Merge pull request #2172 from MicrosoftDocs/master

Publish 2/28/2020 10:36 AM PST

devices/hololens/hololens-FAQ.md

@@ -154,7 +154,18 @@ To make sure HoloLens can see your gestures, keep your hand in the gesture frame
 
 ## HoloLens doesn't respond to my voice
 
-If Cortana isn't responding to your voice, make sure Cortana is on. In the **All apps** list, select **Cortana** > **Menu** > **Notebook** > **Settings** to make changes. To learn more about what you can say, see [Use your voice with HoloLens](hololens-cortana.md).
+If your HoloLens is not responding to your voice, make sure Speech recognition is on. Go to **Start > Settings > Privacy > Speech** and turn on **Speech recognition**. 
+
+> [!NOTE]
+> This setting isn't available on HoloLens (1st Gen) because speech recognition is always on and cannot be disabled
+
+If Cortana isn't responding to your voice, make sure Cortana is on by enabling **Online speech recognition** in that same menu.
+
+- You can also easily reach this menu on HoloLens 2 by selecting the "Speech settings" button, or saying "Speech settings" while in the start menu after enabling Speech recognition.  
+
+- If Cortana is still not responding after enabling Online speech recognition, In the **All apps** list, select and launch **Cortana** > select **Menu** > **Notebook** > **Settings** to make changes. 
+
+To learn more about what you can say, see [Use your voice with HoloLens](hololens-cortana.md).
 
 [Back to list](#list)
 
@@ -194,7 +205,7 @@ If that doesn't help, see [Restart or recover the HoloLens clicker](hololens1-cl
 
 Here are some things to try if you can't connect to Wi-Fi on HoloLens:
 
-- Make sure Wi-Fi is turned on. Bloom to go to Start, then select **Settings** > **Network & Internet** > **Wi-Fi** to check. If Wi-Fi is on, try turning it off and on again.
+- Make sure Wi-Fi is turned on. Preform a Start gesture to open the menu, then select **Settings** > **Network & Internet** > **Wi-Fi** to check. If Wi-Fi is on, try turning it off and on again.
 - Move closer to the router or access point.
 - Restart your Wi-Fi router, then [restart HoloLens](hololens-recovery.md). Try connecting again.
 - If none of these things work, check to make sure your router is using the latest firmware. You can find this information on the manufacturers website.

devices/hololens/index.md

@@ -45,12 +45,13 @@ appliesto:
 | Topic | Description |
 | --- | --- |
 | [What's new in HoloLens](hololens-whats-new.md) | Discover new features in the latest updates via HoloLens release notes. |
-| [Install and manage applications on HoloLens](hololens-install-apps.md) | Install and manage important applications on HoloLens at scale.  |
+| [Install and manage applications on HoloLens](hololens-install-apps.md) | Install and manage important applications on HoloLens at scale. |
 | [HoloLens update management](hololens-updates.md) | Use mobile device management (MDM) policies to configure settings for updates. |
-| [HoloLens user management](hololens-multiple-users.md) | Multiple users can shared a HoloLens device by using their Azure Active Directory accounts. |
+| [HoloLens user management](hololens-multiple-users.md) | Multiple users can share a HoloLens device by using their Azure Active Directory accounts. |
 | [HoloLens application access management](hololens-kiosk.md) | Manage application access for different user groups.  |
-| [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) |  Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary.  |
+| [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) |  Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. |
-| [Get support](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in enterprise.  |
+| [Contact Support](https://support.microsoft.com/supportforbusiness/productselection) | Create a new support request for the business support team. | 
+| [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in the enterprise. |
 
 ## Related resources
 

devices/surface-hub/surface-hub-2s-manage-intune.md

@@ -9,7 +9,7 @@ ms.author: greglin
 manager: laurawi
 audience: Admin
 ms.topic: article
-ms.date: 06/20/2019
+ms.date: 02/28/2020
 ms.localizationpriority: Medium
 ---
 
@@ -48,9 +48,9 @@ To ensure optimal video and audio quality on Surface Hub 2S, add the following Q
 
 |**Name**|**Description**|**OMA-URI**|**Type**|**Value**|
 |:------ |:------------- |:--------- |:------ |:------- |
-|**Audio Ports**| Audio Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/SourcePortMatchCondition | String  | 50000-50019 |
+|**Audio Ports**| Audio Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/DestinationPortMatchCondition | String  | 3478-3479 |
 |**Audio DSCP**| Audio ports marking | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/DSCPAction | Integer | 46 |
-|**Video Ports**| Video Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/SourcePortMatchCondition | String  | 50020-50039 |
+|**Video Ports**| Video Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/DestinationPortMatchCondition | String  | 3480 |
 |**Video DSCP**| Video ports marking | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/DSCPAction | Integer | 34 |
 
 > [!NOTE]

windows/privacy/manage-windows-1903-endpoints.md

@@ -161,7 +161,6 @@ The following methodology was used to derive these network endpoints:
 |||HTTPS|ris.api.iris.microsoft.com|
 |Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
 |||HTTPS|*.prod.do.dsp.mp.microsoft.com|
-|||HTTP|cs9.wac.phicdn.net|
 |||HTTP|emdl.ws.microsoft.com|
 ||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com|
 |||HTTP|*.windowsupdate.com|

windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md

@@ -1,5 +1,5 @@
 ---
-title: Create an Application to access Microsoft Defender ATP without a user
+title: Create an app to access Microsoft Defender ATP without a user
 ms.reviewer: 
 description: Learn how to design a web app to get programmatic access to Microsoft Defender ATP without a user.
 keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query
@@ -23,104 +23,88 @@ ms.topic: article
 
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
-This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user.
+This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user. If you need programmatic access to Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md). If you are not sure which access you need, see [Get started](apis-intro.md).
-
-If you need programmatic access Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md)
-
-If you are not sure which access you need, see [Get started](apis-intro.md).
 
 Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate work flows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
 
 In general, you’ll need to take the following steps to use the APIs:
-- Create an AAD application
+- Create an Azure Active Directory (Azure AD) application.
-- Get an access token using this application
+- Get an access token using this application.
-- Use the token to access Microsoft Defender ATP API
+- Use the token to access Microsoft Defender ATP API.
 
-This page explains how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token.
+This article explains how to create an Azure AD application, get an access token to Microsoft Defender ATP, and validate the token.
 
 ## Create an app
 
-1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role.
+1. Log on to [Azure](https://portal.azure.com) with a user that has the **Global Administrator** role.
 
 2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. 
 
    ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png)
 
-3. In the registration form, choose a name for your application and then click **Register**.
+3. In the registration form, choose a name for your application, and then select **Register**.
 
-4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission:
+4. To enable your app to access Microsoft Defender ATP and assign it **'Read all alerts'** permission, on your application page, select **API Permissions** > **Add permission** > **APIs my organization uses** >, type **WindowsDefenderATP**, and then select **WindowsDefenderATP**.
 
-   - On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**.
+   > [!NOTE]
-
+   > WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
-   - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
 
    ![Image of API access and API selection](images/add-permission.png)
 
-   - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions**
+   - Select **Application permissions** > **Alert.Read.All**, and then select **Add permissions**.
 
    ![Image of API access and API selection](images/application-permissions.png)
 
-   **Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example!
+     Note that you need to select the relevant permissions. 'Read All Alerts' is only an example. For instance:
 
-     For instance,
+     - To [run advanced queries](run-advanced-query-api.md), select the 'Run advanced queries' permission.
-
+     - To [isolate a machine](isolate-machine.md), select the 'Isolate machine' permission.
-     - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
-     - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
      - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
 
-5. Click **Grant consent**
+5. Select **Grant consent**.
 
-	- **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect.
+     > [!NOTE]
+     > Every time you add a permission, you must select **Grant consent** for the new permission to take effect.
 
-	![Image of Grant permissions](images/grant-consent.png)
+    ![Image of Grant permissions](images/grant-consent.png)
 
-6. Add a secret to the application.
+6. To add a secret to the application, select **Certificates & secrets**, add a description to the secret, and then select **Add**.
 
-	- Click **Certificates & secrets**, add description to the secret and click **Add**.
+    > [!NOTE]
-
+    > After you select **Add**, select **copy the generated secret value**. You won't be able to retrieve this value after you leave.
-    **Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave!
 
     ![Image of create app key](images/webapp-create-key2.png)
 
-7. Write down your application ID and your tenant ID:
+7. Write down your application ID and your tenant ID. On your application page, go to **Overview** and copy the following.
-
-   - On your application page, go to **Overview** and copy the following:
 
    ![Image of created app id](images/app-and-tenant-ids.png)
 
-8. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted (available in all tenants after consent)
+8. **For Microsoft Defender ATP Partners only**. Set your app to be multi-tenanted (available in all tenants after consent). This is **required** for third-party apps (for example, if you create an app that is intended to run in multiple customers' tenant). This is **not required** if you create a service that you want to run in your tenant only (for example, if you create an application for your own usage that will only interact with your own data). To set your app to be multi-tenanted:
 
-    This is **required** for 3rd party applications (for example, if you create an application that is intended to run in multiple customers tenant).
+    - Go to **Authentication**, and add https://portal.azure.com as the **Redirect URI**.
 
-    This is **not required** if you create a service that you want to run in your tenant only (i.e. if you create an application for your own usage that will only interact with your own data)
+    - On the bottom of the page, under **Supported account types**, select the **Accounts in any organizational directory** application consent for your multi-tenant app.
 
-    - Go to **Authentication** > Add https://portal.azure.com as **Redirect URI**.
+    You need your application to be approved in each tenant where you intend to use it. This is because your application interacts Microsoft Defender ATP on behalf of your customer.
 
-    - On the bottom of the page, under **Supported account types**, mark **Accounts in any organizational directory**
+    You (or your customer if you are writing a third-party app) need to select the consent link and approve your app. The consent should be done with a user who has administrative privileges in Active Directory.
 
-    - Application consent for your multi-tenant Application:
+    The consent link is formed as follows: 
-
-    You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Microsoft Defender ATP application on behalf of your customer.
-
-    You (or your customer if you are writing a 3rd party application) need to click the consent link and approve your application. The consent should be done with a user who has admin privileges in the active directory.
-
-    Consent link is of the form: 
 
     ```
     https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true
     ```
 
-    where 00000000-0000-0000-0000-000000000000 should be replaced with your Application ID
+    Where 00000000-0000-0000-0000-000000000000 is replaced with your application ID.
 
 
-- **Done!** You have successfully registered an application! 
+**Done!** You have successfully registered an application! See examples below for token acquisition and validation.
-- See examples below for token acquisition and validation.
 
-## Get an access token examples:
+## Get an access token
 
-For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds)
+For more details on Azure AD tokens, see the [Azure AD tutorial](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds).
 
-### Using PowerShell
+### Use PowerShell
 
 ```
 # That code gets the App Context Token and save it to a file named "Latest-token.txt" under the current directory
@@ -144,19 +128,19 @@ Out-File -FilePath "./Latest-token.txt" -InputObject $token
 return $token
 ```
 
-### Using C#:
+### Use C#:
 
->The below code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8
+The following code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8.
 
-- Create a new Console Application
+1. Create a new console application.
-- Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/)
+1. Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/).
-- Add the below using
+1. Add the following:
 
     ```
     using Microsoft.IdentityModel.Clients.ActiveDirectory;
     ```
 
-- Copy/Paste the below code in your application (do not forget to update the 3 variables: ```tenantId, appId, appSecret```)
+1. Copy and paste the following code in your app (don't forget to update the three variables: ```tenantId, appId, appSecret```):
 
     ```
     string tenantId = "00000000-0000-0000-0000-000000000000"; // Paste your own tenant ID here
@@ -173,26 +157,25 @@ return $token
     ```
 
 
-### Using Python
+### Use Python
 
-Refer to [Get token using Python](run-advanced-query-sample-python.md#get-token)
+See [Get token using Python](run-advanced-query-sample-python.md#get-token).
 
-### Using Curl
+### Use Curl
 
 > [!NOTE]
-> The below procedure supposed Curl for Windows is already installed on your computer
+> The following procedure assumes that Curl for Windows is already installed on your computer.
 
-- Open a command window
+1. Open a command prompt, and set CLIENT_ID to your Azure application ID.
-- Set CLIENT_ID to your Azure application ID
+1. Set CLIENT_SECRET to your Azure application secret.
-- Set CLIENT_SECRET to your Azure application secret
+1. Set TENANT_ID to the Azure tenant ID of the customer that wants to use your app to access Microsoft Defender ATP.
-- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access Microsoft Defender ATP application
+1. Run the following command:
-- Run the below command:
 
 ```
 curl -i -X POST -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=client_credentials" -d "client_id=%CLIENT_ID%" -d "scope=https://securitycenter.onmicrosoft.com/windowsatpservice/.default" -d "client_secret=%CLIENT_SECRET%" "https://login.microsoftonline.com/%TENANT_ID%/oauth2/v2.0/token" -k
 ```
 
-You will get an answer of the form:
+You will get an answer in the following form:
 
 ```
 {"token_type":"Bearer","expires_in":3599,"ext_expires_in":0,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIn <truncated> aWReH7P0s0tjTBX8wGWqJUdDA"}
@@ -200,20 +183,21 @@ You will get an answer of the form:
 
 ## Validate the token
 
-Sanity check to make sure you got a correct token:
+Ensure that you got the correct token:
-- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it
+
-- Validate you get a 'roles' claim with the desired permissions
+1. Copy and paste the token you got in the previous step into [JWT](https://jwt.ms) in order to decode it.
-- In the screen shot below you can see a decoded token acquired from an Application with permissions to all of Microsoft Defender ATP's roles:
+1. Validate that you get a 'roles' claim with the desired permissions
+1. In the following image, you can see a decoded token acquired from an app with permissions to all of Microsoft Defender ATP's roles:
 
 ![Image of token validation](images/webapp-decoded-token.png)
 
 ## Use the token to access Microsoft Defender ATP API
 
-- Choose the API you want to use, for more information, see [Supported Microsoft Defender ATP APIs](exposed-apis-list.md)
+1. Choose the API you want to use. For more information, see [Supported Microsoft Defender ATP APIs](exposed-apis-list.md).
-- Set the Authorization header in the Http request you send to "Bearer {token}" (Bearer is the Authorization scheme)
+1. Set the authorization header in the http request you send to "Bearer {token}" (Bearer is the authorization scheme).
-- The Expiration time of the token is 1 hour (you can send more then one request with the same token)
+1. The expiration time of the token is one hour. You can send more then one request with the same token.
 
-- Example of sending a request to get a list of alerts **using C#** 
+The following is an example of sending a request to get a list of alerts **using C#**: 
     ```
     var httpClient = new HttpClient();
 

windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md

@@ -22,7 +22,7 @@ ms.topic: conceptual
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-Microsoft Threat Experts is a managed detection and response (MDR) service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
+Microsoft Threat Experts is a managed threat hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
   
 This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand.