 @@ ms.sitesec: library
ms.localizationpriority: high
author: brianlic-msft
ms.author: brianlic-msft
ms.date: 01/24/2018
ms.date: 01/29/2018
---
# Manage connections from Windows operating system components to Microsoft services
@ -522,6 +522,7 @@ Find the Microsoft Edge Group Policy objects under **Computer Configuration** &g
| Policy | Description |
|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
| Allow configuration updates for the Books Library | Choose whether configuration updates are done for the Books Library. <br /> Default: Not configured |
| Configure Autofill | Choose whether employees can use autofill on websites. <br /> Default: Enabled |
| Configure Do Not Track | Choose whether employees can send Do Not Track headers.<br /> Default: Disabled |
| Configure Password Manager | Choose whether employees can save passwords locally on their devices. <br /> Default: Enabled |
@ -548,7 +549,8 @@ Alternatively, you can configure the Microsoft Group Policies using the followin
| Policy | Registry path |
| - | - |
| Configure Autofill | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main!Use FormSuggest <br/ > REG_SZ: **no** |
| Allow configuration updates for the Books Library | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BooksLibrary!AllowConfigurationUpdateForBooksLibrary<br/> REG_DWORD: **0** |
| Configure Autofill | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main!Use FormSuggest<br/> REG_SZ: **no** |
| Configure Do Not Track | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main!DoNotTrack<br/> REG_DWORD: 1 |
| Configure Password Manager | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\Main!FormSuggest Passwords<br /> REG_SZ: **no** |
| Configure search suggestions in Address bar | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\SearchScopes!ShowSearchSuggestionsGlobal <br /> REG_DWORD: 0|

2
windows/configuration/start-secondary-tiles.md
View File

@ -68,7 +68,7 @@ In Windows 10, version 1703, by using the PowerShell cmdlet `export-StartLayoutE
```
In the previous command, `-path` is a required parameter that specifies the path and file name for the export file. You can specify a local path or a UNC path (for example, \\\\FileServer01\\StartLayouts\\StartLayoutMarketing.xml).
Use a file name of your choice—for example, StartLayoutMarketing.xml. Include the .xml file name extension. The [Export-StartLayout](https://go.microsoft.com/fwlink/p/?LinkId=620879) cmdlet does not append the file name extension, and the policy settings require the extension.
Use a file name of your choice—for example, StartLayoutMarketing.xml. Include the .xml file name extension. The [Export-StartLayout](https://docs.microsoft.com/powershell/module/startlayout/export-startlayout?view=win10-ps) cmdlet does not append the file name extension, and the policy settings require the extension.
3. If youd like to change the image for a secondary tile to your own custom image, open the layout.xml file, and look for the images that the tile references.
- For example, your layout.xml contains `Square150x150LogoUri="ms-appdata:///local/PinnedTiles/21581260870/hires.png" Wide310x150LogoUri="ms-appx:///"`

13
windows/configuration/windows-spotlight.md
View File

@ -8,7 +8,7 @@ ms.mktglfcycl: explore
ms.sitesec: library
author: jdeckerms
ms.localizationpriority: high
ms.date: 10/16/2017
ms.date: 01/26/2018
---
# Configure Windows Spotlight on the lock screen
@ -68,12 +68,23 @@ Windows Spotlight is enabled by default. Windows 10 provides Group Policy and mo
In addition to the specific policy settings for Windows Spotlight, administrators can replace Windows Spotlight with a selected image using the Group Policy setting **Computer Configuration** &gt; **Administrative Templates** &gt; **Control Panel** &gt; **Personalization** &gt; **Force a specific default lock screen image**.
>[!TIP]
>If you want to use a custom lock screen image that contains text, see [Resolution for custom lock screen image](#resolution-for-custom-lock-screen-image).
![lockscreen policy details](images/lockscreenpolicy.png)
Pay attention to the checkbox in **Options**. In addition to providing the path to the lock screen image, administrators can choose to allow or **Turn off fun facts, tips, tricks, and more on lock screen**. If the checkbox is not selected, users will see the lock screen image that is defined in the policy setting, and will also see occasional messages.
## Resolution for custom lock screen image
A concern with custom lock screen images is how they will appear on different screen sizes and resolutions.
A custom lock screen image created in 16:9 aspect ratio (1600x900) will scale properly on devices using a 16:9 resolution, such as 1280x720 or 1920x1080. On devices using other aspect ratios, such as 4:3 (1024x768) or 16:10 (1280x800), height scales correctly and width is cropped to a size equal to the aspect ratio. The image will remain centered on the screen
Lock screen images created at other aspect ratios may scale and center unpredictably on your device when changing aspect ratios.
The recommendation for custom lock screen images that include text (such as a legal statement) is to create the lock screen image in 16:9 resolution with text contained in the 4:3 region, allowing the text to remain visible at any aspect ratio.
## Related topics

2
windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
View File

@ -43,7 +43,7 @@ The guide is available in PDF format for offline viewing:
- [Download the guide in PDF format](https://www.microsoft.com/download/details.aspx?id=54795)
You can also download a PowerShell that will enable all the settings described in the guide automatically. You can obtain the script alongside the PDF download above, or individually from PowerShell Gallery:
- [Download the PowerShell script to automatically configure the settings](https://www.powershellgallery.com/packages/WindowsDefender_InternalEvaluationSettings/1.0/DisplayScript)
- [Download the PowerShell script to automatically configure the settings](https://www.powershellgallery.com/packages/WindowsDefender_InternalEvaluationSettings/1.2/DisplayScript)
> [!IMPORTANT]
> The guide is currently intended for single-machine evaluation of Windows Defender Antivirus protection. Enabling all of the settings in this guide may not be suitable for real-world deployment.

BIN
windows/threat-protection/windows-defender-smartscreen/images/windows-defender-smartscreen-control.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 52 KiB

After

Width:  |  Height:  |  Size: 40 KiB

15
windows/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-available-settings.md
View File

@ -6,9 +6,9 @@ ms.prod: w10
ms.mktglfcycl: explore
ms.sitesec: library
ms.pagetype: security
author: eross-msft
author: jasongerend
ms.localizationpriority: high
ms.date: 10/13/2017
ms.date: 1/26/2018
---
# Available Windows Defender SmartScreen Group Policy and mobile device management (MDM) settings
**Applies to:**
@ -69,7 +69,8 @@ SmartScreen uses registry-based Administrative Template policy settings. For mor
</table>
## MDM settings
If you manage your policies using Microsoft Intune, you'll want to use these MDM policy settings. All settings support both desktop computers (running Windows 10 Pro or Windows 10 Enterprise, enrolled with Microsoft Intune) and Windows 10 Mobile devices.
If you manage your policies using Microsoft Intune, you'll want to use these MDM policy settings. All settings support both desktop computers (running Windows 10 Pro or Windows 10 Enterprise, enrolled with Microsoft Intune) and Windows 10 Mobile devices. <br><br>
For SmartScreen Internet Explorer MDM policies, see [Policy CSP - InternetExplorer](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-internetexplorer).
<table>
<tr>
<th align="left">Setting</th>
@ -84,8 +85,8 @@ If you manage your policies using Microsoft Intune, you'll want to use these MDM
<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/Browser/AllowSmartScreen</li>
<li><strong>Data type.</strong> Integer</li>
<li><strong>Allowed values:</strong><ul>
<li><strong>0 .</strong> Turns off Windows Defender SmartScreen.</li>
<li><strong>1.</strong> Turns on Windows Defender SmartScreen.</li></ul></li></ul>
<li><strong>0 .</strong> Turns off Windows Defender SmartScreen in Edge.</li>
<li><strong>1.</strong> Turns on Windows Defender SmartScreen in Edge.</li></ul></li></ul>
</td>
</tr>
<tr>
@ -108,8 +109,8 @@ If you manage your policies using Microsoft Intune, you'll want to use these MDM
<li><strong>URI full path.</strong> ./Vendor/MSFT/Policy/Config/SmartScreen/EnableSmartScreenInShell</li>
<li><strong>Data type.</strong> Integer</li>
<li><strong>Allowed values:</strong><ul>
<li><strong>0 .</strong> Turns off SmartScreen in Windows.</li>
<li><strong>1.</strong> Turns on SmartScreen in Windows.</li></ul></li></ul>
<li><strong>0 .</strong> Turns off SmartScreen in Windows for app and file execution.</li>
<li><strong>1.</strong> Turns on SmartScreen in Windows for app and file execution.</li></ul></li></ul>
</td>
</tr>
<tr>

2
windows/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-set-individual-device.md
View File

@ -50,7 +50,7 @@ Starting with Windows 10, version 1703 your employees can use Windows Defender S
- In the **SmartScreen from Microsoft Store apps** area:
- **Block** or **Warn.** Warns employees that the sites and downloads used by Microsoft Store apps are potentially dangerous, but allows the action to continue.
- **Warn.** Warns employees that the sites and downloads used by Microsoft Store apps are potentially dangerous, but allows the action to continue.
- **Off.** Turns off SmartScreen, so an employee isn't alerted or stopped from visiting sites or from downloading potentially malicious apps and files.