deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 10:53:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #10933 from MicrosoftDocs/main
Some checks failed
(Scheduled) Publish to live / auto-publish (push) Has been cancelled
Details
(Scheduled) Mark stale pull requests / stale (push) Has been cancelled
Details
(Scheduled) Stale branch removal / stale-branch (push) Has been cancelled
Details

Browse Source 
[AutoPublish] main to live - 06/13 10:33 PDT | 06/13 23:03 IST
This commit is contained in:
m365-skilling-repo-management[bot]
2025-06-13 17:35:49 +00:00
committed by GitHub
parent 7303429a99 1fcf50fce9
commit d344efd73c
4 changed files with 109 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
windows/client-management/manage-recall.md
View File

@ -3,7 +3,7 @@ title: Manage Recall for Windows clients
description: Learn how to manage Recall for commercial environments and about Recall features.
ms.topic: how-to
ms.subservice: windows-copilot
ms.date: 04/24/2025
ms.date: 06/13/2025
ms.author: mstewart
author: mestew
ms.collection:
@ -81,6 +81,8 @@ By default, Recall is removed on commercially managed devices. If you want to al
- Storage policies apply only to Enterprise and Education editions of Windows
- [App and website filtering policies](#app-and-website-filtering-policies)
- App and website filtering policies apply only to Enterprise and Education editions of Windows
- [Allow export of Recall and snapshot information](#allow-export-of-recall-and-snapshot-information)
- The export of Recall and snapshot information feature and its policy applies only to devices in the European Economic Area (EEA)
> [!IMPORTANT]
> The policy to manage Click to Do doesn't affect Click to Do in Recall. For more information, see [Manage Click to Do](manage-click-to-do.md).
@ -159,6 +161,37 @@ To filter websites from being saved in snapshots, use the **Set a list of URIs t
| **CSP** | ./Device/Vendor/MSFT/Policy/Config/WindowsAI/[SetDenyAppListForRecall](mdm/policy-csp-windowsai.md#setdenyapplistforrecall) </br></br> ./User/Vendor/MSFT/Policy/Config/WindowsAI/[SetDenyAppListForRecall](mdm/policy-csp-windowsai.md#setdenyapplistforrecall)|
| **Group policy** | Computer Configuration > Administrative Templates > Windows Components > Windows AI > **Set a list of apps to be filtered from snapshots for Recall** </br></br>User Configuration > Administrative Templates > Windows Components > Windows AI > **Set a list of apps to be filtered from snapshots for Recall**|
## Allow export of Recall and snapshot information
<!--9257953-->
The Recall export experience is available in preview to Copilot + PCs through the Windows Insiders Program. For more information, see [Announcing Windows 11 Insider Preview Build 26120.4441 (Beta Channel)](https://blogs.windows.com/windows-insider/2025/06/13/announcing-windows-11-insider-preview-build-26120-4441-beta-channel/).
In the European Economic Area (EEA), users can choose to [export their Recall snapshots](https://support.microsoft.com/topic/680bd134-4aaa-4bf5-8548-a8e2911c8069) if IT admins allow exporting. By default, exporting Recall and snapshot information is disabled for managed devices. Exporting allows users to share their Recall and snapshot information with third-party apps or websites that the user trusts. Exporting is optional, and users can review their snapshots at any time in Recall without needing to export. Exported information includes:
- Snapshots, including snapshots that the user or Recall saved
- Snapshot details, including information related to each snapshot such as the time and date it was saved along with associated information from opened apps
The user has the following two options for exporting Recall snapshots:
- **Export past snapshots**: A single export of all the user's Recall snapshots from the last 7 days, last 30 days, or all of their snapshots.
- **Export snapshots from now on**: Starts a continuous export of snapshots from the time the user turns on this setting until they turn it off or reset Recall. Users will be reminded every 30 days that continuous export is enabled.
The **Allow export of Recall and snapshot information** policy allows IT admins to determine whether users can export their own Recall and snapshot information. Exporting allows users to share their Recall and snapshot information with apps or websites. **Settings** > **Privacy & Security** > **Recall & Snapshots** > **Advanced Settings** > **Export snapshots** > **Export past snapshots** > **Export**.
Users can also choose to continuously export their snapshots if they turn on the option to **Export snapshots from now on** from **Settings** > **Privacy & Security** > **Recall & Snapshots** > **Advanced Settings** > **Export snapshots** > **Export**.
Before starting an export, the user must authenticate with Windows Hello and they're notified that their exported snapshots are encrypted since they might contain sensitive information. The user is also notified that they'll need to provide their Recall export code if they want to allow apps or websites access to exported snapshots. The Recall export code is displayed to users during Recall setup even if this policy is set to disabled or not configured. For managed devices:
- When you set this policy to enabled, users will be able to export their Recall snapshots
- If the policy is set to disabled or not configured, users won't be able to export their Recall snapshots.
> [!Important]
> - This setting applies to devices in the European Economic Area (EEA) only. Export of Recall snapshots is a user-initiated process and is per user. IT admins or other users can't initiate an export on behalf of another.
> - Changes to this policy take effect after device restart.
> - Developer documentation will be coming at a later date.
| &nbsp; | Setting |
|---|---|
| **CSP** | ./Device/Vendor/MSFT/Policy/Config/WindowsAI/[AllowRecallExport](mdm/policy-csp-windowsai.md#allowrecallexport) |
| **Group policy** | Computer Configuration > Administrative Templates > Windows Components > Windows AI > **Allow export of Recall and snapshot information** |
## Remote desktop connection clients filtered from snapshots
@ -172,6 +205,8 @@ Snapshots won't be saved when supported remote desktop clients are used. The rem
> [!Note]
> Clients will be saved by Recall unless the client implements screen capture protection, for example [screen capture protection in Azure Virtual desktop](/azure/virtual-desktop/screen-capture-protection). Clients can control how screen capture protection is implemented and may allow some pages to be saved but not the remote session. Customers can always add filters for specific client apps. Check with the provider of your remote client software for details on their screen capture policy. For information about adding screen capture protection to a client, see the [Information for developers](#information-for-developers) section.
## Bring your own device (BYOD) considerations
For managed devices, IT admins have control over if they want to allow users access to Recall. It's removed by default unless IT sets the policy to enable Recall. When organizations allow users to BYOD, they need to consider the following:

3
windows/client-management/mdm/policies-in-preview.md
View File

@ -1,7 +1,7 @@
---
title: Configuration service provider preview policies
description: Learn more about configuration service provider (CSP) policies that are available for Windows Insider Preview.
ms.date: 06/09/2025
ms.date: 06/12/2025
ms.topic: generated-reference
---
@ -227,6 +227,7 @@ This article lists the policies that are applicable for Windows Insider Preview
- [SetMaximumStorageSpaceForRecallSnapshots](policy-csp-windowsai.md#setmaximumstoragespaceforrecallsnapshots)
- [SetMaximumStorageDurationForRecallSnapshots](policy-csp-windowsai.md#setmaximumstoragedurationforrecallsnapshots)
- [DisableClickToDo](policy-csp-windowsai.md#disableclicktodo)
- [AllowRecallExport](policy-csp-windowsai.md#allowrecallexport)
- [DisableImageCreator](policy-csp-windowsai.md#disableimagecreator)
- [DisableCocreator](policy-csp-windowsai.md#disablecocreator)
- [DisableGenerativeFill](policy-csp-windowsai.md#disablegenerativefill)

70
windows/client-management/mdm/policy-csp-windowsai.md
View File

@ -1,7 +1,7 @@
---
title: WindowsAI Policy CSP
description: Learn more about the WindowsAI Area in Policy CSP.
ms.date: 05/02/2025
ms.date: 06/12/2025
ms.topic: generated-reference
---
@ -85,6 +85,74 @@ This policy setting allows you to determine whether the Recall optional componen
<!-- AllowRecallEnablement-End -->
<!-- AllowRecallExport-Begin -->
## AllowRecallExport
<!-- AllowRecallExport-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview |
<!-- AllowRecallExport-Applicability-End -->
<!-- AllowRecallExport-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/WindowsAI/AllowRecallExport
```
<!-- AllowRecallExport-OmaUri-End -->
<!-- AllowRecallExport-Description-Begin -->
<!-- Description-Source-DDF -->
This policy allows you to determine whether users can export their own Recall and snapshot information. Exporting allows users to share their Recall and snapshot information with trusted apps or websites. Users can export from Settings > Privacy & security > Recall & snapshots > Advanced settings > Export snapshots > Export past snapshots > Export.
Users can also choose to continuously export their snapshots if they turn on the option to Export snapshots from now on from Settings > Privacy & security > Recall & snapshots > Advanced settings > Export snapshots > Export.
Before starting an export, the user must authenticate with Windows Hello and they're notified that their exported snapshots are encrypted since they might contain sensitive information. The user is also notified that they'll need to provide their Recall export code if they want to allow apps or websites access to exported snapshots. The Recall export code is displayed to users during Recall setup even if this policy is set to disabled or not configured. For managed devices:
- When you set this policy to enabled, users will be able to export Recall and snapshot information.
- If the policy is set to disabled or not configured, users won't be able to export their Recall and snapshot information.
> [!IMPORTANT]
> - This setting applies to devices in the European Economic Area (EEA) only. Export of Recall and snapshot information is a user-initiated process and is per user. IT admins or other users can't initiate an export on behalf of another.
> - Changes to this policy take effect after device restart.
<!-- AllowRecallExport-Description-End -->
<!-- AllowRecallExport-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- AllowRecallExport-Editable-End -->
<!-- AllowRecallExport-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | `int` |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- AllowRecallExport-DFProperties-End -->
<!-- AllowRecallExport-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 (Default) | Deny export of Recall and snapshots information. |
| 1 | Allow export of Recall and snapshot information. |
<!-- AllowRecallExport-AllowedValues-End -->
<!-- AllowRecallExport-GpMapping-Begin -->
**Group policy mapping**:
| Name | Value |
|:--|:--|
| Name | AllowRecallExport |
| Path | WindowsAI > AT > WindowsComponents > WindowsAI |
<!-- AllowRecallExport-GpMapping-End -->
<!-- AllowRecallExport-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- AllowRecallExport-Examples-End -->
<!-- AllowRecallExport-End -->
<!-- DisableAIDataAnalysis-Begin -->
## DisableAIDataAnalysis

2
windows/whats-new/enable-extended-security-updates.md
View File

@ -151,7 +151,7 @@ If the device doesn't have access to the internet or to the Microsoft Activation
## Activate large numbers of devices that don't have internet access
For more information on how to do manual activation of large numbers of devices, review the Volume Activation Management Tool (VAMT) [Proxy Activation](/windows/deployment/volume-activation/proxy-activation-vamt) scenario. You should install the latest [Automated Deployment Kit (ADK) tool](/windows-hardware/get-started/adk-install) to ensure that the VAMT tool includes updated PkeyConfig files for Windows 10 ESU MAK keys.
For more information on how to do manual activation of large numbers of devices, review the Volume Activation Management Tool (VAMT) [Proxy Activation](/windows/deployment/volume-activation/proxy-activation-vamt) scenario. You should install the latest [Automated Deployment Kit (ADK) tool](/windows-hardware/get-started/adk-install) to ensure that you have the latest VAMT. You'll also need to install an update to the VMAT from [https://www.microsoft.com/download/details.aspx?id=106364](https://www.microsoft.com/download/details.aspx?id=106364) so it includes updated PkeyConfig files for Windows 10 ESU MAK keys.
For more information on adding additional activations to a Windows 10 ESU MAK, see [Request an increase to MAK activation limits](/microsoft-365/commerce/licenses/product-keys-for-vl#request-an-increase-to-mak-activation-limits).