deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' into MDBranchTask4035977CDATATagUpdate

Browse Source
This commit is contained in:
ManikaDhiman 2020-03-23 16:18:33 -07:00
commit d16a3ac94c
69 changed files with 547 additions and 361 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
devices/hololens/TOC.md
View File

@ -58,6 +58,7 @@
## [Update HoloLens](hololens-update-hololens.md)
## [Restart, reset, or recover HoloLens](hololens-recovery.md)
## [Troubleshoot HoloLens issues](hololens-troubleshooting.md)
## [Collect diagnostic information from HoloLens devices](hololens-diagnostic-logs.md)
## [Known issues for HoloLens](hololens-known-issues.md)
## [Frequently asked questions](hololens-faq.md)
## [Frequently asked security questions](hololens-faq-security.md)

269
devices/hololens/hololens-diagnostic-logs.md Normal file
View File

@ -0,0 +1,269 @@
---
title: Collect and use diagnostic information from HoloLens devices
description:
author: Teresa-Motiv
ms.author: v-tea
ms.date: 03/23/2020
ms.prod: hololens
ms.mktglfcycl: manage
ms.sitesec: library
ms.topic: article
ms.custom:
- CI 115131
- CSSTroubleshooting
audience: ITPro
ms.localizationpriority: medium
keywords:
manager: jarrettr
appliesto:
- HoloLens (1st gen)
- HoloLens 2
---
# Collect and use diagnostic information from HoloLens devices
HoloLens users and administrators can choose from among four different methods to collect diagnostic information from HoloLens:
- Feedback Hub app
- DiagnosticLog CSP
- Settings app
- Fallback diagnostics
> [!IMPORTANT]
> Device diagnostic logs contain personally identifiable information (PII), such as about what processes or applications the user starts during typical operations. When multiple users share a HoloLens device (for example, users sign in to the same device by using different Microsoft Azure Active Directory (AAD) accounts) the diagnostic logs may contain PII information that applies to multiple users. For more information, see [Microsoft Privacy statement](https://privacy.microsoft.com/privacystatement).
The following table compares the four collection methods. The method names link to more detailed information in the sections that follow the table.
|Method |Prerequisites |Data locations |Data access and use |Data retention |
| --- | --- | --- | --- | --- |
|[Feedback Hub](#feedback-hub) |Network and internet connection<br /><br />Feedback Hub app<br /><br />Permission to upload files to the Microsoft cloud |Microsoft cloud<br /><br />HoloLens device (optional) |User requests assistance, agrees to the terms of use, and uploads the data<br /><br />Microsoft employees view the data, as consistent with the terms of use |Data in the cloud is retained for the period that is defined by Next Generation Privacy (NGP). Then the data is deleted automatically.<br /><br />Data on the device can be deleted at any time by a user who has **Device owner** or **Admin** permissions. |
|[Settings Troubleshooter](#settings-troubleshooter) |Settings app |HoloLens device<br /><br />Connected computer (optional) |The user stores the data, and only the user accesses the data (unless the user specifically shares the data with another user). |The data is retained until the user deletes it. |
|[DiagnosticLog CSP](#diagnosticlog-csp) |Network connection<br /><br />MDM environment that supports the DiagnosticLog CSP |Administrator configures storage locations |In the managed environment, the user implicitly consents to administrator access to the data.<br /><br />Administrator configures access roles and permissions. | Administrator configures retention policy. |
|[Fallback diagnostics](#fallback-diagnostics) |Device configuration:<ul><li>Powered on and connected to computer</li><li>Power and Volume buttons functioning</li></ul> |HoloLens device<br /><br />Connected computer |The user stores the data, and only the user accesses the data (unless the user specifically shares the data with another user). |The data is retained until the user deletes it. |
## Feedback Hub
A HoloLens user can use the Microsoft Feedback Hub desktop app to send diagnostic information to Microsoft Support. For details and complete instructions, see [Give us feedback](hololens-feedback.md).
> [!NOTE]
> **Commercial or enterprise users:** If you use the Feedback Hub app to report a problem that relates to MDM, provisioning, or any other device management aspect, change the app category to **Enterprise Management** > **Device category**.
### Prerequisites
- The device is connected to a network.
- The Feedback Hub app is available on the user's desktop computer, and the user can upload files to the Microsoft cloud.
### Data locations, access, and retention
By agreeing to the terms-of-use of the Feedback Hub, the user explicitly consents to the storage and usage of the data (as defined by that agreement).
The Feedback Hub provides two places for the user to store diagnostic information:
- **The Microsoft cloud**. Data that the user uploads by using the Feedback Hub app is stored for the number of days that is consistent with Next Generation Privacy (NGP) requirements. Microsoft employees can use an NGP-compliant viewer to access the information during this period.
> [!NOTE]
> These requirements apply to data in all Feedback Hub categories.
- **The HoloLens device**. While filing a report in Feedback Hub, the user can select **Save a local copy of diagnostics and attachments created when giving feedback**. If the user selects this option, the Feedback Hub stores a copy of the diagnostic information on the HoloLens device. This information remains accessible to the user (or anyone that uses that account to sign in to HoloLens). To delete this information, a user must have **Device owner** or **Admin** permissions on the device. A user who has the appropriate permissions can sign in to the Feedback Hub, select **Settings** > **View diagnostics logs**, and delete the information.
## Settings Troubleshooter
A HoloLens user can use the Settings app on the device to troubleshoot problems and collect diagnostic information. To do this, follow these steps:
1. Open the Settings app and select **Update & Security** > **Troubleshoot** page.
1. Select the appropriate area, and select **Start**.
1. Reproduce the issue.
1. After you reproduce the issue, return to Settings and then select **Stop**.
### Prerequisites
- The Settings app is installed on the device and is available to the user.
### Data locations, access, and retention
Because the user starts the data collection, the user implicitly consents to the storage of the diagnostic information. Only the user, or anyone with whom that the user shares the data, can access the data.
The diagnostic information is stored on the device. If the device is connected to the user's computer, the information also resides on the computer in the following file:
> This PC\\\<*HoloLens device name*>\\Internal Storage\\Documents\\Trace\<*ddmmyyhhmmss*>.etl
> [!NOTE]
> In this file path and name, \<*HoloLens device name*> represents the name of the HoloLens device, and \<*ddmmyyhhmmss*> represents the date and time that the file was created.
The diagnostic information remains in these locations until the user deletes it.
## DiagnosticLog CSP
In a Mobile Device Management (MDM) environment, the IT administrator can use the the [DiagnosticLog configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/diagnosticlog-csp) to configure diagnostic settings on enrolled HoloLens devices. The IT administrator can configure these settings to collect logs from enrolled devices.
### Prerequisites
- The device is connected to a network.
- The device is enrolled in an MDM environment that supports the DiagnosticLog CSP.
### Data locations, access, and retention
Because the device is part of the managed environment, the user implicitly consents to administrative access to diagnostic information.
The IT administrator uses the DiagnosticLog CSP to configure the data storage, retention, and access policies, including the policies that govern the following:
- The cloud infrastructure that stores the diagnostic information.
- The retention period for the diagnostic information.
- Permissions that control access to the diagnostic information.
## Fallback diagnostics
While device telemetry usually provides an initial understanding of a problem report, some issues require a broader and deeper understanding of the device state. When you (as a user or an administrator) investigate such issues, diagnostic logs that reside on the device are more useful than the basic device telemetry.
The fallback diagnostics process provides a way for you to gather diagnostic information if no other methods are available. Such scenarios include the following:
- The network or network-based resources (such as the Feedback Hub, MDM, and so on) are not available.
- The device is "stuck" or locked in a state in which usual troubleshooting capabilities (such as the Settings app) are not available. Such scenarios include the Out-of-Box-Experience (OOBE), kiosk mode, and a locked or "hung" user interface.
> [!IMPORTANT]
> - On HoloLens 2 devices, you can use fallback diagnostics under the following conditions only:
> - During the Out-of-the-Box-Experience (OOBE) and when you select **Send Full Diagnostics Data**.
> - If the environment's Group Policy enforces the **System\AllowTelemetry** policy value of **Full**.
> - On HoloLens (1st gen) devices, you can use fallback diagnostics on HoloLens version 17763.316 or a later version. This version is the version that the Windows Device Recovery Tool restores when it resets the device.
### How to use fallback diagnostics
Before you start the fallback diagnostics process, make sure of the following:
- The device is connected to a computer by using a USB cable.
- The device is powered on.
- The Power and Volume buttons on the device are functioning correctly.
To collect fallback diagnostic information, follow these steps:
1. On the device, press the Power and Volume Down buttons at the same time and then release them.
1. Wait for few seconds while the device collects the data.
### Data locations
The device stores the data locally. You can access that information from the connected desktop computer at the following location:
> This PC\\\<*HoloLens device name*>\\Internal Storage\\Documents
For more information about the files that the fallback diagnostics process collects, see [What diagnostics files does the fallback diagnostics process collect?](#what-diagnostics-files-does-the-fallback-diagnostics-process-collect).
### Data access, use, and retention
Because you store the data yourself, only you have access to the data. If you choose to share the data with another user, you implicitly grant permission for that user to access or store the data.
The data remains until you delete it.
### Frequently asked questions about fallback diagnostics on HoloLens
#### Does the device have to be enrolled with an MDM system?
No.
#### How can I use fallback diagnostics on HoloLens?
Before you start the fallback diagnostics process, make sure of the following:
- The device is connected to a computer by using a USB cable.
- The device is powered on.
- The Power and Volume buttons on the device are functioning correctly.
To collect fallback diagnostic information, follow these steps:
1. On the device, press the Power and Volume Down buttons at the same time and then release them.
1. Wait for few seconds while the device collects the data.
#### How would I know that data collection finished?
The fallback diagnostics process does not have a user interface. On HoloLens 2, when the process starts to collect data, it creates a file that is named HololensDiagnostics.temp. When the process finishes, it removes the file.
#### What diagnostics files does the fallback diagnostics process collect?
The fallback diagnostics process collects one or more .zip files, depending on the version of HoloLens. The following table lists each of the possible .zip files, and the applicable versions of HoloLens.
|File |Contents |HoloLens (1st gen) |HoloLens 2 10.0.18362+ |HoloLens 2 10.0.19041+ |
| --- | --- | --- | --- | --- |
|HololensDiagnostics.zip |Files&nbsp;for&nbsp;tracing sessions that ran on the device.<br /><br />Diagnostic information that's specific to Hololens. |✔️ |✔️ |✔️ |
|DeviceEnrollmentDiagnostics.zip |Information that's related to MDM, device enrollment, CSPs, and policies. | |✔️ |✔️ |
|AutoPilotDiagnostics.zip |Information that's related to autopilot and licensing.| | |✔️ |
|TPMDiagnostics.zip |Information that's related to the trusted platform module (TPM) on the device | | |✔️ |
> [!NOTE]
> Starting on May 2, 2019, the fallback diagnostics process collects EventLog*.etl files only if the signed-in user is the device owner. This is because these files may contain PII data. Such data is accessible to device owners only. This behavior matches the behavior of Windows desktop computers, where administrators have access to event log files but other users do not.
**Sample diagnostic content for HoloLens (1st gen)**
HololensDiagnostics.zip contains files such as the following:
- AuthLogon.etl
- EventLog-HupRe.etl.001
- FirstExperience.etl.001
- HetLog.etl
- HoloInput.etl.001
- HoloShell.etl.001
- WiFi.etl.001
**Sample diagnostic content for HoloLens 2 10.0.18362+**
HololensDiagnostics.zip contains files such as the following:
- EventLog-Application.etl.001*
- EventLog-System.etl.001*
- AuthLogon.etl
- EventLog-HupRe.etl.001
- FirstExperience.etl.001
- HetLog.etl
- HoloInput.etl.001
- HoloShell.etl.001
- WiFi.etl.001
- CSPsAndPolicies.etl.001
- RadioMgr.etl
- WiFiDriverIHVSession.etl
DeviceEnrollmentDiagnostics.zip contains files such as the following:
- MDMDiagHtmlReport.html
- MdmDiagLogMetadata.json
- MDMDiagReport.xml
- MdmDiagReport_RegistryDump.reg
- MdmLogCollectorFootPrint.txt
**Sample diagnostic content for HoloLens 2 10.0.19041+**
HololensDiagnostics.zip contains files such as the following:
- EventLog-Application.etl.001*
- EventLog-System.etl.001*
- AuthLogon.etl
- EventLog-HupRe.etl.001
- FirstExperience.etl.001
- HetLog.etl
- HoloInput.etl.001
- HoloShell.etl.001
- WiFi.etl.001
- CSPsAndPolicies.etl.001
- RadioMgr.etl
- WiFiDriverIHVSession.etl
- DisplayDiagnosticData.json
- HUP dumps
DeviceEnrollmentDiagnostics.zip contains files such as the following:
- MDMDiagHtmlReport.html
- MdmDiagLogMetadata.json
- MDMDiagReport.xml
- MdmDiagReport_RegistryDump.reg
- MdmLogCollectorFootPrint.txt
AutoPilotDiagnostics.zip contains files such as the following:
- DeviceHash_HoloLens-U5603.csv
- LicensingDiag.cab
- LicensingDiag_Output.txt
- TpmHliInfo_Output.txt
- DiagnosticLogCSP_Collector_DeviceEnrollment_\*.etl
- DiagnosticLogCSP_Collector_Autopilot_*.etl
TPMDiagnostics.zip contains files such as the following:
- CertReq_enrollaik_Output.txt
- CertUtil_tpminfo_Output.txt
- TPM\*.etl

5
devices/surface/advanced-uefi-security-features-for-surface-pro-3.md
View File

@ -10,10 +10,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 07/27/2017
---
# Advanced UEFI security features for Surface Pro 3

5
devices/surface/assettag.md
View File

@ -5,10 +5,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.localizationpriority: medium
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 10/21/2019
ms.reviewer: hachidan
manager: dansimp
---

5
devices/surface/battery-limit.md
View File

@ -5,11 +5,10 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.date: 10/31/2019
author: coveminer
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

5
devices/surface/change-history-for-surface.md
View File

@ -6,12 +6,11 @@ description: This topic lists new and updated topics in the Surface documentatio
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 10/21/2019
---
# Change history for Surface documentation

5
devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
View File

@ -6,12 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 11/25/2019
ms.reviewer:
manager: dansimp
---

5
devices/surface/customize-the-oobe-for-surface-deployments.md
View File

@ -10,11 +10,10 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.audience: itpro
ms.date: 10/21/2019
---
# Customize the OOBE for Surface deployments

5
devices/surface/deploy-surface-app-with-windows-store-for-business.md
View File

@ -6,12 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, store
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 10/21/2019
ms.reviewer:
manager: dansimp
---

5
devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
View File

@ -6,12 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 01/15/2020
ms.reviewer:
manager: dansimp
---

5
devices/surface/deploy.md
View File

@ -5,11 +5,10 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.date: 10/02/2018
author: coveminer
ms.reviewer:
manager: dansimp
ms.author: dansimp
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

1
devices/surface/documentation/surface-system-sku-reference.md
View File

@ -7,7 +7,6 @@ ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 03/12/2019
---
# Surface System SKU Reference
This document provides a reference of System SKU names that you can use to quickly determine the machine state of a specific device using PowerShell, WMI, and related tools.

5
devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
View File

@ -10,10 +10,9 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 07/27/2017
---
# Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices

1
devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md
View File

@ -9,7 +9,6 @@ ms.sitesec: library
author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
ms.date: 01/30/2020
ms.reviewer: scottmca
ms.localizationpriority: medium
ms.audience: itpro

5
devices/surface/enroll-and-configure-surface-devices-with-semm.md
View File

@ -6,12 +6,11 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 10/21/2019
ms.reviewer:
manager: dansimp
---

5
devices/surface/ethernet-adapters-and-surface-device-deployment.md
View File

@ -10,11 +10,10 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.audience: itpro
ms.date: 10/21/2019
---
# Ethernet adapters and Surface deployment

4
devices/surface/ltsb-for-surface.md
View File

@ -5,8 +5,8 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.reviewer:
manager: dansimp

4
devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
View File

@ -4,8 +4,8 @@ description: This topic provides best practice recommendations for maintaining o
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.reviewer:
manager: dansimp

5
devices/surface/manage-surface-driver-and-firmware-updates.md
View File

@ -10,11 +10,10 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.audience: itpro
ms.date: 03/10/2020
---
# Manage and deploy Surface driver and firmware updates

5
devices/surface/manage-surface-uefi-settings.md
View File

@ -7,10 +7,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: devices, surface
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 02/26/2020
ms.reviewer:
manager: dansimp
---

5
devices/surface/microsoft-surface-brightness-control.md
View File

@ -5,10 +5,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 10/31/2019
ms.reviewer: hachidan
manager: dansimp
ms.localizationpriority: medium

5
devices/surface/microsoft-surface-data-eraser.md
View File

@ -10,11 +10,10 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.audience: itpro
ms.date: 02/20/2020
---
# Microsoft Surface Data Eraser

5
devices/surface/microsoft-surface-deployment-accelerator.md
View File

@ -4,15 +4,14 @@ description: Microsoft Surface Deployment Accelerator provides a quick and simpl
ms.assetid: E7991E90-4AAE-44B6-8822-58BFDE3EADE4
ms.reviewer: hachidan
manager: dansimp
ms.date: 10/31/2019
ms.localizationpriority: medium
keywords: deploy, install, tool
ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.audience: itpro
---

4
devices/surface/step-by-step-surface-deployment-accelerator.md
View File

@ -10,8 +10,8 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 10/31/2019
---

4
devices/surface/support-solutions-surface.md
View File

@ -9,8 +9,8 @@ ms.prod: w10
ms.mktglfcycl: support
ms.sitesec: library
ms.pagetype: surfacehub
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 09/26/2019
ms.localizationpriority: medium

5
devices/surface/surface-device-compatibility-with-windows-10-ltsc.md
View File

@ -6,12 +6,11 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 10/21/2019
ms.reviewer: scottmca
manager: dansimp
---

4
devices/surface/surface-diagnostic-toolkit-business.md
View File

@ -5,8 +5,8 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.localizationpriority: medium
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 10/31/2019
ms.reviewer: hachidan

5
devices/surface/surface-diagnostic-toolkit-command-line.md
View File

@ -4,10 +4,9 @@ description: How to run Surface Diagnostic Toolkit in a command console
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 11/15/2018
ms.reviewer: hachidan
manager: dansimp
ms.localizationpriority: medium

5
devices/surface/surface-diagnostic-toolkit-desktop-mode.md
View File

@ -4,10 +4,9 @@ description: How to use SDT to help users in your organization run the tool to i
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 10/31/2019
ms.reviewer: hachidan
manager: dansimp
ms.localizationpriority: medium

4
devices/surface/surface-diagnostic-toolkit-for-business-intro.md
View File

@ -4,8 +4,8 @@ description: This page provides an introduction to the Surface Diagnostic Toolki
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.reviewer: cottmca
manager: dansimp

1
devices/surface/surface-dock-firmware-update.md
View File

@ -11,7 +11,6 @@ ms.topic: article
ms.reviewer: scottmca
manager: dansimp
ms.audience: itpro
ms.date: 02/07/2020
---
# Microsoft Surface Dock Firmware Update

5
devices/surface/surface-enterprise-management-mode.md
View File

@ -6,10 +6,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 12/02/2019
ms.reviewer: scottmca
manager: dansimp
ms.localizationpriority: medium

4
devices/surface/surface-manage-dfci-guide.md
View File

@ -5,8 +5,8 @@ ms.localizationpriority: medium
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 11/13/2019
ms.reviewer: jesko

5
devices/surface/surface-pro-arm-app-management.md
View File

@ -5,10 +5,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.localizationpriority: high
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 1/22/2020
ms.reviewer: jessko
manager: dansimp
ms.audience: itpro

4
devices/surface/surface-pro-arm-app-performance.md
View File

@ -5,8 +5,8 @@ ms.prod: w10
ms.localizationpriority: medium
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 10/03/2019
ms.reviewer: jessko

4
devices/surface/surface-system-sku-reference.md
View File

@ -6,8 +6,8 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 03/09/2020
ms.reviewer:

5
devices/surface/surface-wireless-connect.md
View File

@ -4,12 +4,11 @@ description: This topic describes recommended Wi-Fi settings to ensure Surface d
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: dansimp
author: coveminer
ms.audience: itpro
ms.localizationpriority: medium
ms.author: dansimp
ms.author: v-jokai
ms.topic: article
ms.date: 10/31/2019
ms.reviewer: tokatz
manager: dansimp
---

5
devices/surface/unenroll-surface-devices-from-semm.md
View File

@ -6,10 +6,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 01/06/2017
ms.reviewer:
manager: dansimp
ms.localizationpriority: medium

5
devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md
View File

@ -6,12 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 10/21/2019
ms.reviewer:
manager: dansimp
---

5
devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
View File

@ -6,10 +6,9 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 11/22/2019
ms.reviewer:
manager: dansimp
ms.localizationpriority: medium

5
devices/surface/using-the-sda-deployment-share.md
View File

@ -6,12 +6,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 10/21/2019
ms.reviewer:
manager: dansimp
---

5
devices/surface/wake-on-lan-for-surface-devices.md
View File

@ -7,10 +7,9 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
ms.localizationpriority: medium
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.date: 12/30/2019
ms.reviewer: scottmca
manager: dansimp
ms.audience: itpro

5
devices/surface/windows-autopilot-and-surface-devices.md
View File

@ -8,12 +8,11 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.date: 02/14/2020
---
# Windows Autopilot and Surface devices

8
education/windows/take-a-test-multiple-pcs.md
View File

@ -20,7 +20,7 @@ manager: dansimp
- Windows 10
Many schools use online testing for formative and summative assessments. It's critical that students use a secure browser that prevents them from using other computer or Internet resources during the test.
Many schools use online testing for formative and summation assessments. It's critical that students use a secure browser that prevents them from using other computer or Internet resources during the test.
Follow the guidance in this topic to set up Take a Test on multiple PCs.
@ -130,7 +130,7 @@ To set up a test account through Windows Configuration Designer, follow these st
1. [Install Windows Configuration Designer](https://technet.microsoft.com/itpro/windows/configure/provisioning-install-icd).
2. Create a provisioning package by following the steps in [Provision PCs with common settings for initial deployment (desktop wizard)](https://technet.microsoft.com/itpro/windows/configure/provision-pcs-for-initial-deployment). However, make a note of these other settings to customize the test account.
1. After you're done with the wizard, do not click **Create**. Instead, click the **Switch to advanced editor** to switch the project to the advanced editor to see all the available **Runtine settings**.
1. After you're done with the wizard, do not click **Create**. Instead, click the **Switch to advanced editor** to switch the project to the advanced editor to see all the available **Runtime settings**.
2. Under **Runtime settings**, go to **AssignedAccess > AssignedAccessSettings**.
3. Enter **{"Account":"*redmond\\kioskuser*","AUMID":” Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy!App "}**, using the account that you want to set up.
@ -211,7 +211,7 @@ Anything hosted on the web can be presented in a locked down manner, not just as
For this option, you can just copy the assessment URL, select the options you want to allow during the test, and click a button to create the link. We recommend this for option for teachers.
To get started, go here: [Create a link using a web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link).
To get started, go here: [Create a link using a web UI](https://aka.ms/create-a-take-a-test-link).
- Create a link using schema activation
@ -255,7 +255,7 @@ One of the ways you can present content in a locked down manner is by embedding
See [Permissive mode](take-a-test-app-technical.md#permissive-mode) and [Secure Browser API Specification](https://github.com/SmarterApp/SB_BIRT/blob/master/irp/doc/req/SecureBrowserAPIspecification.md) for more info.
### Create a shortcut for the test link
You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps:
You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://aka.ms/create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps:
1. On a device running Windows, right-click on the desktop and then select **New > Shortcut**.
2. In the **Create Shortcut** window, paste the assessment URL in the field under **Type the location of the item**.

4
education/windows/take-a-test-single-pc.md
View File

@ -66,7 +66,7 @@ Anything hosted on the web can be presented in a locked down manner, not just as
For this option, you can just copy the assessment URL, select the options you want to allow during the test, and click a button to create the link. We recommend this for option for teachers.
To get started, go here: [Create a link using a web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link).
To get started, go here: [Create a link using a web UI](https://aka.ms/create-a-take-a-test-link).
- Create a link using schema activation
@ -117,7 +117,7 @@ One of the ways you can present content in a locked down manner is by embedding
### Create a shortcut for the test link
You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps:
You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://aka.ms/create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps:
1. On a device running Windows, right-click on the desktop and then select **New > Shortcut**.
2. In the **Create Shortcut** window, paste the assessment URL in the field under **Type the location of the item**.

4
windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md
View File

@ -72,7 +72,7 @@ On **CM01**:
The backup-only task sequence (named Replace Task Sequence).
## Associate the new machine with the old computer
## Associate the new device with the old computer
This section walks you through the process of associating a new, blank device (PC0006), with an existing computer (PC0004), for the purpose of replacing PC0004 with PC0006. PC0006 can be either a physical or virtual machine.
@ -149,7 +149,7 @@ This section assumes that you have a computer named PC0004 with the Configuratio
On **PC0004**:
1. If it is not alreayd started, start the PC0004 computer and open the Configuration Manager control panel (control smscfgrc).
1. If it is not already started, start the PC0004 computer and open the Configuration Manager control panel (control smscfgrc).
2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, click **Run Now**, and then click **OK** in the popup dialog box that appears.
>[!NOTE]

227
windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md
View File

@ -24,196 +24,119 @@ ms.topic: article
The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Microsoft Endpoint Configuration Manager task sequence to completely automate the process.
>[!IMPORTANT]
>Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must removed from a device before performing an in-place upgrade to Windows 10.
>Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must be removed from a device before performing an in-place upgrade to Windows 10.
## Proof-of-concept environment
## Infrastructure
For the purposes of this topic, we will use three computers: DC01, CM01, and PC0001. DC01 is a domain controller and CM01 is a domain member server. PC0001 is a computer running Windows 7 SP1, targeted for the Windows 10 upgrade. For more details on the setup for this topic, please see [Prepare for deployment with MDT](../deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md).
An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md).
![computers](../images/dc01-cm01-pc0001.png)
For the purposes of this article, we will use one server computer (CM01) and one client computers (PC0004).
- CM01 is a domain member server and Configuration Manager software distribution point. In this guide CM01 is a standalone primary site server.
- PC0004 is a domain member client computer running Windows 7 SP1, or a later version of Windows, with the Configuration Manager client installed, that will be upgraded to Windows 10.
The computers used in this topic.
All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used.
## Upgrade to Windows 10 with Configuration Manager
All server and client computers referenced in this guide are on the same subnet. This is not required, but each server and client computer must be able to connect to each other to share files, and to resolve all DNS names and Active Directory information for the contoso.com domain. Internet connectivity is also required to download OS and application updates.
## Add an OS upgrade package
System Center 2012 R2 Configuration Manager SP 1 adds support to manage and deploy Windows 10. Although it does not include built-in support to perform an in-place upgrade from Windows 7, Windows 8, or Windows 8.1 to Windows 10, you can build a custom task sequence to perform the necessary tasks.
Configuration Manager Current Branch includes a native in-place upgrade task. This task sequence differs from the MDT in-place upgrade task sequence in that it does not use a default OS image, but rather uses an [OS upgrade package](https://docs.microsoft.com/configmgr/osd/get-started/manage-operating-system-upgrade-packages).
## Create the task sequence
On **CM01**:
1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Operating System Upgrade Packages**, and click **Add Operating System Upgrade Package**.
2. On the **Data Source** page, under **Path**, click **Browse** and enter the UNC path to your media source. In this example, we have extracted the Windows 10 installation media to **\\\\cm01\\Sources$\\OSD\\UpgradePackages\\Windows 10**.
3. If you have multiple image indexes in the installation media, select **Extract a specific image index from install.wim...** and choose the image index you want from the dropdown menu. In this example, we have chosen **Windows 10 Enterprise**.
4. Next to **Architecture**, select **x64**, choose a language from the dropdown menu next to **Language**, and then click **Next**.
5. Next to **Name**, enter **Windows 10 x64 RTM** and then complete the wizard by clicking **Next** and **Close**.
6. Distribute the OS upgrade package to the CM01 distribution point by right-clicking the **Windows 10 x64 RTM** OS upgrade package and then clicking **Distribute Content**.
7. In the Distribute Content Wizard, add the CM01 distribution point, click **Next** and click **Close**.
8. View the content status for the Windows 10 x64 RTM upgrade package. Do not continue until the distribution is completed (it might take a few minutes). You also can review the D:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for the **STATMSG: ID=2301** line.
To help with this process, the Configuration Manager team has published [a blog](https://go.microsoft.com/fwlink/p/?LinkId=620179) that provides a sample task sequence, as well as the [original blog that includes the instructions for setting up the task sequence](https://go.microsoft.com/fwlink/p/?LinkId=620180). To summarize, here are the tasks you need to perform:
## Create an in-place upgrade task sequence
1. Download the [Windows10Upgrade1506.zip](https://go.microsoft.com/fwlink/p/?LinkId=620182) file that contains the sample task sequence and related scripts. Extract the contents onto a network share.
2. Copy the Windows 10 Enterprise RTM x64 media into the extracted but empty **Windows vNext Upgrade Media** folder.
3. Using the Configuration Manager Console, right-click the **Task Sequences** node, and then choose **Import Task Sequence**. Select the **Windows-vNextUpgradeExport.zip** file that you extracted in Step 1.
4. Distribute the two created packages (one contains the Windows 10 Enterprise x64 media, the other contains the related scripts) to the Configuration Manager distribution point.
On **CM01**:
For full details and an explanation of the task sequence steps, review the full details of the two blogs that are referenced above.
1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create Task Sequence**.
2. On the **Create a new task sequence** page, select **Upgrade an operating system from an upgrade package** and click **Next**.
3. Use the following settings to complete the wizard:
* Task sequence name: Upgrade Task Sequence
* Description: In-place upgrade
* Upgrade package: Windows 10 x64 RTM
* Include software updates: Do not install any software updates
* Install applications: OSD \ Adobe Acrobat Reader DC
4. Complete the wizard, and click **Close**.
5. Review the Upgrade Task Sequence.
![The upgrade task sequence](../images/cm-upgrade-ts.png)
The Configuration Manager upgrade task sequence
## Create a device collection
After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0004 computer running Windows 7 SP1, with the Configuration Manager client installed.
After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the Configuration Manager client installed.
On **CM01**:
1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings:
- General
1. Using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings:
- General
- Name: Windows 10 x64 in-place upgrade
- Limited Collection: All Systems
- Membership rules:
- Direct rule
- Resource Class: System Resource
- Attribute Name: Name
- Value: PC0004
- Select Resources
- Select PC0004
- Name: Windows 10 Enterprise x64 Upgrade
- Limited Collection: All Systems
- Membership rules:
- Direct rule
- Resource Class: System Resource
- Attribute Name: Name
- Value: PC0001
- Select Resources
- Select PC0001
2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection.
2. Review the Windows 10 x64 in-place upgrade collection. Do not continue until you see PC0004 in the collection.
## Deploy the Windows 10 upgrade
In this section, you create a deployment for the Windows 10 Enterprise x64 Update application.
1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**.
2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**.
On **CM01**:
1. Using the Configuration Manager console, in the Software Library workspace, right-click the **Upgrade Task Sequence** task sequence, and then click **Deploy**.
2. On the **General** page, browse and select the **Windows 10 x64 in-place upgrade** collection, and then click **Next**.
3. On the **Content** page, click **Next**.
4. On the **Deployment Settings** page, select the following settings, and then click **Next**:
- Action: Install
- Purpose: Available
4. On the **Deployment Settings** page, click **Next**:
5. On the **Scheduling** page, accept the default settings, and then click **Next**.
6. On the **User Experience** page, accept the default settings, and then click **Next**.
7. On the **Alerts** page, accept the default settings, and then click **Next**.
7. On the **Distribution Points** page, accept the default settings, and then click **Next**.
8. On the **Summary** page, click **Next**, and then click **Close**.
## Start the Windows 10 upgrade
Next, run the in-place upgrade task sequence on PC0004.
In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1).
On **PC0004**:
1. On PC0001, start the **Software Center**.
2. Select the **Windows vNext Upgrade** task sequence, and then click **Install**.
1. Open the Configuration Manager control panel (control smscfgrc).
2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, click **Run Now**, and then click **OK** in the popup dialog box that appears.
When the task sequence begins, it will automatically initiate the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers.
>[!NOTE]
>You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md).
![figure 2](../images/upgradecfg-fig2-upgrading.png)
3. Open the Software Center, select the **Upgrade Task Sequence** deployment and then click **Install**.
4. Confirm you want to upgrade the operating system on this computer by clicking **Install** again.
5. Allow the Upgrade Task Sequence to complete. The PC0004 computer will download the install.wim file, perform an in-place upgrade, and install your added applications. See the following examples:
Figure 2. Upgrade from Windows 7 to Windows 10 Enterprise x64 with a task sequence.
![pc0004-a](../images/pc0004-a.png)<br>
![pc0004-b](../images/pc0004-b.png)<br>
![pc0004-c](../images/pc0004-c.png)<br>
![pc0004-d](../images/pc0004-d.png)<br>
![pc0004-e](../images/pc0004-e.png)<br>
![pc0004-f](../images/pc0004-f.png)<br>
![pc0004-g](../images/pc0004-g.png)
After the task sequence finishes, the computer will be fully upgraded to Windows 10.
## Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager
With Configuration Manager, new built-in functionality makes it easier to upgrade to Windows 10.
**Note**  
For more details about Configuration Manager, see the [Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620205). An [evaluation version is currently available](https://go.microsoft.com/fwlink/p/?LinkId=620206) for you to try. The instructions below are specific to the Technical Preview 2 release and may change after the next version of Configuration Manager is released.
### Create the OS upgrade package
First, you need to create an operating system upgrade package that contains the full Windows 10 Enterprise x64 installation media.
1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Operating System Upgrade Packages** node, then select **Add Operating System Upgrade Package**.
2. On the **Data Source** page, specify the UNC path to the Windows 10 Enterprise x64 media, and then click **Next**.
3. On the **General** page, specify Windows 10 Enterprise x64 Upgrade, and then click **Next**.
4. On the **Summary** page, click **Next**, and then click **Close**.
5. Right-click the created **Windows 10 Enterprise x64 Update** package, and then select **Distribute Content**. Choose the CM01 distribution point.
### Create the task sequence
To create an upgrade task sequence, perform the following steps:
1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Task Sequences** node, and then select **Create Task Sequence**.
2. On the **Create a new task sequence** page, select **Upgrade an operating system from upgrade package**, and then click **Next**.
3. On the **Task Sequence Information** page, specify **Windows 10 Enterprise x64 Upgrade**, and then click **Next**.
4. On the **Upgrade the Windows operating system** page, select the **Windows 10 Enterprise x64 Upgrade operating system upgrade** package, and then click **Next**.
5. Click **Next** through the remaining wizard pages, and then click **Close**.
![figure 3](../images/upgradecfg-fig3-upgrade.png)
Figure 3. The Configuration Manager upgrade task sequence.
### Create a device collection
After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the next version of Configuration Manager client installed.
1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings:
- General
- Name: Windows 10 Enterprise x64 Upgrade
- Limited Collection: All Systems
- Membership rules:
- Direct rule
- Resource Class: System Resource
- Attribute Name: Name
- Value: PC0001
- Select Resources
- Select PC0001
2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection.
### Deploy the Windows 10 upgrade
In this section, you create a deployment for the Windows 10 Enterprise x64 Update application.
1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**.
2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**.
3. On the **Content** page, click **Next**.
4. On the **Deployment Settings** page, select the following settings and click **Next**:
- Action: Install
- Purpose: Available
5. On the **Scheduling** page, accept the default settings, and then click **Next**.
6. On the **User Experience** page, accept the default settings, and then click **Next**.
7. On the **Alerts** page, accept the default settings, and then click **Next**.
8. On the **Summary** page, click **Next**, and then click **Close**.
### Start the Windows 10 upgrade
In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1).
1. On PC0001, start the **Software Center**.
2. Select the **Windows 10 Enterprise x64 Upgrade** task sequence, and then click **Install.**
When the task sequence begins, it automatically initiates the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers.
After the task sequence completes, the computer will be fully upgraded to Windows 10.
In-place upgrade with Configuration Manager
## Related topics
[Windows 10 deployment scenarios](../windows-10-deployment-scenarios.md)
[Windows 10 deployment scenarios](../windows-10-deployment-scenarios.md)<br>
[Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620109)

BIN
windows/deployment/images/cm-upgrade-ts.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 406 KiB

BIN
windows/deployment/images/pc0004-a.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 890 KiB

BIN
windows/deployment/images/pc0004-b.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.7 MiB

BIN
windows/deployment/images/pc0004-c.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 112 KiB

BIN
windows/deployment/images/pc0004-d.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 164 KiB

BIN
windows/deployment/images/pc0004-e.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 165 KiB

BIN
windows/deployment/images/pc0004-f.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 MiB

BIN
windows/deployment/images/pc0004-g.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 MiB

8
windows/deployment/windows-10-deployment-scenarios.md
View File

@ -54,7 +54,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen
Use Windows Setup to update your OS and migrate apps and settings. Rollback data is saved in Windows.old.
</td>
<td align="center" style="width:16%; border:1;">
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit">Perform an in-place upgrade to Windows 10 with MDT</a><br><a href="https://docs.microsoft.com/windows/deployment/upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager">Perform an in-place upgrade to Windows 10 using Configuration Manager</a>
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit">Perform an in-place upgrade to Windows 10 with MDT</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager">Perform an in-place upgrade to Windows 10 using Configuration Manager</a>
</td>
</tr>
<tr>
@ -108,7 +108,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen
Deploy a new device, or wipe an existing device and deploy with a fresh image.
</td>
<td align="center" style="width:16%; border:1;">
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt">Deploy a Windows 10 image using MDT</a><br><a href="https://docs.microsoft.com/configmgr/osd/deploy-use/install-new-windows-version-new-computer-bare-metal">Install a new version of Windows on a new computer with Microsoft Endpoint Configuration Manager</a>
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt">Deploy a Windows 10 image using MDT</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager">Deploy Windows 10 using PXE and Configuration Manager</a>
</td>
</tr>
<tr>
@ -120,7 +120,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen
Also called wipe and load. Redeploy a device by saving the user state, wiping the disk, then restoring the user state.
</td>
<td align="center" style="width:16%; border:1;">
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10">Refresh a Windows 7 computer with Windows 10</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-configmgr/refresh-a-windows-7-client-with-windows-10-using-configuration-manager">Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10">Refresh a Windows 7 computer with Windows 10</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-cm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager">Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
</td>
</tr>
<tr>
@ -132,7 +132,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen
Replace an existing device with a new one by saving the user state on the old device and then restoring it to the new device.
</td>
<td align="center" style="width:16%; border:1;">
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer">Replace a Windows 7 computer with a Windows 10 computer</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-configmgr/replace-a-windows-7-client-with-windows-10-using-configuration-manager">Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
<a href="https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer">Replace a Windows 7 computer with a Windows 10 computer</a><br><a href="https://docs.microsoft.com/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager">Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager</a>
</td>
</tr>
</table>

2
windows/security/threat-protection/TOC.md
View File

@ -459,7 +459,7 @@
####### [Get machine related alerts](microsoft-defender-atp/get-machine-related-alerts.md)
####### [Get installed software](microsoft-defender-atp/get-installed-software.md)
####### [Get discovered vulnerabilities](microsoft-defender-atp/get-discovered-vulnerabilities.md)
####### [Get security recommendation](microsoft-defender-atp/get-security-recommendations.md)
####### [Get security recommendations](microsoft-defender-atp/get-security-recommendations.md)
####### [Add or Remove machine tags](microsoft-defender-atp/add-or-remove-machine-tags.md)
####### [Find machines by IP](microsoft-defender-atp/find-machines-by-ip.md)

BIN
windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy-flyout.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/software-inventory-report-inaccuracy.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/top-security-recommendations.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 45 KiB

2
windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
View File

@ -256,7 +256,7 @@ Download the onboarding package from Microsoft Defender Security Center:
- Open a Terminal window. Copy and execute the following command:
``` bash
curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt
```
- The file should have been quarantined by Microsoft Defender ATP for Linux. Use the following command to list all the detected threats:

2
windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
View File

@ -67,7 +67,7 @@ You can validate that your exclusion lists are working by using `curl` to downlo
In the following Bash snippet, replace *test.txt* with a file that conforms to your exclusion rules. For example, if you have excluded the *.testing extension*, replace *test.txt* with *test.testing*. If you are testing a path, ensure that you run the command within that path.
```bash
$ curl -o test.txt http://www.eicar.org/download/eicar.com.txt
$ curl -o test.txt https://www.eicar.org/download/eicar.com.txt
```
If Microsoft Defender ATP for Mac reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm that the contents are the same as what is described on the [EICAR test file website](http://2016.eicar.org/86-0-Intended-use.html).

16
windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
View File

@ -362,9 +362,9 @@ Specifies the value of tag
## Recommended configuration profile
To get started, we recommend the following configuration profile for your enterprise to take advantage of all protection features that Microsoft Defender ATP provides.
To get started, we recommend the following configuration for your enterprise to take advantage of all protection features that Microsoft Defender ATP provides.
The following configuration profile will:
The following configuration profile (or, in case of JAMF, a property list that could be uploaded into the custom settings configuration profile) will:
- Enable real-time protection (RTP)
- Specify how the following threat types are handled:
- **Potentially unwanted applications (PUA)** are blocked
@ -372,7 +372,7 @@ The following configuration profile will:
- Enable cloud-delivered protection
- Enable automatic sample submission
### JAMF profile
### Property list for JAMF configuration profile
```XML
<?xml version="1.0" encoding="UTF-8"?>
@ -491,9 +491,9 @@ The following configuration profile will:
## Full configuration profile example
The following configuration profile contains entries for all settings described in this document and can be used for more advanced scenarios where you want more control over Microsoft Defender ATP for Mac.
The following templates contain entries for all settings described in this document and can be used for more advanced scenarios where you want more control over Microsoft Defender ATP for Mac.
### JAMF profile
### Property list for JAMF configuration profile
```XML
<?xml version="1.0" encoding="UTF-8"?>
@ -734,16 +734,16 @@ The following configuration profile contains entries for all settings described
</array>
```
## Configuration profile validation
## Property list validation
The configuration profile must be a valid *.plist* file. This can be checked by executing:
The property list must be a valid *.plist* file. This can be checked by executing:
```bash
$ plutil -lint com.microsoft.wdav.plist
com.microsoft.wdav.plist: OK
```
If the configuration profile is well-formed, the above command outputs `OK` and returns an exit code of `0`. Otherwise, an error that describes the issue is displayed and the command returns an exit code of `1`.
If the file is well-formed, the above command outputs `OK` and returns an exit code of `0`. Otherwise, an error that describes the issue is displayed and the command returns an exit code of `1`.
## Configuration profile deployment

12
windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md
View File

@ -25,6 +25,18 @@ ms.topic: article
To onboard machines without Internet access, you'll need to take the following general steps:
> [!IMPORTANT]
> The steps below are applicable only to machines running previous versions of Windows such as:
Windows Server 2016 and earlier or Windows 8.1 and earlier.
> [!NOTE]
> An OMS gateway server can still be used as proxy for disconnected Windows 10 machines when configured via 'TelemetryProxyServer' registry or GPO.
For more information, see the following articles:
- [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel)
- [Onboard servers to the Microsoft Defender ATP service](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints#windows-server-2008-r2-sp1--windows-server-2012-r2-and-windows-server-2016)
- [Configure machine proxy and Internet connectivity settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#configure-the-proxy-server-manually-using-a-registry-based-static-proxy)
## On-premise machines
- Setup Azure Log Analytics (formerly known as OMS Gateway) to act as proxy or hub:

10
windows/security/threat-protection/microsoft-defender-atp/preview.md
View File

@ -24,14 +24,15 @@ ms.topic: conceptual
The Microsoft Defender ATP service is constantly being updated to include new feature enhancements and capabilities.
> [!TIP]
> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-abovefoldlink)
> [!TIP]
> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-abovefoldlink)
Learn about new features in the Microsoft Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience.
For more information on new capabilities that are generally available, see [What's new in Microsoft Defender ATP](whats-new-in-microsoft-defender-atp.md).
## Turn on preview features
You'll have access to upcoming features which you can provide feedback on to help improve the overall experience before features are generally available.
Turn on the preview experience setting to be among the first to try upcoming features.
@ -41,12 +42,13 @@ Turn on the preview experience setting to be among the first to try upcoming fea
2. Toggle the setting between **On** and **Off** and select **Save preferences**.
## Preview features
The following features are included in the preview release:
- [Microsoft Defender ATP for Linux](microsoft-defender-atp-linux.md) <br> Microsoft Defender ATP now adds support for Linux. Learn how to install, configure, update, and use Microsoft Defender ATP for Linux.
- [Threat & Vulnerability Management API support](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list) <BR>Run Threat & Vulnerability Management-related API calls such as get your organization's threat exposure score or device secure score, software and machine vulnerability inventory, software version distribution, machine vulnerability information, security recommendation information.
- [Threat & Vulnerability supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os) <BR>Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019.
- [Threat & Vulnerability supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os) <BR> Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019. <BR> <BR> Secure Configuration Assessment (SCA) supports Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, and Windows Server 2019. See [Secure Configuration Assessment (SCA) for Windows Server now in public preview](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/secure-configuration-assessment-sca-for-windows-server-now-in/ba-p/1243885) and [Reducing risk with new Threat & Vulnerability Management capabilities](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/reducing-risk-with-new-threat-amp-vulnerability-management/ba-p/978145) blogs for more information.
- [Threat & Vulnerability Management granular exploit details](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) <BR> You can now see a comprehensive set of details on the vulnerabilities found in your machine to give you informed decision on your next steps. The threat insights icon now shows more granular details, such as if the exploit is a part of an exploit kit, connected to specific advanced persistent campaigns or activity groups for which, Threat Analytics report links are provided that you can read, has associated zero-day exploitation news, disclosures, or related security advisories.

144
windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
View File

@ -8,121 +8,131 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.author: dolmont
author: DulceMontemayor
ms.author: ellevin
author: levinec
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
ms.date: 04/11/2019
---
# Remediation and exception
# Remediation activities and exceptions
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
>[!NOTE]
>To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on.
After your organization's cybersecurity weaknesses are identified and mapped to actionable security recommendations, you can start creating security tasks through the integration with Microsoft Intune where remediation tickets are created.
After your organization's cybersecurity weaknesses are identified and mapped to actionable [security recommendations](tvm-security-recommendation.md), you can start creating security tasks through the integration with Microsoft Intune where remediation tickets are created.
You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations.
Lower your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations.
## Navigate through your remediation options
You can access the remediation page in a few places in the portal:
- Security recommendation flyout panel
- Remediation in the navigation menu
- Top remediation activities widget in the dashboard
## Remediation
*Security recommendation flyout page*
<br>You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard.
1. From the flyout panel, you'll see the security recommendation details including your next steps. Click **Remediation options**.
2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**.
## How remediation requests work
When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity. A security task is created which will be tracked in the Threat & Vulnerability Management **Remediation** page, and a remediation ticket is created in Microsoft Intune.
The dashboard will show the status of your top remediation activities. Select any of the entries to go to the **Remediation** page. You can mark the remediation activity as completed after the IT admin team remediates the task.
## Accessing the Remediation page
You can access the Remediation page in a few places in the portal:
- Security recommendations flyout panel
- Navigation menu
- Top remediation activities in the dashboard
### Security recommendation flyout page
You'll see remediation options when you select one of the security recommendations in the [Security recommendations page](tvm-security-recommendation.md).
1. From the flyout panel, you'll see the security recommendation details including next steps. Select **Remediation options**.
2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**.
3. Select a remediation due date.
4. Add notes to give your IT administrator a context of your remediation request. For example, you can indicate urgency of the remediation request to avoid potential exposure to a recent exploit activity, or if the request is a part of compliance.
>[!NOTE]
>If your request involves remediating more than 10,000 machines, we will only send 10,000 machines for remediation to Intune.
3. Select a remediation due date.
4. Add notes to give your IT administrator a context of your remediation request. For example, you can indicate urgency of the remediation request to avoid potential exposure to a recent exploit activity, or if the request is a part of compliance.
If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details.
*Remediation in the navigation menu*
1. Go to the Threat & Vulnerability Management navigation menu and select **Remediation** to open up the list of remediation activities and exceptions found in your organization. You can filter your view based on remediation type, machine remediation progress, and exception justification. If you want to see the remediation activities of software which have reached their end-of-life, select **Software uninstall** from the **Remediation type** filter. If you want to see the remediation activities of software and software versions which have reached their end-of-life, select **Software update** from the **Remediation type** filter. Select **In progress** then click **Apply**.
### Navigation menu
1. Go to the Threat & Vulnerability Management navigation menu and select **Remediation** to open up the list of remediation activities and exceptions found in your organization.
To see software which has reached end-of-support, select **Software uninstall** from the **Remediation type** filter. For specific software versions which have reached end-of-support, select **Software update** from the **Remediation type** filter. Select **In progress** then **Apply**.
![Screenshot of the remediation page filters for software update and uninstall](images/remediation_swupdatefilter.png)
2. Select the remediation activity that you need to see or process.
![Screenshot of the remediation page flyout for a software which reached its end-of-life](images/remediation_flyouteolsw.png)
2. Select the remediation activity that you want to view.
![Screenshot of the remediation page flyout for a software which reached end-of-support](images/remediation_flyouteolsw.png)
*Top remediation activities widget in the dashboard*
1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top remediation activities** widget. The list is sorted and prioritized based on what is listed in the **Top security recommendations**.
2. Select the remediation activity that you need to see or process.
### Top remediation activities card the dashboard
## How it works
1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top remediation activities** card. The list is sorted and prioritized based on what is listed in the **Top security recommendations**.
2. Select the remediation activity that you want to view.
When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity.
It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune.
## Exception options
The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task.
You can file exceptions to exclude certain recommendation from showing up in reports and affecting your [configuration score](configuration-score.md).
## When to file for exception instead of remediating issues
You can file exceptions to exclude certain recommendation from showing up in reports and affecting your configuration score.
When you select a security recommendation, it opens up a flyout screen with details and options for your next step. You can either **Open software page**, choose from **Remediation options**, go through **Exception options** to file for exceptions, or **Report inaccuracy**.
Select **Exception options** and a flyout screen opens.
When you select a [security recommendation](tvm-security-recommendation.md), it opens a flyout screen with details and options for your next steps. Select **Exception options** to fill out the justification and context.
![Screenshot of exception flyout screen](images/tvm-exception-flyout.png)
### Exception justification
If the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The following list details the justifications behind the exception options:
- **Compensating/alternate control** - A 3rd party control that mitigates this recommendation exists, for example, if Network Firewall - - prevents access to a machine, third party antivirus
- **Productivity/business need** - Remediation will impact productivity or interrupt business-critical workflow
- **Accept risk** - Poses low risk and/or implementing a compensating control is too expensive
- **Planned remediation (grace)** - Already planned but is awaiting execution or authorization
- **Other** - False positive
![Screenshot of exception reason dropdown menu](images/tvm-exception-dropdown.png)
- **Compensating/alternate control** - A 3rd party control that mitigates this recommendation exists, for example, if Network Firewall - - prevents access to a machine, third party antivirus
- **Productivity/business need** - Remediation will impact productivity or interrupt business-critical workflow
- **Accept risk** - Poses low risk and/or implementing a compensating control is too expensive
- **Planned remediation (grace)** - Already planned but is awaiting execution or authorization
- **Other** - False positive
### Exception visibility
The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab.
However, you also have the option to filter your view based on exception justification, type, and status.
![Screenshot of exception reason dropdown menu](images/tvm-exception-dropdown.png)
### Where to find exceptions
The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab. You can filter your view based on exception justification, type, and status.
![Screenshot of exception tab and filters](images/tvm-exception-filters.png)
Aside from that, there's also an option to **Show exceptions** at the bottom of the **Top security recommendations** card in the dashboard.
You can also select **Show exceptions** at the bottom of the **Top security recommendations** card in the dashboard. Selecting the link opens a filtered view in the **Security recommendations** page of recommendations with an "Exception" status.
![Screenshot of Show exceptions link in the Top security recommendations card in the dashboard](images/tvm-exception-dashboard.png)
Clicking the link opens up to the **Security recommendations** page, where you can select the item exempted item with details.
### Exception actions and statuses
![Screenshot of exception details in the Security recommendation page](images/tvm-exception-details.png)
You can take the following actions on an exception:
### Actions on exceptions
- Cancel - You can cancel the exceptions you've filed any time
- Resurface - Your exception automatically becomes void and resurfaces in the security recommendation list when dynamic environmental factors change, which adversely affect the exposure impact associated with a recommendation that had previously been excluded
- Cancel - You can cancel the exceptions you've filed any time
- Resurface - Your exception automatically becomes void and resurfaces in the security recommendation list when dynamic environmental factors change, which adversely affect the exposure impact associated with a recommendation that had previously been excluded
### Exception status
- **Canceled** - The exception has been canceled and is no longer in effect
- **Expired** - The exception that you've filed is no longer in effect
- **In effect** - The exception that you've filed is in progress
The following statuses will be a part of an exception:
- **Canceled** - The exception has been canceled and is no longer in effect
- **Expired** - The exception that you've filed is no longer in effect
- **In effect** - The exception that you've filed is in progress
### Exception impact on scores
Creating an exception can potentially affect the Exposure Score (for both types of weaknesses) and Configuration Score (for configurations) of your organization in the following manner:
- **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores
- **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control.
- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Configuration Score results out of the exception option that you made
- **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores
- **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control.
- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Configuration Score results out of the exception option that you made
The exception impact shows on both the Security recommendations page column and in the flyout pane.
![Screenshot of where to find the exception impact](images/tvm-exception-impact.png)
## Related topics
- [Supported operating systems and platforms](tvm-supported-os.md)
- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
@ -132,11 +142,9 @@ The exception impact shows on both the Security recommendations page column and
- [Software inventory](tvm-software-inventory.md)
- [Weaknesses](tvm-weaknesses.md)
- [Scenarios](threat-and-vuln-mgt-scenarios.md)
- [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score)
- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software)
- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine)
- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability)
- [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group)
- [Recommendation APIs](vulnerability.md)
- [Machine APIs](machine.md)
- [Score APIs](score.md)
- [Software APIs](software.md)
- [Vulnerability APIs](vulnerability.md)

12
windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md
View File

@ -22,7 +22,7 @@ ms.topic: article
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
[!include[Prerelease information](../../includes/prerelease.md)]
@ -33,11 +33,11 @@ Operating system | Security assessment support
Windows 7 | Operating System (OS) vulnerabilities
Windows 8.1 | Not supported
Windows 10 1607-1703 | Operating System (OS) vulnerabilities
Windows 10 1709+ |Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
Windows Server 2008R2 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities
Windows Server 2012R2 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities
Windows Server 2016 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities
Windows Server 2019 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities
Windows 10 1709+ |Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
Windows Server 2008R2 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
Windows Server 2012R2 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
Windows Server 2016 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
Windows Server 2019 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
MacOS | Not supported (planned)
Linux | Not supported (planned)

3
windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
View File

@ -22,6 +22,9 @@ manager: dansimp
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
> [!IMPORTANT]
> On March 31, 2020, the Windows Defender Antivirus reporting feature of Update Compliance will be removed. You can continue to define and review security compliance policies using [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager), which allows finer control over security features and updates.
You can use Windows Defender Antivirus with Update Compliance. Youll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the [Microsoft Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx).
When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of devices or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you might encounter problems or issues.