diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md index 8547f7cf59..8314daf903 100644 --- a/devices/hololens/TOC.md +++ b/devices/hololens/TOC.md @@ -58,6 +58,7 @@ ## [Update HoloLens](hololens-update-hololens.md) ## [Restart, reset, or recover HoloLens](hololens-recovery.md) ## [Troubleshoot HoloLens issues](hololens-troubleshooting.md) +## [Collect diagnostic information from HoloLens devices](hololens-diagnostic-logs.md) ## [Known issues for HoloLens](hololens-known-issues.md) ## [Frequently asked questions](hololens-faq.md) ## [Frequently asked security questions](hololens-faq-security.md) diff --git a/devices/hololens/hololens-diagnostic-logs.md b/devices/hololens/hololens-diagnostic-logs.md new file mode 100644 index 0000000000..212f936079 --- /dev/null +++ b/devices/hololens/hololens-diagnostic-logs.md @@ -0,0 +1,269 @@ +--- +title: Collect and use diagnostic information from HoloLens devices +description: +author: Teresa-Motiv +ms.author: v-tea +ms.date: 03/23/2020 +ms.prod: hololens +ms.mktglfcycl: manage +ms.sitesec: library +ms.topic: article +ms.custom: +- CI 115131 +- CSSTroubleshooting +audience: ITPro +ms.localizationpriority: medium +keywords: +manager: jarrettr +appliesto: +- HoloLens (1st gen) +- HoloLens 2 +--- + +# Collect and use diagnostic information from HoloLens devices + +HoloLens users and administrators can choose from among four different methods to collect diagnostic information from HoloLens: + +- Feedback Hub app +- DiagnosticLog CSP +- Settings app +- Fallback diagnostics + +> [!IMPORTANT] +> Device diagnostic logs contain personally identifiable information (PII), such as about what processes or applications the user starts during typical operations. When multiple users share a HoloLens device (for example, users sign in to the same device by using different Microsoft Azure Active Directory (AAD) accounts) the diagnostic logs may contain PII information that applies to multiple users. For more information, see [Microsoft Privacy statement](https://privacy.microsoft.com/privacystatement). + +The following table compares the four collection methods. The method names link to more detailed information in the sections that follow the table. + +|Method |Prerequisites |Data locations |Data access and use |Data retention | +| --- | --- | --- | --- | --- | +|[Feedback Hub](#feedback-hub) |Network and internet connection

Feedback Hub app

Permission to upload files to the Microsoft cloud |Microsoft cloud

HoloLens device (optional) |User requests assistance, agrees to the terms of use, and uploads the data

Microsoft employees view the data, as consistent with the terms of use |Data in the cloud is retained for the period that is defined by Next Generation Privacy (NGP). Then the data is deleted automatically.

Data on the device can be deleted at any time by a user who has **Device owner** or **Admin** permissions. | +|[Settings Troubleshooter](#settings-troubleshooter) |Settings app |HoloLens device

Connected computer (optional) |The user stores the data, and only the user accesses the data (unless the user specifically shares the data with another user). |The data is retained until the user deletes it. | +|[DiagnosticLog CSP](#diagnosticlog-csp) |Network connection

MDM environment that supports the DiagnosticLog CSP |Administrator configures storage locations |In the managed environment, the user implicitly consents to administrator access to the data.

Administrator configures access roles and permissions. | Administrator configures retention policy. | +|[Fallback diagnostics](#fallback-diagnostics) |Device configuration: |HoloLens device

Connected computer |The user stores the data, and only the user accesses the data (unless the user specifically shares the data with another user). |The data is retained until the user deletes it. | + +## Feedback Hub + +A HoloLens user can use the Microsoft Feedback Hub desktop app to send diagnostic information to Microsoft Support. For details and complete instructions, see [Give us feedback](hololens-feedback.md). + +> [!NOTE] +> **Commercial or enterprise users:** If you use the Feedback Hub app to report a problem that relates to MDM, provisioning, or any other device management aspect, change the app category to **Enterprise Management** > **Device category**. + +### Prerequisites + +- The device is connected to a network. +- The Feedback Hub app is available on the user's desktop computer, and the user can upload files to the Microsoft cloud. + +### Data locations, access, and retention + +By agreeing to the terms-of-use of the Feedback Hub, the user explicitly consents to the storage and usage of the data (as defined by that agreement). + +The Feedback Hub provides two places for the user to store diagnostic information: + +- **The Microsoft cloud**. Data that the user uploads by using the Feedback Hub app is stored for the number of days that is consistent with Next Generation Privacy (NGP) requirements. Microsoft employees can use an NGP-compliant viewer to access the information during this period. + > [!NOTE] + > These requirements apply to data in all Feedback Hub categories. + +- **The HoloLens device**. While filing a report in Feedback Hub, the user can select **Save a local copy of diagnostics and attachments created when giving feedback**. If the user selects this option, the Feedback Hub stores a copy of the diagnostic information on the HoloLens device. This information remains accessible to the user (or anyone that uses that account to sign in to HoloLens). To delete this information, a user must have **Device owner** or **Admin** permissions on the device. A user who has the appropriate permissions can sign in to the Feedback Hub, select **Settings** > **View diagnostics logs**, and delete the information. + +## Settings Troubleshooter + +A HoloLens user can use the Settings app on the device to troubleshoot problems and collect diagnostic information. To do this, follow these steps: + +1. Open the Settings app and select **Update & Security** > **Troubleshoot** page. +1. Select the appropriate area, and select **Start**. +1. Reproduce the issue. +1. After you reproduce the issue, return to Settings and then select **Stop**. + +### Prerequisites + +- The Settings app is installed on the device and is available to the user. + +### Data locations, access, and retention + +Because the user starts the data collection, the user implicitly consents to the storage of the diagnostic information. Only the user, or anyone with whom that the user shares the data, can access the data. + +The diagnostic information is stored on the device. If the device is connected to the user's computer, the information also resides on the computer in the following file: + +> This PC\\\<*HoloLens device name*>\\Internal Storage\\Documents\\Trace\<*ddmmyyhhmmss*>.etl + +> [!NOTE] +> In this file path and name, \<*HoloLens device name*> represents the name of the HoloLens device, and \<*ddmmyyhhmmss*> represents the date and time that the file was created. + +The diagnostic information remains in these locations until the user deletes it. + +## DiagnosticLog CSP + +In a Mobile Device Management (MDM) environment, the IT administrator can use the the [DiagnosticLog configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/diagnosticlog-csp) to configure diagnostic settings on enrolled HoloLens devices. The IT administrator can configure these settings to collect logs from enrolled devices. + +### Prerequisites + +- The device is connected to a network. +- The device is enrolled in an MDM environment that supports the DiagnosticLog CSP. + +### Data locations, access, and retention + +Because the device is part of the managed environment, the user implicitly consents to administrative access to diagnostic information. + +The IT administrator uses the DiagnosticLog CSP to configure the data storage, retention, and access policies, including the policies that govern the following: + +- The cloud infrastructure that stores the diagnostic information. +- The retention period for the diagnostic information. +- Permissions that control access to the diagnostic information. + +## Fallback diagnostics + +While device telemetry usually provides an initial understanding of a problem report, some issues require a broader and deeper understanding of the device state. When you (as a user or an administrator) investigate such issues, diagnostic logs that reside on the device are more useful than the basic device telemetry. + +The fallback diagnostics process provides a way for you to gather diagnostic information if no other methods are available. Such scenarios include the following: + +- The network or network-based resources (such as the Feedback Hub, MDM, and so on) are not available. +- The device is "stuck" or locked in a state in which usual troubleshooting capabilities (such as the Settings app) are not available. Such scenarios include the Out-of-Box-Experience (OOBE), kiosk mode, and a locked or "hung" user interface. + +> [!IMPORTANT] +> - On HoloLens 2 devices, you can use fallback diagnostics under the following conditions only: +> - During the Out-of-the-Box-Experience (OOBE) and when you select **Send Full Diagnostics Data**. +> - If the environment's Group Policy enforces the **System\AllowTelemetry** policy value of **Full**. +> - On HoloLens (1st gen) devices, you can use fallback diagnostics on HoloLens version 17763.316 or a later version. This version is the version that the Windows Device Recovery Tool restores when it resets the device. + +### How to use fallback diagnostics + +Before you start the fallback diagnostics process, make sure of the following: + +- The device is connected to a computer by using a USB cable. +- The device is powered on. +- The Power and Volume buttons on the device are functioning correctly. + +To collect fallback diagnostic information, follow these steps: + +1. On the device, press the Power and Volume Down buttons at the same time and then release them. +1. Wait for few seconds while the device collects the data. + +### Data locations + +The device stores the data locally. You can access that information from the connected desktop computer at the following location: + +> This PC\\\<*HoloLens device name*>\\Internal Storage\\Documents + +For more information about the files that the fallback diagnostics process collects, see [What diagnostics files does the fallback diagnostics process collect?](#what-diagnostics-files-does-the-fallback-diagnostics-process-collect). + +### Data access, use, and retention + +Because you store the data yourself, only you have access to the data. If you choose to share the data with another user, you implicitly grant permission for that user to access or store the data. + +The data remains until you delete it. + +### Frequently asked questions about fallback diagnostics on HoloLens + +#### Does the device have to be enrolled with an MDM system? + +No. + +#### How can I use fallback diagnostics on HoloLens? + +Before you start the fallback diagnostics process, make sure of the following: + +- The device is connected to a computer by using a USB cable. +- The device is powered on. +- The Power and Volume buttons on the device are functioning correctly. + +To collect fallback diagnostic information, follow these steps: + +1. On the device, press the Power and Volume Down buttons at the same time and then release them. +1. Wait for few seconds while the device collects the data. + +#### How would I know that data collection finished? + +The fallback diagnostics process does not have a user interface. On HoloLens 2, when the process starts to collect data, it creates a file that is named HololensDiagnostics.temp. When the process finishes, it removes the file. + +#### What diagnostics files does the fallback diagnostics process collect? + +The fallback diagnostics process collects one or more .zip files, depending on the version of HoloLens. The following table lists each of the possible .zip files, and the applicable versions of HoloLens. + +|File |Contents |HoloLens (1st gen) |HoloLens 2 10.0.18362+ |HoloLens 2 10.0.19041+ | +| --- | --- | --- | --- | --- | +|HololensDiagnostics.zip |Files for tracing sessions that ran on the device.

Diagnostic information that's specific to Hololens. |✔️ |✔️ |✔️ | +|DeviceEnrollmentDiagnostics.zip |Information that's related to MDM, device enrollment, CSPs, and policies. | |✔️ |✔️ | +|AutoPilotDiagnostics.zip |Information that's related to autopilot and licensing.| | |✔️ | +|TPMDiagnostics.zip |Information that's related to the trusted platform module (TPM) on the device | | |✔️ | + +> [!NOTE] +> Starting on May 2, 2019, the fallback diagnostics process collects EventLog*.etl files only if the signed-in user is the device owner. This is because these files may contain PII data. Such data is accessible to device owners only. This behavior matches the behavior of Windows desktop computers, where administrators have access to event log files but other users do not. + +**Sample diagnostic content for HoloLens (1st gen)** + +HololensDiagnostics.zip contains files such as the following: + +- AuthLogon.etl +- EventLog-HupRe.etl.001 +- FirstExperience.etl.001 +- HetLog.etl +- HoloInput.etl.001 +- HoloShell.etl.001 +- WiFi.etl.001 + +**Sample diagnostic content for HoloLens 2 10.0.18362+** + +HololensDiagnostics.zip contains files such as the following: + +- EventLog-Application.etl.001* +- EventLog-System.etl.001* +- AuthLogon.etl +- EventLog-HupRe.etl.001 +- FirstExperience.etl.001 +- HetLog.etl +- HoloInput.etl.001 +- HoloShell.etl.001 +- WiFi.etl.001 +- CSPsAndPolicies.etl.001 +- RadioMgr.etl +- WiFiDriverIHVSession.etl + +DeviceEnrollmentDiagnostics.zip contains files such as the following: + +- MDMDiagHtmlReport.html +- MdmDiagLogMetadata.json +- MDMDiagReport.xml +- MdmDiagReport_RegistryDump.reg +- MdmLogCollectorFootPrint.txt + +**Sample diagnostic content for HoloLens 2 10.0.19041+** + +HololensDiagnostics.zip contains files such as the following: + +- EventLog-Application.etl.001* +- EventLog-System.etl.001* +- AuthLogon.etl +- EventLog-HupRe.etl.001 +- FirstExperience.etl.001 +- HetLog.etl +- HoloInput.etl.001 +- HoloShell.etl.001 +- WiFi.etl.001 +- CSPsAndPolicies.etl.001 +- RadioMgr.etl +- WiFiDriverIHVSession.etl +- DisplayDiagnosticData.json +- HUP dumps + +DeviceEnrollmentDiagnostics.zip contains files such as the following: + +- MDMDiagHtmlReport.html +- MdmDiagLogMetadata.json +- MDMDiagReport.xml +- MdmDiagReport_RegistryDump.reg +- MdmLogCollectorFootPrint.txt + +AutoPilotDiagnostics.zip contains files such as the following: + +- DeviceHash_HoloLens-U5603.csv +- LicensingDiag.cab +- LicensingDiag_Output.txt +- TpmHliInfo_Output.txt +- DiagnosticLogCSP_Collector_DeviceEnrollment_\*.etl +- DiagnosticLogCSP_Collector_Autopilot_*.etl + +TPMDiagnostics.zip contains files such as the following: + +- CertReq_enrollaik_Output.txt +- CertUtil_tpminfo_Output.txt +- TPM\*.etl diff --git a/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md b/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md index c677b56488..2ab8b6b45b 100644 --- a/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md +++ b/devices/surface/advanced-uefi-security-features-for-surface-pro-3.md @@ -10,10 +10,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices, security ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 07/27/2017 --- # Advanced UEFI security features for Surface Pro 3 diff --git a/devices/surface/assettag.md b/devices/surface/assettag.md index db6a63ad69..21d5947ce2 100644 --- a/devices/surface/assettag.md +++ b/devices/surface/assettag.md @@ -5,10 +5,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.localizationpriority: medium ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 10/21/2019 ms.reviewer: hachidan manager: dansimp --- diff --git a/devices/surface/battery-limit.md b/devices/surface/battery-limit.md index c5d75cda00..8866b5c37b 100644 --- a/devices/surface/battery-limit.md +++ b/devices/surface/battery-limit.md @@ -5,11 +5,10 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.date: 10/31/2019 +author: coveminer ms.reviewer: manager: dansimp -ms.author: dansimp +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro diff --git a/devices/surface/change-history-for-surface.md b/devices/surface/change-history-for-surface.md index 18fc041b85..c3a2ef2f31 100644 --- a/devices/surface/change-history-for-surface.md +++ b/devices/surface/change-history-for-surface.md @@ -6,12 +6,11 @@ description: This topic lists new and updated topics in the Surface documentatio ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/21/2019 --- # Change history for Surface documentation diff --git a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md index 0b9915c4b0..5aac305c5a 100644 --- a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md +++ b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md @@ -6,12 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 11/25/2019 ms.reviewer: manager: dansimp --- diff --git a/devices/surface/customize-the-oobe-for-surface-deployments.md b/devices/surface/customize-the-oobe-for-surface-deployments.md index 46c321367b..bd26347d6a 100644 --- a/devices/surface/customize-the-oobe-for-surface-deployments.md +++ b/devices/surface/customize-the-oobe-for-surface-deployments.md @@ -10,11 +10,10 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.audience: itpro -ms.date: 10/21/2019 --- # Customize the OOBE for Surface deployments diff --git a/devices/surface/deploy-surface-app-with-windows-store-for-business.md b/devices/surface/deploy-surface-app-with-windows-store-for-business.md index a03f6e46fa..4b24dd9589 100644 --- a/devices/surface/deploy-surface-app-with-windows-store-for-business.md +++ b/devices/surface/deploy-surface-app-with-windows-store-for-business.md @@ -6,12 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, store ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/21/2019 ms.reviewer: manager: dansimp --- diff --git a/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md b/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md index 61fc8352df..e1debff872 100644 --- a/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md +++ b/devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md @@ -6,12 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 01/15/2020 ms.reviewer: manager: dansimp --- diff --git a/devices/surface/deploy.md b/devices/surface/deploy.md index 68749b654c..f0b8a6490f 100644 --- a/devices/surface/deploy.md +++ b/devices/surface/deploy.md @@ -5,11 +5,10 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.date: 10/02/2018 +author: coveminer ms.reviewer: manager: dansimp -ms.author: dansimp +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro diff --git a/devices/surface/documentation/surface-system-sku-reference.md b/devices/surface/documentation/surface-system-sku-reference.md index 55a45cdd43..0d49be965e 100644 --- a/devices/surface/documentation/surface-system-sku-reference.md +++ b/devices/surface/documentation/surface-system-sku-reference.md @@ -7,7 +7,6 @@ ms.sitesec: library author: coveminer ms.author: v-jokai ms.topic: article -ms.date: 03/12/2019 --- # Surface System SKU Reference This document provides a reference of System SKU names that you can use to quickly determine the machine state of a specific device using PowerShell, WMI, and related tools. diff --git a/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md b/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md index 49e1bc555b..65453aeaf5 100644 --- a/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md +++ b/devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md @@ -10,10 +10,9 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 07/27/2017 --- # Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices diff --git a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md index b49b04d13a..18011a1ca5 100644 --- a/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md +++ b/devices/surface/enable-surface-keyboard-for-windows-pe-deployment.md @@ -9,7 +9,6 @@ ms.sitesec: library author: Teresa-Motiv ms.author: v-tea ms.topic: article -ms.date: 01/30/2020 ms.reviewer: scottmca ms.localizationpriority: medium ms.audience: itpro diff --git a/devices/surface/enroll-and-configure-surface-devices-with-semm.md b/devices/surface/enroll-and-configure-surface-devices-with-semm.md index 50ecb3cb35..8e512c1511 100644 --- a/devices/surface/enroll-and-configure-surface-devices-with-semm.md +++ b/devices/surface/enroll-and-configure-surface-devices-with-semm.md @@ -6,12 +6,11 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices, security ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/21/2019 ms.reviewer: manager: dansimp --- diff --git a/devices/surface/ethernet-adapters-and-surface-device-deployment.md b/devices/surface/ethernet-adapters-and-surface-device-deployment.md index 3c05a0d165..4acda64004 100644 --- a/devices/surface/ethernet-adapters-and-surface-device-deployment.md +++ b/devices/surface/ethernet-adapters-and-surface-device-deployment.md @@ -10,11 +10,10 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.audience: itpro -ms.date: 10/21/2019 --- # Ethernet adapters and Surface deployment diff --git a/devices/surface/ltsb-for-surface.md b/devices/surface/ltsb-for-surface.md index 5e14c8444d..9d47e34bb2 100644 --- a/devices/surface/ltsb-for-surface.md +++ b/devices/surface/ltsb-for-surface.md @@ -5,8 +5,8 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.reviewer: manager: dansimp diff --git a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md index 2631b5f837..3760d85a4d 100644 --- a/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md +++ b/devices/surface/maintain-optimal-power-settings-on-Surface-devices.md @@ -4,8 +4,8 @@ description: This topic provides best practice recommendations for maintaining o ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.reviewer: manager: dansimp diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md index e2913ed910..827d2c64c5 100644 --- a/devices/surface/manage-surface-driver-and-firmware-updates.md +++ b/devices/surface/manage-surface-driver-and-firmware-updates.md @@ -10,11 +10,10 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.audience: itpro -ms.date: 03/10/2020 --- # Manage and deploy Surface driver and firmware updates diff --git a/devices/surface/manage-surface-uefi-settings.md b/devices/surface/manage-surface-uefi-settings.md index 1a6d09a545..224cc16744 100644 --- a/devices/surface/manage-surface-uefi-settings.md +++ b/devices/surface/manage-surface-uefi-settings.md @@ -7,10 +7,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: devices, surface -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 02/26/2020 ms.reviewer: manager: dansimp --- diff --git a/devices/surface/microsoft-surface-brightness-control.md b/devices/surface/microsoft-surface-brightness-control.md index 1761581ced..84ef8a1b9f 100644 --- a/devices/surface/microsoft-surface-brightness-control.md +++ b/devices/surface/microsoft-surface-brightness-control.md @@ -5,10 +5,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 10/31/2019 ms.reviewer: hachidan manager: dansimp ms.localizationpriority: medium diff --git a/devices/surface/microsoft-surface-data-eraser.md b/devices/surface/microsoft-surface-data-eraser.md index a835026b8b..4ee475b184 100644 --- a/devices/surface/microsoft-surface-data-eraser.md +++ b/devices/surface/microsoft-surface-data-eraser.md @@ -10,11 +10,10 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices, security ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.audience: itpro -ms.date: 02/20/2020 --- # Microsoft Surface Data Eraser diff --git a/devices/surface/microsoft-surface-deployment-accelerator.md b/devices/surface/microsoft-surface-deployment-accelerator.md index 8fbc32d7df..e60688692b 100644 --- a/devices/surface/microsoft-surface-deployment-accelerator.md +++ b/devices/surface/microsoft-surface-deployment-accelerator.md @@ -4,15 +4,14 @@ description: Microsoft Surface Deployment Accelerator provides a quick and simpl ms.assetid: E7991E90-4AAE-44B6-8822-58BFDE3EADE4 ms.reviewer: hachidan manager: dansimp -ms.date: 10/31/2019 ms.localizationpriority: medium keywords: deploy, install, tool ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.audience: itpro --- diff --git a/devices/surface/step-by-step-surface-deployment-accelerator.md b/devices/surface/step-by-step-surface-deployment-accelerator.md index 04d78253ee..42f641271c 100644 --- a/devices/surface/step-by-step-surface-deployment-accelerator.md +++ b/devices/surface/step-by-step-surface-deployment-accelerator.md @@ -10,8 +10,8 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.date: 10/31/2019 --- diff --git a/devices/surface/support-solutions-surface.md b/devices/surface/support-solutions-surface.md index b311e28937..4fe99f1ebd 100644 --- a/devices/surface/support-solutions-surface.md +++ b/devices/surface/support-solutions-surface.md @@ -9,8 +9,8 @@ ms.prod: w10 ms.mktglfcycl: support ms.sitesec: library ms.pagetype: surfacehub -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.date: 09/26/2019 ms.localizationpriority: medium diff --git a/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md b/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md index d57966b6cf..15f3dc33f0 100644 --- a/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md +++ b/devices/surface/surface-device-compatibility-with-windows-10-ltsc.md @@ -6,12 +6,11 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/21/2019 ms.reviewer: scottmca manager: dansimp --- diff --git a/devices/surface/surface-diagnostic-toolkit-business.md b/devices/surface/surface-diagnostic-toolkit-business.md index 62c4129d08..9c71c1cee4 100644 --- a/devices/surface/surface-diagnostic-toolkit-business.md +++ b/devices/surface/surface-diagnostic-toolkit-business.md @@ -5,8 +5,8 @@ ms.prod: w10 ms.mktglfcycl: manage ms.localizationpriority: medium ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.date: 10/31/2019 ms.reviewer: hachidan diff --git a/devices/surface/surface-diagnostic-toolkit-command-line.md b/devices/surface/surface-diagnostic-toolkit-command-line.md index 6ea9d9ac55..7dca10584e 100644 --- a/devices/surface/surface-diagnostic-toolkit-command-line.md +++ b/devices/surface/surface-diagnostic-toolkit-command-line.md @@ -4,10 +4,9 @@ description: How to run Surface Diagnostic Toolkit in a command console ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 11/15/2018 ms.reviewer: hachidan manager: dansimp ms.localizationpriority: medium diff --git a/devices/surface/surface-diagnostic-toolkit-desktop-mode.md b/devices/surface/surface-diagnostic-toolkit-desktop-mode.md index 738ec1ecae..8586cb543a 100644 --- a/devices/surface/surface-diagnostic-toolkit-desktop-mode.md +++ b/devices/surface/surface-diagnostic-toolkit-desktop-mode.md @@ -4,10 +4,9 @@ description: How to use SDT to help users in your organization run the tool to i ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 10/31/2019 ms.reviewer: hachidan manager: dansimp ms.localizationpriority: medium diff --git a/devices/surface/surface-diagnostic-toolkit-for-business-intro.md b/devices/surface/surface-diagnostic-toolkit-for-business-intro.md index a64fb3cc4f..1a417a6bcd 100644 --- a/devices/surface/surface-diagnostic-toolkit-for-business-intro.md +++ b/devices/surface/surface-diagnostic-toolkit-for-business-intro.md @@ -4,8 +4,8 @@ description: This page provides an introduction to the Surface Diagnostic Toolki ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.reviewer: cottmca manager: dansimp diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index e872ddc649..d748891d49 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -11,7 +11,6 @@ ms.topic: article ms.reviewer: scottmca manager: dansimp ms.audience: itpro -ms.date: 02/07/2020 --- # Microsoft Surface Dock Firmware Update diff --git a/devices/surface/surface-enterprise-management-mode.md b/devices/surface/surface-enterprise-management-mode.md index 52e193b6dd..493b04c1ae 100644 --- a/devices/surface/surface-enterprise-management-mode.md +++ b/devices/surface/surface-enterprise-management-mode.md @@ -6,10 +6,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices, security ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 12/02/2019 ms.reviewer: scottmca manager: dansimp ms.localizationpriority: medium diff --git a/devices/surface/surface-manage-dfci-guide.md b/devices/surface/surface-manage-dfci-guide.md index efb5fa93b5..41a2f2f912 100644 --- a/devices/surface/surface-manage-dfci-guide.md +++ b/devices/surface/surface-manage-dfci-guide.md @@ -5,8 +5,8 @@ ms.localizationpriority: medium ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.date: 11/13/2019 ms.reviewer: jesko diff --git a/devices/surface/surface-pro-arm-app-management.md b/devices/surface/surface-pro-arm-app-management.md index fd98f72368..fb4f9b552d 100644 --- a/devices/surface/surface-pro-arm-app-management.md +++ b/devices/surface/surface-pro-arm-app-management.md @@ -5,10 +5,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.localizationpriority: high ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 1/22/2020 ms.reviewer: jessko manager: dansimp ms.audience: itpro diff --git a/devices/surface/surface-pro-arm-app-performance.md b/devices/surface/surface-pro-arm-app-performance.md index baa547d04b..0057104b59 100644 --- a/devices/surface/surface-pro-arm-app-performance.md +++ b/devices/surface/surface-pro-arm-app-performance.md @@ -5,8 +5,8 @@ ms.prod: w10 ms.localizationpriority: medium ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.date: 10/03/2019 ms.reviewer: jessko diff --git a/devices/surface/surface-system-sku-reference.md b/devices/surface/surface-system-sku-reference.md index f74ee76e83..062008fc1e 100644 --- a/devices/surface/surface-system-sku-reference.md +++ b/devices/surface/surface-system-sku-reference.md @@ -6,8 +6,8 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices, security ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.date: 03/09/2020 ms.reviewer: diff --git a/devices/surface/surface-wireless-connect.md b/devices/surface/surface-wireless-connect.md index 6e225137c2..d30a955dac 100644 --- a/devices/surface/surface-wireless-connect.md +++ b/devices/surface/surface-wireless-connect.md @@ -4,12 +4,11 @@ description: This topic describes recommended Wi-Fi settings to ensure Surface d ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp +author: coveminer ms.audience: itpro ms.localizationpriority: medium -ms.author: dansimp +ms.author: v-jokai ms.topic: article -ms.date: 10/31/2019 ms.reviewer: tokatz manager: dansimp --- diff --git a/devices/surface/unenroll-surface-devices-from-semm.md b/devices/surface/unenroll-surface-devices-from-semm.md index 39b70f6006..6174474de7 100644 --- a/devices/surface/unenroll-surface-devices-from-semm.md +++ b/devices/surface/unenroll-surface-devices-from-semm.md @@ -6,10 +6,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices, security ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 01/06/2017 ms.reviewer: manager: dansimp ms.localizationpriority: medium diff --git a/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md b/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md index ac6102c2ef..bac99f89bc 100644 --- a/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md +++ b/devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md @@ -6,12 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/21/2019 ms.reviewer: manager: dansimp --- diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md index 1ac8eb8aa2..da2a90ea0b 100644 --- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md +++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md @@ -6,10 +6,9 @@ ms.prod: w10 ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 11/22/2019 ms.reviewer: manager: dansimp ms.localizationpriority: medium diff --git a/devices/surface/using-the-sda-deployment-share.md b/devices/surface/using-the-sda-deployment-share.md index 20ad4f6903..40c991f145 100644 --- a/devices/surface/using-the-sda-deployment-share.md +++ b/devices/surface/using-the-sda-deployment-share.md @@ -6,12 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/21/2019 ms.reviewer: manager: dansimp --- diff --git a/devices/surface/wake-on-lan-for-surface-devices.md b/devices/surface/wake-on-lan-for-surface-devices.md index 53ff389c02..37cb7a1d1e 100644 --- a/devices/surface/wake-on-lan-for-surface-devices.md +++ b/devices/surface/wake-on-lan-for-surface-devices.md @@ -7,10 +7,9 @@ ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library ms.localizationpriority: medium -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article -ms.date: 12/30/2019 ms.reviewer: scottmca manager: dansimp ms.audience: itpro diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index 1fbdba19cf..b008fa625a 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -8,12 +8,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library -author: dansimp -ms.author: dansimp +author: coveminer +ms.author: v-jokai ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 02/14/2020 --- # Windows Autopilot and Surface devices diff --git a/education/windows/take-a-test-multiple-pcs.md b/education/windows/take-a-test-multiple-pcs.md index c326ec1cba..69d4efc9c1 100644 --- a/education/windows/take-a-test-multiple-pcs.md +++ b/education/windows/take-a-test-multiple-pcs.md @@ -20,7 +20,7 @@ manager: dansimp - Windows 10 -Many schools use online testing for formative and summative assessments. It's critical that students use a secure browser that prevents them from using other computer or Internet resources during the test. +Many schools use online testing for formative and summation assessments. It's critical that students use a secure browser that prevents them from using other computer or Internet resources during the test. Follow the guidance in this topic to set up Take a Test on multiple PCs. @@ -130,7 +130,7 @@ To set up a test account through Windows Configuration Designer, follow these st 1. [Install Windows Configuration Designer](https://technet.microsoft.com/itpro/windows/configure/provisioning-install-icd). 2. Create a provisioning package by following the steps in [Provision PCs with common settings for initial deployment (desktop wizard)](https://technet.microsoft.com/itpro/windows/configure/provision-pcs-for-initial-deployment). However, make a note of these other settings to customize the test account. - 1. After you're done with the wizard, do not click **Create**. Instead, click the **Switch to advanced editor** to switch the project to the advanced editor to see all the available **Runtine settings**. + 1. After you're done with the wizard, do not click **Create**. Instead, click the **Switch to advanced editor** to switch the project to the advanced editor to see all the available **Runtime settings**. 2. Under **Runtime settings**, go to **AssignedAccess > AssignedAccessSettings**. 3. Enter **{"Account":"*redmond\\kioskuser*","AUMID":” Microsoft.Windows.SecureAssessmentBrowser_cw5n1h2txyewy!App "}**, using the account that you want to set up. @@ -211,7 +211,7 @@ Anything hosted on the web can be presented in a locked down manner, not just as For this option, you can just copy the assessment URL, select the options you want to allow during the test, and click a button to create the link. We recommend this for option for teachers. - To get started, go here: [Create a link using a web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link). + To get started, go here: [Create a link using a web UI](https://aka.ms/create-a-take-a-test-link). - Create a link using schema activation @@ -255,7 +255,7 @@ One of the ways you can present content in a locked down manner is by embedding See [Permissive mode](take-a-test-app-technical.md#permissive-mode) and [Secure Browser API Specification](https://github.com/SmarterApp/SB_BIRT/blob/master/irp/doc/req/SecureBrowserAPIspecification.md) for more info. ### Create a shortcut for the test link -You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps: +You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://aka.ms/create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps: 1. On a device running Windows, right-click on the desktop and then select **New > Shortcut**. 2. In the **Create Shortcut** window, paste the assessment URL in the field under **Type the location of the item**. diff --git a/education/windows/take-a-test-single-pc.md b/education/windows/take-a-test-single-pc.md index 41fbb7b7fd..1286a5aec8 100644 --- a/education/windows/take-a-test-single-pc.md +++ b/education/windows/take-a-test-single-pc.md @@ -66,7 +66,7 @@ Anything hosted on the web can be presented in a locked down manner, not just as For this option, you can just copy the assessment URL, select the options you want to allow during the test, and click a button to create the link. We recommend this for option for teachers. - To get started, go here: [Create a link using a web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link). + To get started, go here: [Create a link using a web UI](https://aka.ms/create-a-take-a-test-link). - Create a link using schema activation @@ -117,7 +117,7 @@ One of the ways you can present content in a locked down manner is by embedding ### Create a shortcut for the test link -You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://education.microsoft.com/courses-and-resources/windows-10-create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps: +You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://aka.ms/create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps: 1. On a device running Windows, right-click on the desktop and then select **New > Shortcut**. 2. In the **Create Shortcut** window, paste the assessment URL in the field under **Type the location of the item**. diff --git a/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md index ac53e16865..b2ef8ff138 100644 --- a/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md +++ b/windows/deployment/deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md @@ -72,7 +72,7 @@ On **CM01**: The backup-only task sequence (named Replace Task Sequence). -## Associate the new machine with the old computer +## Associate the new device with the old computer This section walks you through the process of associating a new, blank device (PC0006), with an existing computer (PC0004), for the purpose of replacing PC0004 with PC0006. PC0006 can be either a physical or virtual machine. @@ -149,7 +149,7 @@ This section assumes that you have a computer named PC0004 with the Configuratio On **PC0004**: -1. If it is not alreayd started, start the PC0004 computer and open the Configuration Manager control panel (control smscfgrc). +1. If it is not already started, start the PC0004 computer and open the Configuration Manager control panel (control smscfgrc). 2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, click **Run Now**, and then click **OK** in the popup dialog box that appears. >[!NOTE] diff --git a/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md b/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md index 2d3ffa0e03..553be3b239 100644 --- a/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md +++ b/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md @@ -24,196 +24,119 @@ ms.topic: article The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. You can use a Microsoft Endpoint Configuration Manager task sequence to completely automate the process. >[!IMPORTANT] ->Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must removed from a device before performing an in-place upgrade to Windows 10. +>Beginning with Windows 10 and Windows Server 2016, Windows Defender is already installed. A management client for Windows Defender is also installed automatically if the Configuration Manager client is installed. However, previous Windows operating systems installed the System Center Endpoint Protection (SCEP) client with the Configuration Manager client. The SCEP client can block in-place upgrade to Windows 10 due to incompatibility, and must be removed from a device before performing an in-place upgrade to Windows 10. -## Proof-of-concept environment +## Infrastructure -For the purposes of this topic, we will use three computers: DC01, CM01, and PC0001. DC01 is a domain controller and CM01 is a domain member server. PC0001 is a computer running Windows 7 SP1, targeted for the Windows 10 upgrade. For more details on the setup for this topic, please see [Prepare for deployment with MDT](../deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md). +An existing Configuration Manager infrastructure that is integrated with MDT is used for the following procedures. For more information about the setup for this article, see [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md). -![computers](../images/dc01-cm01-pc0001.png) +For the purposes of this article, we will use one server computer (CM01) and one client computers (PC0004). +- CM01 is a domain member server and Configuration Manager software distribution point. In this guide CM01 is a standalone primary site server. +- PC0004 is a domain member client computer running Windows 7 SP1, or a later version of Windows, with the Configuration Manager client installed, that will be upgraded to Windows 10. -The computers used in this topic. +All servers are running Windows Server 2019. However, an earlier, supported version of Windows Server can also be used. -## Upgrade to Windows 10 with Configuration Manager +All server and client computers referenced in this guide are on the same subnet. This is not required, but each server and client computer must be able to connect to each other to share files, and to resolve all DNS names and Active Directory information for the contoso.com domain. Internet connectivity is also required to download OS and application updates. +## Add an OS upgrade package -System Center 2012 R2 Configuration Manager SP 1 adds support to manage and deploy Windows 10. Although it does not include built-in support to perform an in-place upgrade from Windows 7, Windows 8, or Windows 8.1 to Windows 10, you can build a custom task sequence to perform the necessary tasks. +Configuration Manager Current Branch includes a native in-place upgrade task. This task sequence differs from the MDT in-place upgrade task sequence in that it does not use a default OS image, but rather uses an [OS upgrade package](https://docs.microsoft.com/configmgr/osd/get-started/manage-operating-system-upgrade-packages). -## Create the task sequence +On **CM01**: +1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Operating System Upgrade Packages**, and click **Add Operating System Upgrade Package**. +2. On the **Data Source** page, under **Path**, click **Browse** and enter the UNC path to your media source. In this example, we have extracted the Windows 10 installation media to **\\\\cm01\\Sources$\\OSD\\UpgradePackages\\Windows 10**. +3. If you have multiple image indexes in the installation media, select **Extract a specific image index from install.wim...** and choose the image index you want from the dropdown menu. In this example, we have chosen **Windows 10 Enterprise**. +4. Next to **Architecture**, select **x64**, choose a language from the dropdown menu next to **Language**, and then click **Next**. +5. Next to **Name**, enter **Windows 10 x64 RTM** and then complete the wizard by clicking **Next** and **Close**. +6. Distribute the OS upgrade package to the CM01 distribution point by right-clicking the **Windows 10 x64 RTM** OS upgrade package and then clicking **Distribute Content**. +7. In the Distribute Content Wizard, add the CM01 distribution point, click **Next** and click **Close**. +8. View the content status for the Windows 10 x64 RTM upgrade package. Do not continue until the distribution is completed (it might take a few minutes). You also can review the D:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for the **STATMSG: ID=2301** line. -To help with this process, the Configuration Manager team has published [a blog](https://go.microsoft.com/fwlink/p/?LinkId=620179) that provides a sample task sequence, as well as the [original blog that includes the instructions for setting up the task sequence](https://go.microsoft.com/fwlink/p/?LinkId=620180). To summarize, here are the tasks you need to perform: +## Create an in-place upgrade task sequence -1. Download the [Windows10Upgrade1506.zip](https://go.microsoft.com/fwlink/p/?LinkId=620182) file that contains the sample task sequence and related scripts. Extract the contents onto a network share. -2. Copy the Windows 10 Enterprise RTM x64 media into the extracted but empty **Windows vNext Upgrade Media** folder. -3. Using the Configuration Manager Console, right-click the **Task Sequences** node, and then choose **Import Task Sequence**. Select the **Windows-vNextUpgradeExport.zip** file that you extracted in Step 1. -4. Distribute the two created packages (one contains the Windows 10 Enterprise x64 media, the other contains the related scripts) to the Configuration Manager distribution point. +On **CM01**: -For full details and an explanation of the task sequence steps, review the full details of the two blogs that are referenced above. +1. Using the Configuration Manager console, in the Software Library workspace, expand **Operating Systems**, right-click **Task Sequences**, and select **Create Task Sequence**. +2. On the **Create a new task sequence** page, select **Upgrade an operating system from an upgrade package** and click **Next**. +3. Use the following settings to complete the wizard: + + * Task sequence name: Upgrade Task Sequence + * Description: In-place upgrade + * Upgrade package: Windows 10 x64 RTM + * Include software updates: Do not install any software updates + * Install applications: OSD \ Adobe Acrobat Reader DC + +4. Complete the wizard, and click **Close**. +5. Review the Upgrade Task Sequence. + +![The upgrade task sequence](../images/cm-upgrade-ts.png) + +The Configuration Manager upgrade task sequence ## Create a device collection +After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0004 computer running Windows 7 SP1, with the Configuration Manager client installed. -After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the Configuration Manager client installed. +On **CM01**: -1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: - - General +1. Using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: + - General + - Name: Windows 10 x64 in-place upgrade + - Limited Collection: All Systems + - Membership rules: + - Direct rule + - Resource Class: System Resource + - Attribute Name: Name + - Value: PC0004 + - Select Resources + - Select PC0004 - - Name: Windows 10 Enterprise x64 Upgrade - - - Limited Collection: All Systems - - - Membership rules: - - - Direct rule - - - Resource Class: System Resource - - - Attribute Name: Name - - - Value: PC0001 - - - Select Resources - - - Select PC0001 - -2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection. +2. Review the Windows 10 x64 in-place upgrade collection. Do not continue until you see PC0004 in the collection. ## Deploy the Windows 10 upgrade - In this section, you create a deployment for the Windows 10 Enterprise x64 Update application. -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**. -2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**. +On **CM01**: + +1. Using the Configuration Manager console, in the Software Library workspace, right-click the **Upgrade Task Sequence** task sequence, and then click **Deploy**. +2. On the **General** page, browse and select the **Windows 10 x64 in-place upgrade** collection, and then click **Next**. 3. On the **Content** page, click **Next**. -4. On the **Deployment Settings** page, select the following settings, and then click **Next**: - - Action: Install - - - Purpose: Available - +4. On the **Deployment Settings** page, click **Next**: 5. On the **Scheduling** page, accept the default settings, and then click **Next**. 6. On the **User Experience** page, accept the default settings, and then click **Next**. 7. On the **Alerts** page, accept the default settings, and then click **Next**. +7. On the **Distribution Points** page, accept the default settings, and then click **Next**. 8. On the **Summary** page, click **Next**, and then click **Close**. ## Start the Windows 10 upgrade +Next, run the in-place upgrade task sequence on PC0004. -In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1). +On **PC0004**: -1. On PC0001, start the **Software Center**. -2. Select the **Windows vNext Upgrade** task sequence, and then click **Install**. +1. Open the Configuration Manager control panel (control smscfgrc). +2. On the **Actions** tab, select **Machine Policy Retrieval & Evaluation Cycle**, click **Run Now**, and then click **OK** in the popup dialog box that appears. -When the task sequence begins, it will automatically initiate the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers. + >[!NOTE] + >You also can use the Client Notification option in the Configuration Manager console, as shown in [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md). -![figure 2](../images/upgradecfg-fig2-upgrading.png) +3. Open the Software Center, select the **Upgrade Task Sequence** deployment and then click **Install**. +4. Confirm you want to upgrade the operating system on this computer by clicking **Install** again. +5. Allow the Upgrade Task Sequence to complete. The PC0004 computer will download the install.wim file, perform an in-place upgrade, and install your added applications. See the following examples: -Figure 2. Upgrade from Windows 7 to Windows 10 Enterprise x64 with a task sequence. +![pc0004-a](../images/pc0004-a.png)
+![pc0004-b](../images/pc0004-b.png)
+![pc0004-c](../images/pc0004-c.png)
+![pc0004-d](../images/pc0004-d.png)
+![pc0004-e](../images/pc0004-e.png)
+![pc0004-f](../images/pc0004-f.png)
+![pc0004-g](../images/pc0004-g.png) -After the task sequence finishes, the computer will be fully upgraded to Windows 10. - -## Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager - - -With Configuration Manager, new built-in functionality makes it easier to upgrade to Windows 10. - -**Note**   -For more details about Configuration Manager, see the [Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620205). An [evaluation version is currently available](https://go.microsoft.com/fwlink/p/?LinkId=620206) for you to try. The instructions below are specific to the Technical Preview 2 release and may change after the next version of Configuration Manager is released. - - - -### Create the OS upgrade package - -First, you need to create an operating system upgrade package that contains the full Windows 10 Enterprise x64 installation media. - -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Operating System Upgrade Packages** node, then select **Add Operating System Upgrade Package**. -2. On the **Data Source** page, specify the UNC path to the Windows 10 Enterprise x64 media, and then click **Next**. -3. On the **General** page, specify Windows 10 Enterprise x64 Upgrade, and then click **Next**. -4. On the **Summary** page, click **Next**, and then click **Close**. -5. Right-click the created **Windows 10 Enterprise x64 Update** package, and then select **Distribute Content**. Choose the CM01 distribution point. - -### Create the task sequence - -To create an upgrade task sequence, perform the following steps: - -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Task Sequences** node, and then select **Create Task Sequence**. -2. On the **Create a new task sequence** page, select **Upgrade an operating system from upgrade package**, and then click **Next**. -3. On the **Task Sequence Information** page, specify **Windows 10 Enterprise x64 Upgrade**, and then click **Next**. -4. On the **Upgrade the Windows operating system** page, select the **Windows 10 Enterprise x64 Upgrade operating system upgrade** package, and then click **Next**. -5. Click **Next** through the remaining wizard pages, and then click **Close**. - -![figure 3](../images/upgradecfg-fig3-upgrade.png) - -Figure 3. The Configuration Manager upgrade task sequence. - -### Create a device collection - -After you create the upgrade task sequence, you can create a collection to test a deployment. In this section, we assume you have the PC0001 machine running Windows 7 SP1, with the next version of Configuration Manager client installed. - -1. On CM01, using the Configuration Manager console, in the Asset and Compliance workspace, right-click **Device Collections**, and then select **Create Device Collection**. Use the following settings: - - General - - - Name: Windows 10 Enterprise x64 Upgrade - - - Limited Collection: All Systems - - - Membership rules: - - - Direct rule - - - Resource Class: System Resource - - - Attribute Name: Name - - - Value: PC0001 - - - Select Resources - - - Select PC0001 - -2. Review the Windows 10 Enterprise x64 Upgrade collection. Do not continue until you see the PC0001 machine in the collection. - -### Deploy the Windows 10 upgrade - -In this section, you create a deployment for the Windows 10 Enterprise x64 Update application. - -1. On CM01, using the Configuration Manager console, in the Software Library workspace, right-click the **Windows vNext Upgrade** task sequence, and then select **Deploy**. -2. On the **General** page, select the **Windows 10 Enterprise x64 Upgrade** collection, and then click **Next**. -3. On the **Content** page, click **Next**. -4. On the **Deployment Settings** page, select the following settings and click **Next**: - - Action: Install - - - Purpose: Available - -5. On the **Scheduling** page, accept the default settings, and then click **Next**. -6. On the **User Experience** page, accept the default settings, and then click **Next**. -7. On the **Alerts** page, accept the default settings, and then click **Next**. -8. On the **Summary** page, click **Next**, and then click **Close**. - -### Start the Windows 10 upgrade - -In this section, you start the Windows 10 Upgrade task sequence on PC0001 (currently running Windows 7 SP1). - -1. On PC0001, start the **Software Center**. -2. Select the **Windows 10 Enterprise x64 Upgrade** task sequence, and then click **Install.** - -When the task sequence begins, it automatically initiates the in-place upgrade process by invoking the Windows setup program (Setup.exe) with the necessary command-line parameters to perform an automated upgrade, which preserves all data, settings, apps, and drivers. - -After the task sequence completes, the computer will be fully upgraded to Windows 10. +In-place upgrade with Configuration Manager ## Related topics - -[Windows 10 deployment scenarios](../windows-10-deployment-scenarios.md) - +[Windows 10 deployment scenarios](../windows-10-deployment-scenarios.md)
[Configuration Manager Team blog](https://go.microsoft.com/fwlink/p/?LinkId=620109) - - - - - - - - - diff --git a/windows/deployment/images/cm-upgrade-ts.png b/windows/deployment/images/cm-upgrade-ts.png new file mode 100644 index 0000000000..15c6b04400 Binary files /dev/null and b/windows/deployment/images/cm-upgrade-ts.png differ diff --git a/windows/deployment/images/pc0004-a.png b/windows/deployment/images/pc0004-a.png new file mode 100644 index 0000000000..afe954d28f Binary files /dev/null and b/windows/deployment/images/pc0004-a.png differ diff --git a/windows/deployment/images/pc0004-b.png b/windows/deployment/images/pc0004-b.png new file mode 100644 index 0000000000..caad109ace Binary files /dev/null and b/windows/deployment/images/pc0004-b.png differ diff --git a/windows/deployment/images/pc0004-c.png b/windows/deployment/images/pc0004-c.png new file mode 100644 index 0000000000..21490d55a3 Binary files /dev/null and b/windows/deployment/images/pc0004-c.png differ diff --git a/windows/deployment/images/pc0004-d.png b/windows/deployment/images/pc0004-d.png new file mode 100644 index 0000000000..db10b4ccdc Binary files /dev/null and b/windows/deployment/images/pc0004-d.png differ diff --git a/windows/deployment/images/pc0004-e.png b/windows/deployment/images/pc0004-e.png new file mode 100644 index 0000000000..d6472a4209 Binary files /dev/null and b/windows/deployment/images/pc0004-e.png differ diff --git a/windows/deployment/images/pc0004-f.png b/windows/deployment/images/pc0004-f.png new file mode 100644 index 0000000000..7752a700e0 Binary files /dev/null and b/windows/deployment/images/pc0004-f.png differ diff --git a/windows/deployment/images/pc0004-g.png b/windows/deployment/images/pc0004-g.png new file mode 100644 index 0000000000..93b4812149 Binary files /dev/null and b/windows/deployment/images/pc0004-g.png differ diff --git a/windows/deployment/windows-10-deployment-scenarios.md b/windows/deployment/windows-10-deployment-scenarios.md index db37430195..c67c06b664 100644 --- a/windows/deployment/windows-10-deployment-scenarios.md +++ b/windows/deployment/windows-10-deployment-scenarios.md @@ -54,7 +54,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen Use Windows Setup to update your OS and migrate apps and settings. Rollback data is saved in Windows.old. -Perform an in-place upgrade to Windows 10 with MDT
Perform an in-place upgrade to Windows 10 using Configuration Manager +Perform an in-place upgrade to Windows 10 with MDT
Perform an in-place upgrade to Windows 10 using Configuration Manager @@ -108,7 +108,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen Deploy a new device, or wipe an existing device and deploy with a fresh image. - Deploy a Windows 10 image using MDT
Install a new version of Windows on a new computer with Microsoft Endpoint Configuration Manager + Deploy a Windows 10 image using MDT
Deploy Windows 10 using PXE and Configuration Manager @@ -120,7 +120,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen Also called wipe and load. Redeploy a device by saving the user state, wiping the disk, then restoring the user state. - Refresh a Windows 7 computer with Windows 10
Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager + Refresh a Windows 7 computer with Windows 10
Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager @@ -132,7 +132,7 @@ The following table summarizes various Windows 10 deployment scenarios. The scen Replace an existing device with a new one by saving the user state on the old device and then restoring it to the new device. - Replace a Windows 7 computer with a Windows 10 computer
Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager + Replace a Windows 7 computer with a Windows 10 computer
Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index eab2a21708..9f036fee96 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -459,7 +459,7 @@ ####### [Get machine related alerts](microsoft-defender-atp/get-machine-related-alerts.md) ####### [Get installed software](microsoft-defender-atp/get-installed-software.md) ####### [Get discovered vulnerabilities](microsoft-defender-atp/get-discovered-vulnerabilities.md) -####### [Get security recommendation](microsoft-defender-atp/get-security-recommendations.md) +####### [Get security recommendations](microsoft-defender-atp/get-security-recommendations.md) ####### [Add or Remove machine tags](microsoft-defender-atp/add-or-remove-machine-tags.md) ####### [Find machines by IP](microsoft-defender-atp/find-machines-by-ip.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy-flyout.png b/windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy-flyout.png new file mode 100644 index 0000000000..85a4ed9445 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy-flyout.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy.png b/windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy.png new file mode 100644 index 0000000000..9d3b149d1c Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/report-inaccuracy.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/software-inventory-report-inaccuracy.png b/windows/security/threat-protection/microsoft-defender-atp/images/software-inventory-report-inaccuracy.png new file mode 100644 index 0000000000..7a46a33eec Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/software-inventory-report-inaccuracy.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/top-security-recommendations.png b/windows/security/threat-protection/microsoft-defender-atp/images/top-security-recommendations.png new file mode 100644 index 0000000000..5ec281d0b3 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/top-security-recommendations.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index d6714f727e..1ea46c138a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -256,7 +256,7 @@ Download the onboarding package from Microsoft Defender Security Center: - Open a Terminal window. Copy and execute the following command: ``` bash - curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt + curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt ``` - The file should have been quarantined by Microsoft Defender ATP for Linux. Use the following command to list all the detected threats: diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index 6459e6190e..4a410131e3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -67,7 +67,7 @@ You can validate that your exclusion lists are working by using `curl` to downlo In the following Bash snippet, replace *test.txt* with a file that conforms to your exclusion rules. For example, if you have excluded the *.testing extension*, replace *test.txt* with *test.testing*. If you are testing a path, ensure that you run the command within that path. ```bash -$ curl -o test.txt http://www.eicar.org/download/eicar.com.txt +$ curl -o test.txt https://www.eicar.org/download/eicar.com.txt ``` If Microsoft Defender ATP for Mac reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm that the contents are the same as what is described on the [EICAR test file website](http://2016.eicar.org/86-0-Intended-use.html). diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md index 76875534f3..6c5a04ada0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md @@ -362,9 +362,9 @@ Specifies the value of tag ## Recommended configuration profile -To get started, we recommend the following configuration profile for your enterprise to take advantage of all protection features that Microsoft Defender ATP provides. +To get started, we recommend the following configuration for your enterprise to take advantage of all protection features that Microsoft Defender ATP provides. -The following configuration profile will: +The following configuration profile (or, in case of JAMF, a property list that could be uploaded into the custom settings configuration profile) will: - Enable real-time protection (RTP) - Specify how the following threat types are handled: - **Potentially unwanted applications (PUA)** are blocked @@ -372,7 +372,7 @@ The following configuration profile will: - Enable cloud-delivered protection - Enable automatic sample submission -### JAMF profile +### Property list for JAMF configuration profile ```XML @@ -491,9 +491,9 @@ The following configuration profile will: ## Full configuration profile example -The following configuration profile contains entries for all settings described in this document and can be used for more advanced scenarios where you want more control over Microsoft Defender ATP for Mac. +The following templates contain entries for all settings described in this document and can be used for more advanced scenarios where you want more control over Microsoft Defender ATP for Mac. -### JAMF profile +### Property list for JAMF configuration profile ```XML @@ -734,16 +734,16 @@ The following configuration profile contains entries for all settings described ``` -## Configuration profile validation +## Property list validation -The configuration profile must be a valid *.plist* file. This can be checked by executing: +The property list must be a valid *.plist* file. This can be checked by executing: ```bash $ plutil -lint com.microsoft.wdav.plist com.microsoft.wdav.plist: OK ``` -If the configuration profile is well-formed, the above command outputs `OK` and returns an exit code of `0`. Otherwise, an error that describes the issue is displayed and the command returns an exit code of `1`. +If the file is well-formed, the above command outputs `OK` and returns an exit code of `0`. Otherwise, an error that describes the issue is displayed and the command returns an exit code of `1`. ## Configuration profile deployment diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md index ff5e1ed7d9..0534d30935 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md @@ -25,6 +25,18 @@ ms.topic: article To onboard machines without Internet access, you'll need to take the following general steps: +> [!IMPORTANT] +> The steps below are applicable only to machines running previous versions of Windows such as: +Windows Server 2016 and earlier or Windows 8.1 and earlier. + +> [!NOTE] +> An OMS gateway server can still be used as proxy for disconnected Windows 10 machines when configured via 'TelemetryProxyServer' registry or GPO. + +For more information, see the following articles: +- [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel) +- [Onboard servers to the Microsoft Defender ATP service](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints#windows-server-2008-r2-sp1--windows-server-2012-r2-and-windows-server-2016) +- [Configure machine proxy and Internet connectivity settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#configure-the-proxy-server-manually-using-a-registry-based-static-proxy) + ## On-premise machines - Setup Azure Log Analytics (formerly known as OMS Gateway) to act as proxy or hub: diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md index 28bac40cc5..c55fe2642d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md @@ -24,14 +24,15 @@ ms.topic: conceptual The Microsoft Defender ATP service is constantly being updated to include new feature enhancements and capabilities. -> [!TIP] -> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-abovefoldlink) +> [!TIP] +> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-abovefoldlink) Learn about new features in the Microsoft Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience. For more information on new capabilities that are generally available, see [What's new in Microsoft Defender ATP](whats-new-in-microsoft-defender-atp.md). ## Turn on preview features + You'll have access to upcoming features which you can provide feedback on to help improve the overall experience before features are generally available. Turn on the preview experience setting to be among the first to try upcoming features. @@ -41,12 +42,13 @@ Turn on the preview experience setting to be among the first to try upcoming fea 2. Toggle the setting between **On** and **Off** and select **Save preferences**. ## Preview features + The following features are included in the preview release: - [Microsoft Defender ATP for Linux](microsoft-defender-atp-linux.md)
Microsoft Defender ATP now adds support for Linux. Learn how to install, configure, update, and use Microsoft Defender ATP for Linux. - [Threat & Vulnerability Management API support](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list)
Run Threat & Vulnerability Management-related API calls such as get your organization's threat exposure score or device secure score, software and machine vulnerability inventory, software version distribution, machine vulnerability information, security recommendation information. - - - [Threat & Vulnerability supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os)
Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019. + + - [Threat & Vulnerability supported operating systems and platforms](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os)
Ensure that you meet the operating system or platform requisites for Threat & Vulnerability Management so the activities in your devices are properly accounted for. Threat & Vulnerability Management supports Windows 7, Windows 10 1607-1703, Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, Windows Server 2019.

Secure Configuration Assessment (SCA) supports Windows 10 1709+, Windows Server 2008R2, Windows Server 2012R2, Windows Server 2016, and Windows Server 2019. See [Secure Configuration Assessment (SCA) for Windows Server now in public preview](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/secure-configuration-assessment-sca-for-windows-server-now-in/ba-p/1243885) and [Reducing risk with new Threat & Vulnerability Management capabilities](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/reducing-risk-with-new-threat-amp-vulnerability-management/ba-p/978145) blogs for more information. - [Threat & Vulnerability Management granular exploit details](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)
You can now see a comprehensive set of details on the vulnerabilities found in your machine to give you informed decision on your next steps. The threat insights icon now shows more granular details, such as if the exploit is a part of an exploit kit, connected to specific advanced persistent campaigns or activity groups for which, Threat Analytics report links are provided that you can read, has associated zero-day exploitation news, disclosures, or related security advisories. diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md index a0465dd642..255962e9a7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md @@ -8,121 +8,131 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author: dolmont -author: DulceMontemayor +ms.author: ellevin +author: levinec ms.localizationpriority: medium manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 04/11/2019 --- -# Remediation and exception +# Remediation activities and exceptions + **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) ->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) >[!NOTE] >To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on. -After your organization's cybersecurity weaknesses are identified and mapped to actionable security recommendations, you can start creating security tasks through the integration with Microsoft Intune where remediation tickets are created. +After your organization's cybersecurity weaknesses are identified and mapped to actionable [security recommendations](tvm-security-recommendation.md), you can start creating security tasks through the integration with Microsoft Intune where remediation tickets are created. -You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations. +Lower your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations. -## Navigate through your remediation options -You can access the remediation page in a few places in the portal: -- Security recommendation flyout panel -- Remediation in the navigation menu -- Top remediation activities widget in the dashboard +## Remediation -*Security recommendation flyout page* -
You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard. -1. From the flyout panel, you'll see the security recommendation details including your next steps. Click **Remediation options**. -2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**. +## How remediation requests work + +When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity. A security task is created which will be tracked in the Threat & Vulnerability Management **Remediation** page, and a remediation ticket is created in Microsoft Intune. + +The dashboard will show the status of your top remediation activities. Select any of the entries to go to the **Remediation** page. You can mark the remediation activity as completed after the IT admin team remediates the task. + +## Accessing the Remediation page + +You can access the Remediation page in a few places in the portal: + +- Security recommendations flyout panel +- Navigation menu +- Top remediation activities in the dashboard + +### Security recommendation flyout page + +You'll see remediation options when you select one of the security recommendations in the [Security recommendations page](tvm-security-recommendation.md). + +1. From the flyout panel, you'll see the security recommendation details including next steps. Select **Remediation options**. +2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**. +3. Select a remediation due date. +4. Add notes to give your IT administrator a context of your remediation request. For example, you can indicate urgency of the remediation request to avoid potential exposure to a recent exploit activity, or if the request is a part of compliance. >[!NOTE] >If your request involves remediating more than 10,000 machines, we will only send 10,000 machines for remediation to Intune. -3. Select a remediation due date. -4. Add notes to give your IT administrator a context of your remediation request. For example, you can indicate urgency of the remediation request to avoid potential exposure to a recent exploit activity, or if the request is a part of compliance. - If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details. -*Remediation in the navigation menu* -1. Go to the Threat & Vulnerability Management navigation menu and select **Remediation** to open up the list of remediation activities and exceptions found in your organization. You can filter your view based on remediation type, machine remediation progress, and exception justification. If you want to see the remediation activities of software which have reached their end-of-life, select **Software uninstall** from the **Remediation type** filter. If you want to see the remediation activities of software and software versions which have reached their end-of-life, select **Software update** from the **Remediation type** filter. Select **In progress** then click **Apply**. +### Navigation menu + +1. Go to the Threat & Vulnerability Management navigation menu and select **Remediation** to open up the list of remediation activities and exceptions found in your organization. + + To see software which has reached end-of-support, select **Software uninstall** from the **Remediation type** filter. For specific software versions which have reached end-of-support, select **Software update** from the **Remediation type** filter. Select **In progress** then **Apply**. ![Screenshot of the remediation page filters for software update and uninstall](images/remediation_swupdatefilter.png) -2. Select the remediation activity that you need to see or process. -![Screenshot of the remediation page flyout for a software which reached its end-of-life](images/remediation_flyouteolsw.png) +2. Select the remediation activity that you want to view. +![Screenshot of the remediation page flyout for a software which reached end-of-support](images/remediation_flyouteolsw.png) -*Top remediation activities widget in the dashboard* -1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top remediation activities** widget. The list is sorted and prioritized based on what is listed in the **Top security recommendations**. -2. Select the remediation activity that you need to see or process. +### Top remediation activities card the dashboard -## How it works +1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top remediation activities** card. The list is sorted and prioritized based on what is listed in the **Top security recommendations**. +2. Select the remediation activity that you want to view. -When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity. -It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune. +## Exception options -The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task. +You can file exceptions to exclude certain recommendation from showing up in reports and affecting your [configuration score](configuration-score.md). -## When to file for exception instead of remediating issues -You can file exceptions to exclude certain recommendation from showing up in reports and affecting your configuration score. - -When you select a security recommendation, it opens up a flyout screen with details and options for your next step. You can either **Open software page**, choose from **Remediation options**, go through **Exception options** to file for exceptions, or **Report inaccuracy**. - -Select **Exception options** and a flyout screen opens. +When you select a [security recommendation](tvm-security-recommendation.md), it opens a flyout screen with details and options for your next steps. Select **Exception options** to fill out the justification and context. ![Screenshot of exception flyout screen](images/tvm-exception-flyout.png) ### Exception justification + If the security recommendation stemmed from a false positive report, or if there are existing business justification that blocks the remediation, such as compensating control, productivity needs, compliance, or if there's already a planned remediation grace period, you can file an exception and indicate the reason. The following list details the justifications behind the exception options: -- **Compensating/alternate control** - A 3rd party control that mitigates this recommendation exists, for example, if Network Firewall - - prevents access to a machine, third party antivirus -- **Productivity/business need** - Remediation will impact productivity or interrupt business-critical workflow -- **Accept risk** - Poses low risk and/or implementing a compensating control is too expensive -- **Planned remediation (grace)** - Already planned but is awaiting execution or authorization -- **Other** - False positive - - - ![Screenshot of exception reason dropdown menu](images/tvm-exception-dropdown.png) +- **Compensating/alternate control** - A 3rd party control that mitigates this recommendation exists, for example, if Network Firewall - - prevents access to a machine, third party antivirus +- **Productivity/business need** - Remediation will impact productivity or interrupt business-critical workflow +- **Accept risk** - Poses low risk and/or implementing a compensating control is too expensive +- **Planned remediation (grace)** - Already planned but is awaiting execution or authorization +- **Other** - False positive -### Exception visibility -The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab. -However, you also have the option to filter your view based on exception justification, type, and status. +![Screenshot of exception reason dropdown menu](images/tvm-exception-dropdown.png) + +### Where to find exceptions + +The exceptions you've filed will show up in the **Remediation** page, in the **Exceptions** tab. You can filter your view based on exception justification, type, and status. ![Screenshot of exception tab and filters](images/tvm-exception-filters.png) -Aside from that, there's also an option to **Show exceptions** at the bottom of the **Top security recommendations** card in the dashboard. +You can also select **Show exceptions** at the bottom of the **Top security recommendations** card in the dashboard. Selecting the link opens a filtered view in the **Security recommendations** page of recommendations with an "Exception" status. ![Screenshot of Show exceptions link in the Top security recommendations card in the dashboard](images/tvm-exception-dashboard.png) -Clicking the link opens up to the **Security recommendations** page, where you can select the item exempted item with details. +### Exception actions and statuses -![Screenshot of exception details in the Security recommendation page](images/tvm-exception-details.png) +You can take the following actions on an exception: -### Actions on exceptions -- Cancel - You can cancel the exceptions you've filed any time -- Resurface - Your exception automatically becomes void and resurfaces in the security recommendation list when dynamic environmental factors change, which adversely affect the exposure impact associated with a recommendation that had previously been excluded +- Cancel - You can cancel the exceptions you've filed any time +- Resurface - Your exception automatically becomes void and resurfaces in the security recommendation list when dynamic environmental factors change, which adversely affect the exposure impact associated with a recommendation that had previously been excluded -### Exception status -- **Canceled** - The exception has been canceled and is no longer in effect -- **Expired** - The exception that you've filed is no longer in effect -- **In effect** - The exception that you've filed is in progress +The following statuses will be a part of an exception: + +- **Canceled** - The exception has been canceled and is no longer in effect +- **Expired** - The exception that you've filed is no longer in effect +- **In effect** - The exception that you've filed is in progress ### Exception impact on scores + Creating an exception can potentially affect the Exposure Score (for both types of weaknesses) and Configuration Score (for configurations) of your organization in the following manner: -- **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores -- **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control. -- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Configuration Score results out of the exception option that you made + +- **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores +- **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control. +- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Configuration Score results out of the exception option that you made The exception impact shows on both the Security recommendations page column and in the flyout pane. ![Screenshot of where to find the exception impact](images/tvm-exception-impact.png) ## Related topics + - [Supported operating systems and platforms](tvm-supported-os.md) - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) @@ -132,11 +142,9 @@ The exception impact shows on both the Security recommendations page column and - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group) -- [Score APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/score) -- [Vulnerability APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability) -- [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software) -- [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine) -- [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability) - - +- [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) +- [Recommendation APIs](vulnerability.md) +- [Machine APIs](machine.md) +- [Score APIs](score.md) +- [Software APIs](software.md) +- [Vulnerability APIs](vulnerability.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md index bd569252f4..d9198f7ccc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md @@ -22,7 +22,7 @@ ms.topic: article - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) ->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) [!include[Prerelease information](../../includes/prerelease.md)] @@ -33,11 +33,11 @@ Operating system | Security assessment support Windows 7 | Operating System (OS) vulnerabilities Windows 8.1 | Not supported Windows 10 1607-1703 | Operating System (OS) vulnerabilities -Windows 10 1709+ |Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment -Windows Server 2008R2 | Operating System (OS) vulnerabilities
Software product vulnerabilities -Windows Server 2012R2 | Operating System (OS) vulnerabilities
Software product vulnerabilities -Windows Server 2016 | Operating System (OS) vulnerabilities
Software product vulnerabilities -Windows Server 2019 | Operating System (OS) vulnerabilities
Software product vulnerabilities +Windows 10 1709+ |Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment +Windows Server 2008R2 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment +Windows Server 2012R2 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment +Windows Server 2016 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment +Windows Server 2019 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment MacOS | Not supported (planned) Linux | Not supported (planned) diff --git a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md index d123f26a35..2efa65178d 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md +++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md @@ -22,6 +22,9 @@ manager: dansimp - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +> [!IMPORTANT] +> On March 31, 2020, the Windows Defender Antivirus reporting feature of Update Compliance will be removed. You can continue to define and review security compliance policies using [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager), which allows finer control over security features and updates. + You can use Windows Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the [Microsoft Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx). When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of devices or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you might encounter problems or issues.