diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 47f6a1f4ed..6568445c8a 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -1,11 +1,6 @@ { "redirections": [ { -"source_path": "windows/deployment/update/waas-servicing-differences.md", -"redirect_url": "https://docs.microsoft.com/windows/deployment/update/windows-as-a-service", -"redirect_document_id": true -}, -{ "source_path": "windows/application-management/msix-app-packaging-tool-walkthrough.md", "redirect_url": "https://docs.microsoft.com/windows/msix/mpt-overview", "redirect_document_id": true diff --git a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md index 5d6a571e4a..424b01e58e 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md +++ b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md @@ -20,8 +20,8 @@ ms.date: 07/27/2017 Use Internet Explorer to collect data on computers running Windows Internet Explorer 8 through Internet Explorer 11 on Windows 10, Windows 8.1, or Windows 7. This inventory information helps you build a list of websites used by your company so you can make more informed decisions about your IE deployments, including figuring out which sites might be at risk or require overhauls during future upgrades. ->**Upgrade Analytics and Windows upgrades**
->You can use Upgrade Analytics to help manage your Windows 10 upgrades on devices running Windows 8.1 and Windows 7 (SP1). You can also use Upgrade Analytics to review several site discovery reports. Check out Upgrade Analytics from [here](https://technet.microsoft.com/itpro/windows/deploy/upgrade-analytics-get-started). +>**Upgrade Readiness and Windows upgrades**
+>You can use Upgrade Readiness to help manage your Windows 10 upgrades on devices running Windows 8.1 and Windows 7 (SP1). You can also use Upgrade Readiness to review several site discovery reports. For more information, see [Manage Windows upgrades with Upgrade Readiness](https://docs.microsoft.com/en-us/windows/deployment/upgrade/manage-windows-upgrades-with-upgrade-readiness). ## Before you begin diff --git a/devices/surface-hub/first-run-program-surface-hub.md b/devices/surface-hub/first-run-program-surface-hub.md index 6fcee63f5d..346d0c8d8a 100644 --- a/devices/surface-hub/first-run-program-surface-hub.md +++ b/devices/surface-hub/first-run-program-surface-hub.md @@ -335,9 +335,11 @@ This is what happens when you choose an option. - **Use Microsoft Azure Active Directory** - Clicking this option allows you to join the device to Azure AD. Once you click **Next**, the device will restart to apply some settings, and then you’ll be taken to the [Use Microsoft Azure Active Directory](#use-microsoft-azure) page and asked to enter credentials that can allow you to join Azure AD. After joining, admins from the joined organization will be able to use the Settings app. The specific people that will be allowed depends on your Azure AD subscription and how you’ve configured the settings for your Azure AD organization. + Clicking this option allows you to join the device to Azure AD. Once you click **Next**, the device will restart to apply some settings, and then you’ll be taken to the [Use Microsoft Azure Active Directory](#use-microsoft-azure) page and asked to enter credentials that can allow you to join Azure AD. Members of the Azure Global Admins security group from the joined organization will be able to use the Settings app. The specific people that will be allowed depends on your Azure AD subscription and how you’ve configured the settings for your Azure AD organization. >[!IMPORTANT] + >Administrators added to the Azure Global Admins group after you join the device to Azure AD will be unable to use the Settings app. + > >If you join Surface Hub to Azure AD during first-run setup, single sign-on (SSO) for Office apps will not work properly. Users will have to sign in to each Office app individually. - **Use Active Directory Domain Services** diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md index 1d736b1ece..7f519a64e2 100644 --- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md +++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md @@ -18,7 +18,7 @@ ms.topic: article This article provides a list of the available downloads for Surface devices and links to download the drivers and firmware for your device. -As easy as it is to keep Surface device drivers and firmware up to date automatically with Windows Update, it is sometimes necessary to download and install updates manually, such as during a Windows deployment. For any situation where you need to install drivers and firmware separately from Windows Update, you can find the files available for download at the Microsoft Download Center. +Although Surface devices are typically automatically updated with the latest device drivers and firmware via Windows Update, sometimes it's necessary to download and install updates manually, such as during a Windows deployment. If you need to install drivers and firmware separately from Windows Update, you can find the requisite files on the Microsoft Download Center. On the Microsoft Download Center page for your device, you will find several files available. These files allow you to deploy drivers and firmware in various ways. You can read more about the different deployment methods for Surface drivers and firmware in [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md). @@ -27,31 +27,29 @@ Driver and firmware updates for Surface devices are **cumulative updates** which Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices and are detailed here in this article. >[!NOTE] ->To simplify the process of locating drivers for your device, downloads for Surface devices have been reorganized to separate pages for each model. Bookmark the Microsoft Download Center page for your device from the links provided on this page. Many of the filenames contain a placeholder denoted with *xxxxxx*, which identifies the current version number or date of the file. -  - -Recent additions to the downloads for Surface devices provide you with options to install Windows 10 on your Surface devices and update LTE devices with the latest Windows 10 drivers and firmware. - - - ->[!NOTE] ->A battery charge of 40% or greater is required before you install firmware to a Surface device. See [Microsoft Support article KB2909710](https://go.microsoft.com/fwlink/p/?LinkId=618106) for more information. +>Many of the filenames contain a placeholder denoted with *xxxxxx*, representing the latest version number listed in the Microsoft Download Center. A battery charge of 40 percent or greater is required before you install firmware to a Surface device. See [Microsoft Support article KB2909710](https://go.microsoft.com/fwlink/p/?LinkId=618106) for more information. ## Surface Laptop 2 Download the following updates for [Surface Laptop 2 from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57515). -* SurfaceLaptop2_Win10_XXXXX_XXXXXXX_X.msi – Cumulative firmware and driver update package for Windows 10 +* SurfaceLaptop2_Win10_xxxxx_xxxxxxx_x.msi – Cumulative firmware and driver update package for Windows 10 ## Surface Pro 6 Download the following updates for [Surface Pro 6 from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57514). -* SurfacePro6_Win10_XXXXX_XXXXXXX_X.msi – Cumulative firmware and driver update package for Windows 10 +* SurfacePro6_Win10_xxxxx_xxxxxxx_x.msi – Cumulative firmware and driver update package for Windows 10 -## Surface GO +## Surface Go -Download the following updates for [Surface GO from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57439). -* SurfaceGO_Win10_17134_1802010_6.msi - Cumulative firmware and driver update package for Windows 10 +Download the following updates for [Surface Go from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57439). +* SurfaceGO_Win10_xxxxx_xxxxxxx_x.msi - Cumulative firmware and driver update package for Windows 10 + +## Surface Go with LTE Advanced + +Download the following updates for [Surface Go with LTE Advanced from the Microsoft Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=57601). + +* SurfaceGo_Win10_xxxxx_xxxxxxx_LTE_1.msi - Cumulative firmware and driver update package for Windows 10 including optional WinTab drivers. ## Surface Book 2 @@ -79,7 +77,7 @@ Download the following updates for [Surface Pro with LTE Advanced from the Micro Download the following updates for [Surface Pro 6 from the Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=57514). -* SurfacePro6_Win10_17134_xxxxx_xxxxxx.msi +* SurfacePro6_Win10_xxxxx_xxxxxxx_x.msi ## Surface Studio diff --git a/windows/client-management/mdm/images/custom-profile-prevent-device-ids.png b/windows/client-management/mdm/images/custom-profile-prevent-device-ids.png index d949232d44..ef6c3f78cb 100644 Binary files a/windows/client-management/mdm/images/custom-profile-prevent-device-ids.png and b/windows/client-management/mdm/images/custom-profile-prevent-device-ids.png differ diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 9397bb5aae..9b9cc1b64f 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -2785,7 +2785,7 @@ ADMX Info: Supported values: - Blank (default) - Load the pages specified in App settings as the default Start pages. -- String - Enter the URLs of the pages you want to load as the Start pages, separating each page using angle brackets:

      \ \ +- String - Enter the URLs of the pages you want to load as the Start pages, separating each page using angle brackets and comma:

      \,\ diff --git a/windows/client-management/mdm/policy-csp-deviceinstallation.md b/windows/client-management/mdm/policy-csp-deviceinstallation.md index 7380b5d410..a4b7177795 100644 --- a/windows/client-management/mdm/policy-csp-deviceinstallation.md +++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md @@ -442,13 +442,6 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i <<< Section end 2018/11/15 12:26:41.751 <<< [Exit status: SUCCESS] ``` - -Windows Defender ATP also blocks installation and usage of prohibited peripherals by using a custom profile in Intune. - -For example, this custom profile blocks installation and usage of USB devices with hardware IDs "USBSTOR\DiskVendorCo" and "USBSTOR\DiskSanDisk_Cruzer_Glide_3.0", and applies to USB devices with matching hardware IDs that are already installed. - -![Custom profile](images/custom-profile-prevent-device-ids.png) -

@@ -546,6 +539,13 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i <<< [Exit status: SUCCESS] ``` +Windows Defender ATP also blocks installation and usage of prohibited peripherals by using a custom profile in Intune. + +For example, this custom profile blocks installation and usage of USB devices with hardware IDs "USB\Composite" and "USB\Class_FF", and applies to USB devices with matching hardware IDs that are already installed. + +![Custom profile](images/custom-profile-prevent-device-ids.png) + + **DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses** diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md index 94e15bf96e..e258974ff4 100644 --- a/windows/client-management/mdm/policy-csp-devicelock.md +++ b/windows/client-management/mdm/policy-csp-devicelock.md @@ -288,7 +288,7 @@ The following list shows the supported values: -Determines the type of PIN or password required. This policy only applies if the **DeviceLock/DevicePasswordEnabled** policy is set to 0 (required). +Determines the type of PIN required. This policy only applies if the **DeviceLock/DevicePasswordEnabled** policy is set to 0 (required). > [!NOTE] > This policy must be wrapped in an Atomic command. @@ -306,9 +306,9 @@ Determines the type of PIN or password required. This policy only applies if the The following list shows the supported values: -- 0 – Alphanumeric PIN or password required. -- 1 – Numeric PIN or password required. -- 2 (default) – Users can choose: Numeric PIN or password, or Alphanumeric PIN or password. +- 0 – Password or Alphanumeric PIN required. +- 1 – Password or Numeric PIN required. +- 2 (default) – Password, Numeric PIN, or Alphanumeric PIN required. diff --git a/windows/deployment/update/images/security-only-update.png b/windows/deployment/update/images/security-only-update.png new file mode 100644 index 0000000000..9ed3d0f791 Binary files /dev/null and b/windows/deployment/update/images/security-only-update.png differ diff --git a/windows/deployment/update/waas-servicing-differences.md b/windows/deployment/update/waas-servicing-differences.md new file mode 100644 index 0000000000..27e3799565 --- /dev/null +++ b/windows/deployment/update/waas-servicing-differences.md @@ -0,0 +1,115 @@ +--- +title: Servicing differences between Windows 10 and older operating systems +description: Learn the differences between servicing Windows 10 and servicing older operating systems. +keywords: updates, servicing, current, deployment, semi-annual channel, feature, quality, rings, insider, tools +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +author: KarenSimWindows +ms.localizationpriority: medium +ms.author: karensim +--- +# Understanding the differences between servicing Windows 10-era and legacy Windows operating systems + +>Applies to: Windows 10 + +>**February 15, 2019: This document has been corrected and edited to reflect that security-only updates for legacy OS versions are not cumulative. They were previously identified as cumulative similar to monthly rollups, which is inaccurate.** + +Today, many enterprise customers have a mix of modern and legacy client and server operating systems. Managing the servicing and updating differences between those legacy operating systems and Windows 10 versions adds a level of complexity that is not well understood. This can be confusing. With the end of support for legacy [Windows 7 SP1](https://support.microsoft.com/help/4057281/windows-7-support-will-end-on-january-14-2020) and Windows Server 2008 R2 variants on January 14, 2020, System Administrators have a critical need critical to understand how best to leverage a modern workplace to support system updates. + +The following provides an initial overview of how updating client and server differs between the Windows 10-era Operating Systems (such as, Windows 10 version 1709, Windows Server 2016) and legacy operating systems (such as Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2). + +>[!NOTE] +>A note on naming convention in this article: For brevity, "Windows 10" refers to all operating systems across client, server and IoT released since July 2015, while "legacy" refers to all operating systems prior to that period for client and server, including Windows 7, Window 8.1, Windows Server 2008 R2, Windows Server 2012 R2, etc. + +## Infinite fragmentation +Prior to Windows 10, all updates to operating system (OS) components were published individually. On "Update Tuesday," customers would pick and choose individual updates they wanted to apply. Most chose to update security fixes, while far fewer selected non-security fixes, updated drivers, or installed .NET Framework updates. + +As a result, each environment within the global Windows ecosystem that had only a subset of security and non-security fixes installed had a different set of binaries and behaviors than those that consistently installed every available update as tested by Microsoft. + +This resulted in a fragmented ecosystem that created diverse challenges in predictively testing interoperability, resulting in high update failure rates - which were subsequently mitigated by customers removing individual updates that were causing issues. Each customer that selectively removed individual updates amplified this fragmentation by creating more diverse environment permutations across the ecosystem. As an IT Administrator once quipped, "If you’ve seen one Windows 7 PC, you have seen one Windows 7 PC," suggesting no consistency or predictability across more than 250M commercial devices at the time. + +## Windows 10 – Next generation +Windows 10 provided an opportunity to end the era of infinite fragmentation. With Windows 10 and the Windows as a service model, updates came rolled together in the "latest cumulative update" (LCU) packages for both client and server. Every new update published includes all changes from previous updates, as well as new fixes. Since Windows client and server share the same code base, these LCUs allow the same update to be installed on the same client and server OS family, further reducing fragmentation. + +This helps simplify servicing. Devices with the original Release to Market (RTM) version of a feature release installed could get up to date by installing the most recent LCU. + +Windows publishes the new LCU packages for each Windows 10 version (1607, 1709, etc.) on the second Tuesday of each month. This package is classified as a required security update and contains contents from the previous LCU as well as new security, non-security and Internet Explorer 11 (IE11) fixes. The security classification, by definition, requires a reboot of the device to complete installation of the update. + + +![High level cumulative update model](images/servicing-cadence.png) +*Figure 1.0 - High level cumulative update model* + +Another benefit of the LCU model is fewer steps. Devices that have the original Release to Market (RTM) version of a release can install the most recent LCU to get up to date in one step, rather than having to install multiple updates with reboots after each. + +This cumulative update model for Windows 10 has helped provide the Windows ecosystem with consistent update experiences that can be predicted by baseline testing before release. Even with highly complex updates with hundreds of fixes, the number of incidents with monthly security updates for Windows 10 have fallen month over month since the initial release of Windows 10. + +### Points to consider + +- Windows 10 does not have the concept of a Security-Only or Monthly Rollup for updates. All updates are an LCU package, which includes the last release plus anything new. +- Windows 10 no longer has the concept of a "hotfix" since all individual updates must be rolled into the cumulative packages. (Note: Any private fix is offered for customer validation only, and then rolled into an LCU.) +- [Updates for the .NET Framework](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/) are NOT included in the Windows 10 LCU. They are separate packages with different behaviors depending on the version of .NET Framework being updated, and on which OS. As of October 2018, .NET Framework updates for Windows 10 will be separate and have their own cumulative update model. +- For Windows 10, available update types vary by publishing channel: + - For customers using Windows Server Update Services (WSUS) and for the Update Catalog, several different updates types for Windows 10 are rolled together for the core OS in a single LCU package, with exception of Servicing Stack Updates. + - Servicing Stack Updates (SSU) are available for download from the Update Catalog and can be imported through WSUS, but will not be automatically synced. (See this example for Windows 10, version 1709) For more information on Servicing Stack Updates, please see this blog. + - For customers connecting to Windows Update, the new cloud update architecture uses a database of updates which break out all the different update types, including Servicing Stack Updates (SSU) and Dynamic Updates (DU). The update scanning in the Windows 10 servicing stack on the client automatically takes only the updates that are needed by the device to be completely up to date. +- Windows 7 and other legacy operating systems have cumulative updates that operate differently than in Windows 10 (see next section). + +## Windows 7 and legacy OS versions +While Windows 10 updates could have been controlled as cumulative from "Day 1," the legacy OS ecosystem for both client and server was highly fragmented. Recognizing the challenges of update quality in a fragmented environment, we moved Windows 7 to a cumulative update model in October 2016. + +Customers saw the LCU model used for Windows 10 as having packages that were too large and represented too much of a change for legacy operating systems, so a different model was implemented. Windows instead offered one cumulative package (Monthly Rollup) and one individual package (Security Only) for all legacy operating systems. + +The Monthly Rollup includes new non-security (if appropriate), security updates, Internet Explorer (IE) updates, and all updates from the previous month similar to the Windows 10 model. The Security-only package includes only new security updates for the month. This means that any security updates from any previous month are not included in current month’s Security-Only Package. If a Security-Only update is missed, it is missed. Those updates will not appear in a future Security-Only update. Additionally, a cumulative package is offered for IE, which can be tested and installed separately, reducing the total update package size. The IE cumulative update includes both security and non-security fixes following the same model as Windows 10. + +![Legacy OS security-only update model](images/security-only-update.png) +*Figure 2.0 - Legacy OS security-only update model* + +Moving to the cumulative model for legacy OS versions continues to improve predictability of update quality. The Windows legacy environments which have fully updated machines with Monthly Rollups are running the same baseline against which all legacy OS version updates are tested. These include all of the updates (security and non-security) prior to and after October 2016. Many customer environments do not have all updates prior to this change installed, which leaves some continued fragmentation in the ecosystem. Further, customers who are installing Security-Only Updates and potentially doing so inconsistently are also more fragmented than Microsoft’s test environments for legacy OS version. This remaining fragmentation results in issues like those seen when the September 2016 Servicing Stack Update (SSU) was needed for smooth installation of the August 2018 security update. These environments did not have the SSU applied previously. + +### Points to consider +- Windows 7 and Windows 8 legacy operating system updates [moved from individual to cumulative in October 2016](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/More-on-Windows-7-and-Windows-8-1-servicing-changes/ba-p/166783). Devices with updates missing prior to that point are still missing those updates, as they were not included in the subsequent cumulative packages. +- "Hotfixes" are no longer published for legacy OS versions. All updates are rolled into the appropriate package depending on their classification as either non-security, security, or Internet Explorer updates. (Note: any private fix is offered for customer validation only. Once validated they are then rolled into a Monthly Rollup or IE cumulative update, as appropriate.) +- Both Monthly Rollups and Security-only updates released on Update Tuesday for legacy OS versions are identified as "security required" updates, because both have the full set of security updates in them. The Monthly Rollup may have additional non-security updates that are not included in the Security Only update. The "security" classification requires the device be rebooted so the update can be fully installed. +- Given the differences between the cumulative Monthly Rollups and the single-month Security-only update packages, switching between these update types is not advised. Differences in the baselines of these packages may result in installation errors and conflicts. Choosing one and staying on that update type with high consistency – Monthly Rollup or Security-only – is recommended. +- With all Legacy OS versions now in the Extended Support stage of their 10-year lifecycle, they typically receive only security updates for both Monthly Rollup and Security Only updates. Using Express for the Monthly Rollup results in almost the same package size as Security Only, with the added confidence of ensuring all relevant updates are installed. +- In [February 2017](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplified-servicing-for-Windows-7-and-Windows-8-1-the-latest/ba-p/166798), Windows pulled IE updates out of the legacy OS versions Security-only updates, while leaving them in the Monthly Rollup updates. This was done specifically to reduce package size based on customer feedback. +- The IE cumulative update includes both security and non-security updates and is also needed for to help secure the entire environment. This update can be installed separately or as part of the Monthly Rollup. +- [Updates for .NET Framework](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/) are NOT included in legacy Monthly Rollup or Security Only packages. They are separate packages with different behaviors depending on the version of the .NET Framework, and which legacy OS, being updated. +- For [Windows Server 2008 SP2](https://cloudblogs.microsoft.com/windowsserver/2018/06/12/windows-server-2008-sp2-servicing-changes/), cumulative updates began in October 2018, and follow the same model as Windows 7. Updates for IE9 are included in those packages, as the last supported version of Internet Explorer for that Legacy OS version. + +## Public preview releases +Lastly, the cumulative update model directly impacts the public Preview releases offered in the 3rd and/or 4th weeks of the month. Update Tuesday, also referred to as the "B" week release occurs on the second Tuesday of the month. It is always a required security update across all operating systems. In addition to this monthly release, Windows also releases non-security update "previews" targeting the 3rd (C) and the 4th (D) weeks of the month. These preview releases include that month’s B-release plus a set of non-security updates for testing and validation as a cumulative package. We recommend IT Administrators uses the C/D previews to test the update in their environments. Any issues identified with the updates in the C/D releases are identified and then fixed or removed, prior to being rolled up in to the next month’s B release package together with new security updates. Security-only Packages are not part of the C/D preview program. + +### Examples +Windows 10 version 1709: +- (9B) September 11, 2018 Update Tuesday / B release - includes security, non-security and IE update. This update is categorized as "Required, Security" it requires a system reboot. +- (9C) September 26, 2018 Preview C release - includes everything from 9B PLUS some non-security updates for testing/validation. This update is qualified as not required, non-security. No system reboot is required. +- (10B) October 9, 2018 Update Tuesday / B release includes all fixes included in 9B, all fixes in 9C and introduces new security fixes and IE updates. This update is qualified as "Required, Security" and requires a system reboot. +All of these updates are cumulative and build on each other for Windows 10. This is in contrast to legacy OS versions, where the 9C release becomes part of the "Monthly Rollup," but not the "Security Only" update. In other words, a Window 7 SP1 9C update is part of the cumulative "Monthly Rollup" but not included in the "Security Only" update because the fixes are qualified as "non-security". This is an important variation to note on the two models. + +![Preview releases in the Windows 10 LCU model](images/servicing-previews.png) +*Figure 3.0 - Preview releases within the Windows 10 LCU model* + +## Previews vs. on-demand releases +In 2018, we experienced incidents which required urgent remediation that didn’t map to the monthly update release cadence. These incidents were situations that required an immediate fix to an Update Tuesday release. While Windows engineering worked aggressively to respond within a week of the B-release, these "on-demand" releases created confusion with the C Preview releases. + +As a general policy, if a Security-Only package has a regression, which is defined as an unintentional error in the code of an update, then the fix for that regression will be added to the next month’s Security-Only Update. The fix for that regression may also be offered as part an On-Demand release and will be rolled into the next Monthly Update. (Note: Exceptions do exist to this policy, based on timing.) + +### Point to consider +- When Windows identifies an issue with a Update Tuesday release, engineering teams work to remediate or fix the issue as quickly as possible. The outcome is often a new update which may be released at any time, including during the 3rd or 4th week of the month. Such updates are independent of the regularly scheduled "C" and "D" update previews. These updates are created on-demand to remediate a customer impacting issue. In most cases they are qualified as a "non-security" update, and do not require a system reboot. +- Rarely do incidents with Update Tuesday releases impact more than .1% of the total population. With the new Windows Update (WU) architecture, updates can be targeted to affected devices. This targeting is not available through the Update Catalog or WSUS channels, however. +- On-demand releases address a specific issue with an Update Tuesday release and are often qualified as "non-security" for one of two reasons. First, the fix may not be an additional security fix, but a non-security change to the update. Second, the "non-security" designation allows individuals or companies to choose when and how to reboot the devices, rather than forcing a system reboot on all Windows devices receiving the update globally. This trade-off is rarely a difficult choice as it has the potential to impact customer experience across client and server, across consumer and commercial customers for more than one billion devices. +- Because the cumulative model is used across Window 10 and legacy Windows OS versions, despite variations between these OS versions, an out of band release will include all of the changes from the Update Tuesday release plus the fix that addresses the issue. And since Windows no longer releases hotfixes, everything is cumulative in some way. + +In closing, I hope this overview of the update model across current and legacy Windows OS versions highlights the benefits of the Windows 10 cumulative update model to help defragment the Windows ecosystem environments, simplify servicing and help make systems more secure. + +## Resources +- [Simplifying updates for Windows 7 and 8.1](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplifying-updates-for-Windows-7-and-8-1/ba-p/166530) +- [Further simplifying servicing models for Windows 7 and Windows 8.1](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Further-simplifying-servicing-models-for-Windows-7-and-Windows-8/ba-p/166772) +- [More on Windows 7 and Windows 8.1 servicing changes](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/More-on-Windows-7-and-Windows-8-1-servicing-changes/ba-p/166783) +- [.NET Framework Monthly Rollups Explained](https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/) +- [Simplified servicing for Windows 7 and Windows 8.1: the latest improvements](https://techcommunity.microsoft.com/t5/Windows-Blog-Archive/Simplified-servicing-for-Windows-7-and-Windows-8-1-the-latest/ba-p/166798) +- [Windows Server 2008 SP2 servicing changes](https://cloudblogs.microsoft.com/windowsserver/2018/06/12/windows-server-2008-sp2-servicing-changes/) +- [Windows 10 update servicing cadence](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376) +- [Windows 7 servicing stack updates: managing change and appreciating cumulative updates](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-7-servicing-stack-updates-managing-change-and/ba-p/260434) diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 31b15c1429..c11042619d 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -195,7 +195,7 @@ Finally, Upgrade Readiness only collects IE site discovery data on devices that > IE site discovery is disabled on devices running Windows 7 and Windows 8.1 that are in Switzerland and EU countries. ### Device names not appearing for Windows 10 devices -Starting with Windows 10, version 1803, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md). +Starting with Windows 10, version 1803, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md). Allowing device names to be collected can make it easier for you to identify individual devices that report problems. Without the device name, Windows Analytics can only label devices by a GUID that it generates. ### Disable Upgrade Readiness diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md index 11b2b08514..849127c525 100644 --- a/windows/deployment/update/windows-analytics-get-started.md +++ b/windows/deployment/update/windows-analytics-get-started.md @@ -163,7 +163,7 @@ These policies are under Microsoft\Windows\DataCollection: | CommercialId | In order for your devices to show up in Windows Analytics, they must be configured with your organization’s Commercial ID. | | AllowTelemetry (in Windows 10) | 1 (Basic), 2 (Enhanced) or 3 (Full) diagnostic data. Windows Analytics will work with basic diagnostic data, but more features are available when you use the Enhanced level (for example, Device Health requires Enhanced diagnostic data and Upgrade Readiness only collects app usage and site discovery data on Windows 10 devices with Enhanced diagnostic data). For more information, see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization). | | LimitEnhancedDiagnosticDataWindowsAnalytics (in Windows 10) | Only applies when AllowTelemetry=2. Limits the Enhanced diagnostic data events sent to Microsoft to just those needed by Windows Analytics. For more information, see [Windows 10, version 1709 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/configuration/enhanced-diagnostic-data-windows-analytics-events-and-fields).| -| AllowDeviceNameInTelemetry (in Windows 10) | In Windows 10, version 1803, a separate opt-in is required to enable devices to continue to send the device name. | +| AllowDeviceNameInTelemetry (in Windows 10) | In Windows 10, version 1803, a separate opt-in is required to enable devices to continue to send the device name. Allowing device names to be collected can make it easier for you to identify individual devices that report problems. Without the device name, Windows Analytics can only label devices by a GUID that it generates. | | CommercialDataOptIn (in Windows 7 and Windows 8) | 1 is required for Upgrade Readiness, which is the only solution that runs on Windows 7 or Windows 8. | diff --git a/windows/deployment/update/windows-as-a-service.md b/windows/deployment/update/windows-as-a-service.md index 25472e32ba..ad022440c3 100644 --- a/windows/deployment/update/windows-as-a-service.md +++ b/windows/deployment/update/windows-as-a-service.md @@ -42,13 +42,15 @@ The latest news:
  • Windows 7 Servicing Stack Updates: Managing Change and Appreciating Cumulative Updates - September 21, 2018
  • Helping customers shift to a modern desktop - September 6, 2018
  • Windows Update for Business & Windows Analytics: a real-world experience - September 5, 2018
    • -
  • What's next for Windows 10 and Windows Server quality updates - August 16, 2018 +
  • What's next for Windows 10 and Windows Server quality updates - August 16, 2018
  • Windows 10 monthly updates - August 1, 2018 (**video**)
    • -
  • Windows 10 update servicing cadence - August 1, 2018 -
  • Windows 10 quality updates explained and the end of delta updates - July 11, 2018 -
  • AI Powers Windows 10 April 2018 Update Rollout - June 14, 2018 -
  • Windows Server 2008 SP2 Servicing Changes - June 12, 2018 -
  • Windows Update for Business - Enhancements, diagnostics, configuration - June 7, 2018 +
  • Windows 10 update servicing cadence - August 1, 2018
    • +
  • Windows 10 quality updates explained and the end of delta updates - July 11, 2018
    • +
  • AI Powers Windows 10 April 2018 Update Rollout - June 14, 2018
    • +
  • Windows Server 2008 SP2 Servicing Changes - June 12, 2018
    • +
  • Windows Update for Business - Enhancements, diagnostics, configuration - June 7, 2018
    • +
  • Windows 10 and the “disappearing” SAC-T - May 31, 2018
    • + [See more news](waas-morenews.md). You can also check out the [Windows 10 blog](https://techcommunity.microsoft.com/t5/Windows-10-Blog/bg-p/Windows10Blog). diff --git a/windows/deployment/update/windows-update-troubleshooting.md b/windows/deployment/update/windows-update-troubleshooting.md index 638a2ff2e1..c4202da9c9 100644 --- a/windows/deployment/update/windows-update-troubleshooting.md +++ b/windows/deployment/update/windows-update-troubleshooting.md @@ -103,10 +103,10 @@ If downloads through a proxy server fail with a 0x80d05001 DO_E_HTTP_BLOCKSIZE_M You may choose to apply a rule to permit HTTP RANGE requests for the following URLs: *.download.windowsupdate.com -*.au.windowsupdate.com -*.tlu.dl.delivery.mp.microsoft.com +*.dl.delivery.mp.microsoft.com +*.emdl.ws.microsoft.com -If you cannot permit RANGE requests, you can configure a Group Policy or MDM Policy setting that will bypass Delivery Optimization and use BITS instead. +If you cannot permit RANGE requests, keep in mind that this means you are downloading more content than needed in updates (as delta patching will not work). ## The update is not applicable to your computer diff --git a/windows/deployment/upgrade/upgrade-readiness-get-started.md b/windows/deployment/upgrade/upgrade-readiness-get-started.md index af94500571..89b0ca53fe 100644 --- a/windows/deployment/upgrade/upgrade-readiness-get-started.md +++ b/windows/deployment/upgrade/upgrade-readiness-get-started.md @@ -22,7 +22,7 @@ You can use Upgrade Readiness to plan and manage your upgrade project end-to-end Before you begin, consider reviewing the following helpful information:
    - [Upgrade Readiness requirements](upgrade-readiness-requirements.md): Provides detailed requirements to use Upgrade Readiness.
    - - [Upgrade Readiness blog](https://blogs.technet.microsoft.com/UpgradeAnalytics): Contains announcements of new features and provides helpful tips for using Upgrade Readiness. + - [Upgrade Readiness blog](https://aka.ms/blog/WindowsAnalytics): Contains announcements of new features and provides helpful tips for using Upgrade Readiness. >If you are using System Center Configuration Manager, also check out information about how to integrate Upgrade Readiness with Configuration Manager: [Integrate Upgrade Readiness with System Center Configuration Manager](https://docs.microsoft.com/sccm/core/clients/manage/upgrade/upgrade-analytics). diff --git a/windows/deployment/upgrade/windows-10-edition-upgrades.md b/windows/deployment/upgrade/windows-10-edition-upgrades.md index fc3d890534..469b80ff01 100644 --- a/windows/deployment/upgrade/windows-10-edition-upgrades.md +++ b/windows/deployment/upgrade/windows-10-edition-upgrades.md @@ -23,7 +23,7 @@ For a list of operating systems that qualify for the Windows 10 Pro Upgrade or W The following table shows the methods and paths available to change the edition of Windows 10 that is running on your computer. **Note**: The reboot requirement for upgrading from Pro to Enterprise was removed in version 1607. -Note: Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](https://docs.microsoft.com/sccm/compliance/deploy-use/upgrade-windows-version) in System Center Configuratio Manager. +Note: Although it isn't displayed yet in the table, edition upgrade is also possible using [edition upgrade policy](https://docs.microsoft.com/sccm/compliance/deploy-use/upgrade-windows-version) in System Center Configuration Manager. ![not supported](../images/x_blk.png) (X) = not supported
    ![supported, reboot required](../images/check_grn.png) (green checkmark) = supported, reboot required
    diff --git a/windows/deployment/windows-autopilot/rip-and-replace.md b/windows/deployment/windows-autopilot/rip-and-replace.md index b75fced878..92c1d57447 100644 --- a/windows/deployment/windows-autopilot/rip-and-replace.md +++ b/windows/deployment/windows-autopilot/rip-and-replace.md @@ -1,19 +1,19 @@ ---- -title: Rip and Replace -description: Listing of Autopilot scenarios -keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune -ms.prod: w10 -ms.mktglfcycl: deploy -ms.localizationpriority: high -ms.sitesec: library -ms.pagetype: deploy -author: coreyp-at-msft -ms.author: coreyp -ms.date: 06/01/2018 ---- - -# Rip and replace - -**Applies to: Windows 10** - +--- +title: Rip and Replace +description: Listing of Autopilot scenarios +keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune +ms.prod: w10 +ms.mktglfcycl: deploy +ms.localizationpriority: high +ms.sitesec: library +ms.pagetype: deploy +author: coreyp-at-msft +ms.author: coreyp +ms.date: 06/01/2018 +--- + +# Rip and replace + +**Applies to: Windows 10** + DO NOT PUBLISH. Just a placeholder for now, coming with 1809. \ No newline at end of file diff --git a/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md b/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md index ff491c2f9d..260b773472 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-requirements-network.md @@ -41,11 +41,11 @@ In environments that have more restrictive internet access, or for those that re - NOTE:  If Windows Update is inaccessible, the AutoPilot process will still continue. -- **Delivery Optimization.**  When downloading Windows Updates and Microsoft Store apps and app updates (with additional content types expected in the future), the Delivery Optimization service is contacted to enable peer-to-peer sharing of content, so that all devices don’t need to download it from the internet. +- **Delivery Optimization.**  When downloading Windows Updates, Microsoft Store apps and app updates, Office Updates and Intune Win32 Apps, the Delivery Optimization service is contacted to enable peer-to-peer sharing of content so that only a few devices need to download it from the internet. - - - NOTE: If Delivery Optimization is inaccessible, the AutoPilot process will still continue. + - NOTE: If Delivery Optimization Service is inaccessible, the AutoPilot process will still continue with Delivery Optimization downloads from the cloud (without peer-to-peer). - **Network Time Protocol (NTP) Sync.**  When a Windows device starts up, it will talk to a network time server to ensure that the time on the device is accurate. @@ -79,4 +79,4 @@ In environments that have more restrictive internet access, or for those that re - (includes all Office services, DNS names, IP addresses; includes Azure AD and other services that may overlap with those listed above) -- **Certificate revocation lists (CRLs).**  Some of these services will also need to check certificate revocation lists (CRLs) for certificates used in the services.  A full list of these is documented in the Office documentation at and . \ No newline at end of file +- **Certificate revocation lists (CRLs).**  Some of these services will also need to check certificate revocation lists (CRLs) for certificates used in the services.  A full list of these is documented in the Office documentation at and . diff --git a/windows/hub/breadcrumb/toc.yml b/windows/hub/breadcrumb/toc.yml index dd69dd086f..4539d3b751 100644 --- a/windows/hub/breadcrumb/toc.yml +++ b/windows/hub/breadcrumb/toc.yml @@ -25,6 +25,9 @@ - name: Mobile Device Management tocHref: /windows/client-management/mdm/ topicHref: /windows/client-management/mdm/index + - name: Known issues + tocHref: /windows/known-issues/ + topicHref: /windows/known-issues/index - name: Privacy tocHref: /windows/privacy/ topicHref: /windows/privacy/index diff --git a/windows/privacy/Microsoft-DiagnosticDataViewer.md b/windows/privacy/Microsoft-DiagnosticDataViewer.md index 014cf520b8..f0573631e9 100644 --- a/windows/privacy/Microsoft-DiagnosticDataViewer.md +++ b/windows/privacy/Microsoft-DiagnosticDataViewer.md @@ -1,184 +1,188 @@ ---- -title: Diagnostic Data Viewer for PowerShell Overview (Windows 10) -description: Use this article to use the Diagnostic Data Viewer for PowerShell to review the diagnostic data sent to Microsoft by your device. -keywords: privacy -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: high -author: brianlic-msft -ms.author: brianlic -ms.date: 01/17/2018 ---- - -# Diagnostic Data Viewer for PowerShell Overview - -**Applies to** - -- Windows 10, version 1809 -- Windows 10, version 1803 -- Windows Server, version 1803 -- Windows Server 2019 - -## Introduction -The Diagnostic Data Viewer for PowerShell is a PowerShell module that lets you review the diagnostic data your device is sending to Microsoft, grouping the info into simple categories based on how it's used by Microsoft. - -## Requirements - -You must have administrative privilege on the device in order to use this PowerShell module. This module requires OS version 1803 and higher. - -## Install and Use the Diagnostic Data Viewer for PowerShell - -You must install the module before you can use the Diagnostic Data Viewer for PowerShell. - -### Opening an Elevated PowerShell session - -Using the Diagnostic Data Viewer for PowerShell requires administrative (elevated) privilege. There are two ways to open an elevated PowerShell prompt. You can use either method. -- Go to **Start** > **Windows PowerShell** > **Run as administrator** -- Go to **Start** > **Command prompt** > **Run as administrator**, and run the command `C:\> powershell.exe` - -### Install the Diagnostic Data Viewer for PowerShell - - >[!IMPORTANT] - >It is recommended to visit the documentation on [Getting Started](https://docs.microsoft.com/en-us/powershell/gallery/getting-started) with PowerShell Gallery. This page provides more specific details on installing a PowerShell module. - -To install the newest version of the Diagnostic Data Viewer PowerShell module, run the following command within an elevated PowerShell session: -```powershell -PS C:\> Install-Module -Name Microsoft.DiagnosticDataViewer -``` - -To see more information about the module, visit [PowerShell Gallery](https://www.powershellgallery.com/packages/Microsoft.DiagnosticDataViewer). - -### Turn on data viewing -Before you can use this tool, you must turn on data viewing. Turning on data viewing enables Windows to store a local history of your device's diagnostic data for you to view until you turn it off. - -Note that this setting does not control whether your device sends diagnostic data. Instead, it controls whether your Windows device saves a local copy of the diagnostic data sent for your viewing. - -**To turn on data viewing through the Settings page** -1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**. - -2. Under **Diagnostic data**, turn on the **If data viewing is enabled, you can see your diagnostics data** option. - - ![Location to turn on data viewing](images/ddv-data-viewing.png) - -**To turn on data viewing through PowerShell** - -Run the following command within an elevated PowerShell session: - -```powershell -PS C:\> Enable-DiagnosticDataViewing -``` - -Once data viewing is enabled, your Windows machine will begin saving a history of diagnostic data that is sent to Microsoft from this point on. - - >[!IMPORTANT] - >Turning on data viewing can use up to 1GB (default setting) of disk space on your system drive. We recommend that you turn off data viewing when you're done using the Diagnostic Data Viewer. For info about turning off data viewing, see the [Turn off data viewing](#turn-off-data-viewing) section in this article. - - -### Getting Started with Diagnostic Data Viewer for PowerShell -To see how to use the cmdlet, the parameters it accepts, and examples, run the following command from an elevated PowerShell session: - -```powershell -PS C:\> Get-Help Get-DiagnosticData -``` - -**To Start Viewing Diagnostic Data** - -From an elevated PowerShell session, run the following command: - -```powershell -PS C:\> Get-DiagnosticData -``` - -If the number of events is large, and you'd like to stop the command, enter `Ctrl+C`. - - >[!IMPORTANT] - >The above command may produce little to no results if you enabled data viewing recently. It can take several minutes before your Windows device can show diagnostic data it has sent. Use your device as you normally would in the mean time and try again. - -### Doing more with the Diagnostic Data Viewer for PowerShell -The Diagnostic Data Viewer for PowerShell provides you with the following features to view and filter your device's diagnostic data. You can also use the extensive suite of other PowerShell tools with this module. - -- **View your diagnostic events.** Running `PS C:\> Get-DiagnosticData`, you can review your diagnostic events. These events reflect activities that occurred and were sent to Microsoft. - - Each event is displayed as a PowerShell Object. By default each event shows the event name, the time when it was seen by your Windows device, whether the event is [Basic](https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization), its [diagnostic event category](#view-diagnostic-event-categories), and a detailed JSON view of the information it contains, which shows the event exactly as it was when sent to Microsoft. Microsoft uses this info to continually improve the Windows operating system. - -- **View Diagnostic event categories.** Each event shows the diagnostic event categories that it belongs to. These categories define how events are used by Microsoft. The categories are shown as numeric identifiers. For more information about these categories, see [Windows Diagnostic Data](https://docs.microsoft.com/en-us/windows/privacy/windows-diagnostic-data). - - To view the diagnostic category represented by each numeric identifier and what the category means, you can run the command: - - ```powershell - PS C:\> Get-DiagnosticDataTypes - ``` - -- **Filter events by when they were sent.** You can view events within specified time ranges by specifying a start time and end time of each command. For example, to see all diagnostic data sent between 12 and 6 hours ago, run the following command. Note that data is shown in order of oldest first. - ```powershell - PS C:\> Get-DiagnosticData -StartTime (Get-Date).AddHours(-12) -EndTime (Get-Date).AddHours(-6) - ``` - -- **Export the results of each command.** You can export the results of each command to a separate file such as a csv by using pipe `|`. For example, - - ```powershell - PS C:\> Get-DiagnosticData | Export-Csv 'mydata.csv' - ``` - -## Turn off data viewing -When you're done reviewing your diagnostic data, we recommend turning off data viewing to prevent using up more memory. Turning off data viewing stops Windows from saving a history of your diagnostic data and clears the existing history of diagnostic data from your device. - -**To turn off data viewing through the Settings page** -1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**. - -2. Under **Diagnostic data**, turn off the **If data viewing is enabled, you can see your diagnostics data** option. - - ![Location to turn off data viewing](images/ddv-settings-off.png) - -**To turn off data viewing through PowerShell** - -Within an elevated PowerShell session, run the following command: - -```powershell -PS C:\> Disable-DiagnosticDataViewing -``` - -## Modifying the size of your data history -By default, the tool will show you up to 1GB or 30 days of data (whichever comes first). Once either the time or space limit is reached, the data is incrementally dropped with the oldest data points dropped first. - -**Modify the size of your data history** - - >[!IMPORTANT] - >Modifying the maximum amount of diagnostic data viewable by the tool may come with performance impacts to your machine. - - >[!IMPORTANT] - >If you modify the maximum data history size from a larger value to a lower value, you must turn off data viewing and turn it back on in order to reclaim disk space. - -You can change the maximum data history size (in megabytes) that you can view. For example, to set the maximum data history size to 2048MB (2GB), you can run the following command. - -```powershell -PS C:\> Set-DiagnosticStoreCapacity -Size 2048 -``` - -You can change the maximum data history time (in hours) that you can view. For example, to set the maximum data history time to 24 hours, you can run the following command. - -```powershell -PS C:\> Set-DiagnosticStoreCapacity -Time 24 -``` - - >[!IMPORTANT] - >You may need to restart your machine for the new settings to take effect. - - >[!IMPORTANT] - >If you have the [Diagnostic Data Viewer](diagnostic-data-viewer-overview.md) store app installed on the same device, modifications to the size of your data history through the PowerShell module will also be reflected in the app. - -**Reset the size of your data history** - -To reset the maximum data history size back to its original 1GB default value, run the following command in an elevated PowerShell session: - -```powershell -PS C:\> Set-DiagnosticStoreCapacity -Size 1024 -Time 720 -``` - -When resetting the size of your data history to a lower value, be sure to turn off data viewing and turn it back on in order to reclaim disk space. - -## Related Links -- [Module in PowerShell Gallery](https://www.powershellgallery.com/packages/Microsoft.DiagnosticDataViewer) +--- +title: Diagnostic Data Viewer for PowerShell Overview (Windows 10) +description: Use this article to use the Diagnostic Data Viewer for PowerShell to review the diagnostic data sent to Microsoft by your device. +keywords: privacy +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +ms.pagetype: security +ms.localizationpriority: high +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article +ms.date: 01/17/2018 +--- + +# Diagnostic Data Viewer for PowerShell Overview + +**Applies to** + +- Windows 10, version 1809 +- Windows 10, version 1803 +- Windows Server, version 1803 +- Windows Server 2019 + +## Introduction +The Diagnostic Data Viewer for PowerShell is a PowerShell module that lets you review the diagnostic data your device is sending to Microsoft, grouping the info into simple categories based on how it's used by Microsoft. + +## Requirements + +You must have administrative privilege on the device in order to use this PowerShell module. This module requires OS version 1803 and higher. + +## Install and Use the Diagnostic Data Viewer for PowerShell + +You must install the module before you can use the Diagnostic Data Viewer for PowerShell. + +### Opening an Elevated PowerShell session + +Using the Diagnostic Data Viewer for PowerShell requires administrative (elevated) privilege. There are two ways to open an elevated PowerShell prompt. You can use either method. +- Go to **Start** > **Windows PowerShell** > **Run as administrator** +- Go to **Start** > **Command prompt** > **Run as administrator**, and run the command `C:\> powershell.exe` + +### Install the Diagnostic Data Viewer for PowerShell + + >[!IMPORTANT] + >It is recommended to visit the documentation on [Getting Started](https://docs.microsoft.com/en-us/powershell/gallery/getting-started) with PowerShell Gallery. This page provides more specific details on installing a PowerShell module. + +To install the newest version of the Diagnostic Data Viewer PowerShell module, run the following command within an elevated PowerShell session: +```powershell +PS C:\> Install-Module -Name Microsoft.DiagnosticDataViewer +``` + +To see more information about the module, visit [PowerShell Gallery](https://www.powershellgallery.com/packages/Microsoft.DiagnosticDataViewer). + +### Turn on data viewing +Before you can use this tool, you must turn on data viewing. Turning on data viewing enables Windows to store a local history of your device's diagnostic data for you to view until you turn it off. + +Note that this setting does not control whether your device sends diagnostic data. Instead, it controls whether your Windows device saves a local copy of the diagnostic data sent for your viewing. + +**To turn on data viewing through the Settings page** +1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**. + +2. Under **Diagnostic data**, turn on the **If data viewing is enabled, you can see your diagnostics data** option. + + ![Location to turn on data viewing](images/ddv-data-viewing.png) + +**To turn on data viewing through PowerShell** + +Run the following command within an elevated PowerShell session: + +```powershell +PS C:\> Enable-DiagnosticDataViewing +``` + +Once data viewing is enabled, your Windows machine will begin saving a history of diagnostic data that is sent to Microsoft from this point on. + + >[!IMPORTANT] + >Turning on data viewing can use up to 1GB (default setting) of disk space on your system drive. We recommend that you turn off data viewing when you're done using the Diagnostic Data Viewer. For info about turning off data viewing, see the [Turn off data viewing](#turn-off-data-viewing) section in this article. + + +### Getting Started with Diagnostic Data Viewer for PowerShell +To see how to use the cmdlet, the parameters it accepts, and examples, run the following command from an elevated PowerShell session: + +```powershell +PS C:\> Get-Help Get-DiagnosticData +``` + +**To Start Viewing Diagnostic Data** + +From an elevated PowerShell session, run the following command: + +```powershell +PS C:\> Get-DiagnosticData +``` + +If the number of events is large, and you'd like to stop the command, enter `Ctrl+C`. + + >[!IMPORTANT] + >The above command may produce little to no results if you enabled data viewing recently. It can take several minutes before your Windows device can show diagnostic data it has sent. Use your device as you normally would in the mean time and try again. + +### Doing more with the Diagnostic Data Viewer for PowerShell +The Diagnostic Data Viewer for PowerShell provides you with the following features to view and filter your device's diagnostic data. You can also use the extensive suite of other PowerShell tools with this module. + +- **View your diagnostic events.** Running `PS C:\> Get-DiagnosticData`, you can review your diagnostic events. These events reflect activities that occurred and were sent to Microsoft. + + Each event is displayed as a PowerShell Object. By default each event shows the event name, the time when it was seen by your Windows device, whether the event is [Basic](https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization), its [diagnostic event category](#view-diagnostic-event-categories), and a detailed JSON view of the information it contains, which shows the event exactly as it was when sent to Microsoft. Microsoft uses this info to continually improve the Windows operating system. + +- **View Diagnostic event categories.** Each event shows the diagnostic event categories that it belongs to. These categories define how events are used by Microsoft. The categories are shown as numeric identifiers. For more information about these categories, see [Windows Diagnostic Data](https://docs.microsoft.com/en-us/windows/privacy/windows-diagnostic-data). + + To view the diagnostic category represented by each numeric identifier and what the category means, you can run the command: + + ```powershell + PS C:\> Get-DiagnosticDataTypes + ``` + +- **Filter events by when they were sent.** You can view events within specified time ranges by specifying a start time and end time of each command. For example, to see all diagnostic data sent between 12 and 6 hours ago, run the following command. Note that data is shown in order of oldest first. + ```powershell + PS C:\> Get-DiagnosticData -StartTime (Get-Date).AddHours(-12) -EndTime (Get-Date).AddHours(-6) + ``` + +- **Export the results of each command.** You can export the results of each command to a separate file such as a csv by using pipe `|`. For example, + + ```powershell + PS C:\> Get-DiagnosticData | Export-Csv 'mydata.csv' + ``` + +## Turn off data viewing +When you're done reviewing your diagnostic data, we recommend turning off data viewing to prevent using up more memory. Turning off data viewing stops Windows from saving a history of your diagnostic data and clears the existing history of diagnostic data from your device. + +**To turn off data viewing through the Settings page** +1. Go to **Start**, select **Settings** > **Privacy** > **Diagnostics & feedback**. + +2. Under **Diagnostic data**, turn off the **If data viewing is enabled, you can see your diagnostics data** option. + + ![Location to turn off data viewing](images/ddv-settings-off.png) + +**To turn off data viewing through PowerShell** + +Within an elevated PowerShell session, run the following command: + +```powershell +PS C:\> Disable-DiagnosticDataViewing +``` + +## Modifying the size of your data history +By default, the tool will show you up to 1GB or 30 days of data (whichever comes first). Once either the time or space limit is reached, the data is incrementally dropped with the oldest data points dropped first. + +**Modify the size of your data history** + + >[!IMPORTANT] + >Modifying the maximum amount of diagnostic data viewable by the tool may come with performance impacts to your machine. + + >[!IMPORTANT] + >If you modify the maximum data history size from a larger value to a lower value, you must turn off data viewing and turn it back on in order to reclaim disk space. + +You can change the maximum data history size (in megabytes) that you can view. For example, to set the maximum data history size to 2048MB (2GB), you can run the following command. + +```powershell +PS C:\> Set-DiagnosticStoreCapacity -Size 2048 +``` + +You can change the maximum data history time (in hours) that you can view. For example, to set the maximum data history time to 24 hours, you can run the following command. + +```powershell +PS C:\> Set-DiagnosticStoreCapacity -Time 24 +``` + + >[!IMPORTANT] + >You may need to restart your machine for the new settings to take effect. + + >[!IMPORTANT] + >If you have the [Diagnostic Data Viewer](diagnostic-data-viewer-overview.md) store app installed on the same device, modifications to the size of your data history through the PowerShell module will also be reflected in the app. + +**Reset the size of your data history** + +To reset the maximum data history size back to its original 1GB default value, run the following command in an elevated PowerShell session: + +```powershell +PS C:\> Set-DiagnosticStoreCapacity -Size 1024 -Time 720 +``` + +When resetting the size of your data history to a lower value, be sure to turn off data viewing and turn it back on in order to reclaim disk space. + +## Related Links +- [Module in PowerShell Gallery](https://www.powershellgallery.com/packages/Microsoft.DiagnosticDataViewer) - [Documentation for Diagnostic Data Viewer for PowerShell](https://docs.microsoft.com/en-us/powershell/module/microsoft.diagnosticdataviewer/?view=win10-ps) \ No newline at end of file diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md index 79ef8ac888..eaf8f033d0 100644 --- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md +++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1703.md @@ -7,9 +7,13 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security localizationpriority: high +audience: ITPro author: brianlic-msft ms.author: brianlic -ms.date: 12/27/2018 +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article +ms.date: 02/15/2019 --- @@ -65,11 +69,12 @@ The following fields are available: - **InventorySystemBios** The count of DecisionDevicePnp objects present on this machine targeting the next release of Windows - **PCFP** The count of DecisionDriverPackage objects present on this machine targeting the next release of Windows - **SystemProcessorCompareExchange** The count of DecisionMatchingInfoBlock objects present on this machine targeting the next release of Windows -- **SystemProcessorNx** The count of DataSourceMatchingInfoPostUpgrade objects present on this machine targeting the next release of Windows -- **SystemProcessorSse2** The count of DecisionMatchingInfoPostUpgrade objects present on this machine targeting the next release of Windows -- **SystemWim** The count of DecisionMediaCenter objects present on this machine targeting the next release of Windows +- **SystemProcessorNx** The total number of objects of this type present on this device. +- **SystemProcessorPrefetchW** The total number of objects of this type present on this device. +- **SystemProcessorSse2** The total number of objects of this type present on this device. +- **SystemWim** The total number of objects of this type present on this device. - **SystemWindowsActivationStatus** The count of DecisionSystemBios objects present on this machine targeting the next release of Windows -- **SystemWlan** The count of InventoryApplicationFile objects present on this machine. +- **SystemWlan** The total number of objects of this type present on this device. - **Wmdrm_RS3** The total Wmdrm objects targeting the next release of Windows on this device. @@ -475,7 +480,7 @@ The following fields are available: ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveAdd -This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date. +This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up to date. The following fields are available: @@ -1270,7 +1275,7 @@ This event sends version data about the Apps running on this device, to help kee The following fields are available: - **CensusVersion** The version of Census that generated the current data for this device. -- **IEVersion** Retrieves which version of Internet Explorer is running on this device. +- **IEVersion** The version of Internet Explorer that is running on the device. ### Census.Battery @@ -1757,6 +1762,20 @@ The following fields are available: - **syncId** A string used to group StartSync, EndSync, Add, and Remove operations that belong together. This field is unique by Sync period and is used to disambiguate in situations where multiple agents perform overlapping inventories for the same object. +## Component-based Servicing events + +### CbsServicingProvider.CbsCapabilitySessionFinalize + +This event provides information about the results of installing or uninstalling optional Windows content from Windows Update. + + + +### CbsServicingProvider.CbsCapabilitySessionPended + +This event provides information about the results of installing optional Windows content that requires a reboot to keep Windows up to date. + + + ## Content Delivery Manager events ### Microsoft.Windows.ContentDeliveryManager.ProcessCreativeEvent @@ -1827,6 +1846,7 @@ The following fields are available: - **LastBugCheckOriginalDumpType** The type of crash dump the system intended to save. - **LastBugCheckOtherSettings** Other crash dump settings. - **LastBugCheckParameter1** The first parameter with additional info on the type of the error. +- **LastBugCheckProgress** Progress towards writing out the last crash dump. - **LastSuccessfullyShutdownBootId** The Boot ID of the last fully successful shutdown. - **PowerButtonCumulativePressCount** Indicates the number of times the power button has been pressed ("pressed" not to be confused with "released"). - **PowerButtonCumulativeReleaseCount** Indicates the number of times the power button has been released ("released" not to be confused with "pressed"). @@ -1841,7 +1861,7 @@ The following fields are available: - **PowerButtonPressPowerWatchdogArmed** Indicates whether or not the watchdog for the monitor was active at the time of the last power button press. - **TransitionInfoBootId** The Boot ID of the captured transition information. - **TransitionInfoCSCount** The total number of times the system transitioned from "Connected Standby" mode to "On" when the last marker was saved. -- **TransitionInfoCSEntryReason** Indicates the reason the device last entered "Connected Standby" mode ("entered" not to be confused with "exited"). +- **TransitionInfoCSEntryReason** Indicates the reason the device last entered "Connected Standby" mode ("entered" not to be confused with "exited"). - **TransitionInfoCSExitReason** Indicates the reason the device last exited "Connected Standby" mode ("exited" not to be confused with "entered"). - **TransitionInfoCSInProgress** Indicates whether the system was in or entering Connected Standby mode when the last marker was saved. - **TransitionInfoLastReferenceTimeChecksum** The checksum of TransitionInfoLastReferenceTimestamp. @@ -1890,7 +1910,7 @@ The following fields are available: - **CanPerformDiagnosticEscalations** True if UTC is allowed to perform all scenario escalations. - **CanPerformScripting** True if UTC is allowed to perform scripting. - **CanPerformTraceEscalations** True if UTC is allowed to perform scenario escalations with tracing actions. -- **CanReportScenarios** True if UTC is allowed to load and report scenario completion, failure, and cancellation events. +- **CanReportScenarios** True if we can report scenario completions, false otherwise. - **PreviousPermissions** Bitmask representing the previously configured permissions since the telemetry client was last started. - **TransitionFromEverythingOff** True if this transition is moving from not allowing core telemetry to allowing core telemetry. @@ -2017,6 +2037,80 @@ The following fields are available: - **WDDMVersion** The Windows Display Driver Model version. +## Failover Clustering events + +### Microsoft.Windows.Server.FailoverClusteringCritical.ClusterSummary2 + +This event returns information about how many resources and of what type are in the server cluster. This data is collected to keep Windows Server safe, secure, and up to date. The data includes information about whether hardware is configured correctly, if the software is patched correctly, and assists in preventing crashes by attributing issues (like fatal errors) to workloads and system configurations. + +The following fields are available: + +- **autoAssignSite** The cluster parameter: auto site. +- **autoBalancerLevel** The cluster parameter: auto balancer level. +- **autoBalancerMode** The cluster parameter: auto balancer mode. +- **blockCacheSize** The configured size of the block cache. +- **ClusterAdConfiguration** The ad configuration of the cluster. +- **clusterAdType** The cluster parameter: mgmt_point_type. +- **clusterDumpPolicy** The cluster configured dump policy. +- **clusterFunctionalLevel** The current cluster functional level. +- **clusterGuid** The unique identifier for the cluster. +- **clusterWitnessType** The witness type the cluster is configured for. +- **countNodesInSite** The number of nodes in the cluster. +- **crossSiteDelay** The cluster parameter: CrossSiteDelay. +- **crossSiteThreshold** The cluster parameter: CrossSiteThreshold. +- **crossSubnetDelay** The cluster parameter: CrossSubnetDelay. +- **crossSubnetThreshold** The cluster parameter: CrossSubnetThreshold. +- **csvCompatibleFilters** The cluster parameter: ClusterCsvCompatibleFilters. +- **csvIncompatibleFilters** The cluster parameter: ClusterCsvIncompatibleFilters. +- **csvResourceCount** The number of resources in the cluster. +- **currentNodeSite** The name configured for the current site for the cluster. +- **dasModeBusType** The direct storage bus type of the storage spaces. +- **downLevelNodeCount** The number of nodes in the cluster that are running down-level. +- **drainOnShutdown** Specifies whether a node should be drained when it is shut down. +- **dynamicQuorumEnabled** Specifies whether dynamic Quorum has been enabled. +- **enforcedAntiAffinity** The cluster parameter: enforced anti affinity. +- **genAppNames** The win32 service name of a clustered service. +- **genSvcNames** The command line of a clustered genapp. +- **hangRecoveryAction** The cluster parameter: hang recovery action. +- **hangTimeOut** Specifies the “hang time out” parameter for the cluster. +- **isCalabria** Specifies whether storage spaces direct is enabled. +- **isMixedMode** Identifies if the cluster is running with different version of OS for nodes. +- **isRunningDownLevel** Identifies if the current node is running down-level. +- **logLevel** Specifies the granularity that is logged in the cluster log. +- **logSize** Specifies the size of the cluster log. +- **lowerQuorumPriorityNodeId** The cluster parameter: lower quorum priority node ID. +- **minNeverPreempt** The cluster parameter: minimum never preempt. +- **minPreemptor** The cluster parameter: minimum preemptor priority. +- **netftIpsecEnabled** The parameter: netftIpsecEnabled. +- **NodeCount** The number of nodes in the cluster. +- **nodeId** The current node number in the cluster. +- **nodeResourceCounts** Specifies the number of node resources. +- **nodeResourceOnlineCounts** Specifies the number of node resources that are online. +- **numberOfSites** The number of different sites. +- **numNodesInNoSite** The number of nodes not belonging to a site. +- **plumbAllCrossSubnetRoutes** The cluster parameter: plumb all cross subnet routes. +- **preferredSite** The preferred site location. +- **privateCloudWitness** Specifies whether a private cloud witness exists for this cluster. +- **quarantineDuration** The quarantine duration. +- **quarantineThreshold** The quarantine threshold. +- **quorumArbitrationTimeout** In the event of an arbitration event, this specifies the quorum timeout period. +- **resiliencyLevel** Specifies the level of resiliency. +- **resourceCounts** Specifies the number of resources. +- **resourceTypeCounts** Specifies the number of resource types in the cluster. +- **resourceTypes** Data representative of each resource type. +- **resourceTypesPath** Data representative of the DLL path for each resource type. +- **sameSubnetDelay** The cluster parameter: same subnet delay. +- **sameSubnetThreshold** The cluster parameter: same subnet threshold. +- **secondsInMixedMode** The amount of time (in seconds) that the cluster has been in mixed mode (nodes with different operating system versions in the same cluster). +- **securityLevel** The cluster parameter: security level. +- **sharedVolumeBlockCacheSize** Specifies the block cache size for shared for shared volumes. +- **shutdownTimeoutMinutes** Specifies the amount of time it takes to time out when shutting down. +- **upNodeCount** Specifies the number of nodes that are up (online). +- **useClientAccessNetworksForCsv** The cluster parameter: use client access networks for CSV. +- **vmIsolationTime** The cluster parameter: VM isolation time. +- **witnessDatabaseWriteTimeout** Specifies the timeout period for writing to the quorum witness database. + + ## Fault Reporting events ### Microsoft.Windows.FaultReporting.AppCrashEvent @@ -2227,6 +2321,30 @@ The following fields are available: - **Version** The version number of the program. +### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverAdd + +This event represents what drivers an application installs. + + + +### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverStartSync + +The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent. + + + +### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkAdd + +This event provides the basic metadata about the frameworks an application may depend on. + + + +### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkStartSync + +This event indicates that a new set of InventoryApplicationFrameworkAdd events will be sent. + + + ### Microsoft.Windows.Inventory.Core.InventoryApplicationRemove This event indicates that a new set of InventoryDevicePnpAdd events will be sent. @@ -2378,33 +2496,34 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: -- **Class** The device setup class of the driver loaded for the device -- **ClassGuid** The device class GUID from the driver package -- **COMPID** A JSON array the provides the value and order of the compatible ID tree for the device. See [COMPID](#compid). -- **ContainerId** A system-supplied GUID that uniquely groups the functional devices associated with a single-function or multifunction device installed in the device. -- **Description** The device description -- **DeviceState** DeviceState is a bitmask of the following: DEVICE_IS_CONNECTED 0x0001 (currently only for container). DEVICE_IS_NETWORK_DEVICE 0x0002 (currently only for container). DEVICE_IS_PAIRED 0x0004 (currently only for container). DEVICE_IS_ACTIVE 0x0008 (currently never set). DEVICE_IS_MACHINE 0x0010 (currently only for container). DEVICE_IS_PRESENT 0x0020 (currently always set). DEVICE_IS_HIDDEN 0x0040. DEVICE_IS_PRINTER 0x0080 (currently only for container). DEVICE_IS_WIRELESS 0x0100. DEVICE_IS_WIRELESS_FAT 0x0200. The most common values are therefore: 32 (0x20)= device is present. 96 (0x60)= device is present but hidden. 288 (0x120)= device is a wireless device that is present -- **DriverId** A unique identifier for the installed device. +- **Class** The device setup class of the driver loaded for the device. +- **ClassGuid** The device class unique identifier of the driver package loaded on the device. +- **COMPID** The list of “Compatible IDs” for this device. See [COMPID](#compid). +- **ContainerId** The system-supplied unique identifier that specifies which group(s) the device(s) installed on the parent (main) device belong to. +- **Description** The description of the device. +- **DeviceState** Identifies the current state of the parent (main) device. +- **DriverId** The unique identifier for the installed driver. - **DriverName** The name of the driver image file. +- **DriverPackageStrongName** The immediate parent directory name in the Directory field of InventoryDriverPackage. - **DriverVerDate** The date of the driver loaded for the device - **DriverVerVersion** The version of the driver loaded for the device -- **Enumerator** The bus that enumerated the device -- **HWID** A JSON array that provides the value and order of the HWID tree for the device. See [HWID](#hwid). -- **Inf** The INF file name. -- **InstallState** The device installation state. One of these values: https://msdn.microsoft.com/en-us/library/windows/hardware/ff543130.aspx -- **InventoryVersion** The version of the inventory file generating the events. -- **LowerClassFilters** Lower filter class drivers IDs installed for the device. -- **LowerFilters** Lower filter drivers IDs installed for the device -- **Manufacturer** The device manufacturer -- **MatchingID** Represents the hardware ID or compatible ID that Windows uses to install a device instance -- **Model** The device model -- **ParentId** Device instance id of the parent of the device -- **ProblemCode** The current error code for the device. -- **Provider** The device provider -- **Service** The device service name -- **STACKID** A JSON array that provides the value and order of the STACKID tree for the device. See [STACKID](#stackid). -- **UpperClassFilters** Upper filter class drivers IDs installed for the device -- **UpperFilters** Upper filter drivers IDs installed for the device +- **Enumerator** Identifies the bus that enumerated the device. +- **HWID** A list of hardware IDs for the device. See [HWID](#hwid). +- **Inf** The name of the INF file (possibly renamed by the OS, such as oemXX.inf). +- **InstallState** The device installation state. For a list of values, see: https://msdn.microsoft.com/en-us/library/windows/hardware/ff543130.aspx +- **InventoryVersion** The version number of the inventory process generating the events. +- **LowerClassFilters** The identifiers of the Lower Class filters installed for the device. +- **LowerFilters** The identifiers of the Lower filters installed for the device. +- **Manufacturer** The manufacturer of the device. +- **MatchingID** The Hardware ID or Compatible ID that Windows uses to install a device instance. +- **Model** Identifies the model of the device. +- **ParentId** The Device Instance ID of the parent of the device. +- **ProblemCode** The error code currently returned by the device, if applicable. +- **Provider** Identifies the device provider. +- **Service** The name of the device service. +- **STACKID** The list of hardware IDs for the stack. See [STACKID](#stackid). +- **UpperClassFilters** The identifiers of the Upper Class filters installed for the device. +- **UpperFilters** The identifiers of the Upper filters installed for the device. ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove @@ -2429,6 +2548,18 @@ The following fields are available: - **InventoryVersion** The version of the inventory file generating the events. +### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassAdd + +This event sends basic metadata about the USB hubs on the device. + + + +### Microsoft.Windows.Inventory.Core.InventoryDeviceUsbHubClassStartSync + +This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent. + + + ### Microsoft.Windows.Inventory.Core.InventoryDriverBinaryAdd This event provides the basic metadata about driver binaries running on the system. @@ -2567,6 +2698,18 @@ This event provides insight data on the installed Office products +### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsRemove + +Indicates that this particular data object represented by the objectInstanceId is no longer present. + + + +### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsStartSync + +This diagnostic event indicates that a new sync is being generated for this object type. + + + ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsAdd Describes Office Products installed. @@ -2591,6 +2734,18 @@ Indicates a new sync is being generated for this object type. +### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBARuleViolationsStartSync + +This event indicates that a new sync is being generated for this object type. + + + +### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAStartSync + +Diagnostic event to indicate a new sync is being generated for this object type. + + + ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd Provides data on Unified Update Platform (UUP) products and what version they are at. @@ -3215,6 +3370,12 @@ The following fields are available: - **Time** The system time at which the event began. +### Microsoft.Windows.Sediment.Info.DetailedState + +This event is sent when detailed state information is needed from an update trial run. + + + ### Microsoft.Windows.Sediment.Info.DownloadServiceError This event provides information when the Download Service returns an error. The information provided helps keep Windows up to date. @@ -3394,6 +3555,17 @@ The following fields are available: - **Url** The new URL from which content will be executed. +### Microsoft.Windows.Sediment.OSRSS.SelfUpdate + +This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version. + +The following fields are available: + +- **ServiceVersionMajor** The major version number for the component. +- **ServiceVersionMinor** The minor version number for the component. +- **Time** The system timestamp for when the event occurred. + + ### Microsoft.Windows.Sediment.OSRSS.UrlState This event indicates the state the Operating System Remediation System Service (OSRSS) is in while attempting a download from the URL. @@ -3408,6 +3580,17 @@ The following fields are available: - **Time** System timestamp the event was fired +### Microsoft.Windows.Sediment.ServiceInstaller.ApplicabilityCheckFailed + +This event returns data relating to the error state after one of the applicability checks for the installer component of the Operating System Remediation System Service (OSRSS) has failed. + +The following fields are available: + +- **CheckName** The name of the applicability check that failed. +- **InstallerVersion** The version information for the installer component. +- **Time** The system timestamp for when the event occurred. + + ### Microsoft.Windows.Sediment.ServiceInstaller.AttemptingUpdate This event indicates the Operating System Remediation System Service (OSRSS) installer is attempting an update to itself. This information helps ensure Windows is up to date. @@ -3855,6 +4038,26 @@ The following fields are available: - **threadId** The ID of the thread on which the activity is executing. +## SIH events + +### SIHEngineTelemetry.EvalApplicability + +This event is sent when targeting logic is evaluated to determine if a device is eligible a given action. + + + +### SIHEngineTelemetry.ExecuteAction + +This event is triggered with SIH attempts to execute (e.g. install) the update or action in question. Includes important information like if the update required a reboot. + + + +### SIHEngineTelemetry.PostRebootReport + +This event reports the status of an action following a reboot, should one have been required. + + + ## Software update events ### SoftwareUpdateClientTelemetry.CheckForUpdates @@ -3977,36 +4180,36 @@ The following fields are available: - **ActiveDownloadTime** How long the download took, in seconds, excluding time where the update wasn't actively being downloaded. - **AppXBlockHashValidationFailureCount** A count of the number of blocks that have failed validation after being downloaded. -- **AppXDownloadScope** Indicates the scope of the download for application content. For streaming install scenarios, AllContent - non-streaming download, RequiredOnly - streaming download requested content required for launch, AutomaticOnly - streaming download requested automatic streams for the app, and Unknown - for events sent before download scope is determined by the Windows Update client. +- **AppXDownloadScope** Indicates the scope of the download for application content. - **BiosFamily** The family of the BIOS (Basic Input Output System). - **BiosName** The name of the device BIOS. - **BiosReleaseDate** The release date of the device BIOS. -- **BiosSKUNumber** The sku number of the device BIOS. +- **BiosSKUNumber** The SKU number of the device BIOS. - **BIOSVendor** The vendor of the BIOS. - **BiosVersion** The version of the BIOS. -- **BundleBytesDownloaded** How many bytes were downloaded for the specific content bundle. -- **BundleId** Identifier associated with the specific content bundle; should not be all zeros if the bundleID was found. +- **BundleBytesDownloaded** Number of bytes downloaded for the specific content bundle. +- **BundleId** Identifier associated with the specific content bundle. - **BundleRepeatFailFlag** Indicates whether this particular update bundle had previously failed to download. - **BundleRevisionNumber** Identifies the revision number of the content bundle. - **BytesDownloaded** How many bytes were downloaded for an individual piece of content (not the entire bundle). -- **CachedEngineVersion** For self-initiated healing, the version of the SIH engine that is cached on the device. If the SIH engine does not exist, the value is null. -- **CallerApplicationName** The name provided by the caller who initiated API calls into the software distribution client. -- **CbsDownloadMethod** Indicates whether the download was a full-file download or a partial/delta download. +- **CachedEngineVersion** The version of the “Self-Initiated Healing” (SIH) engine that is cached on the device, if applicable. +- **CallerApplicationName** The name provided by the application that initiated API calls into the software distribution client. +- **CbsDownloadMethod** Indicates whether the download was a full- or a partial-file download. - **CDNCountryCode** Two letter country abbreviation for the Content Distribution Network (CDN) location. - **CDNId** ID which defines which CDN the software distribution client downloaded the content from. - **ClientManagedByWSUSServer** Indicates whether the client is managed by Windows Server Update Services (WSUS). - **ClientVersion** The version number of the software distribution client. - **CurrentMobileOperator** The mobile operator the device is currently connected to. -- **DeviceModel** What is the device model. -- **DeviceOEM** What OEM does this device belong to. +- **DeviceModel** The model of the device. +- **DeviceOEM** Identifies the Original Equipment Manufacturer (OEM) of the device. - **DownloadPriority** Indicates whether a download happened at background, normal, or foreground priority. -- **DownloadScenarioId** A unique ID for a given download used to tie together WU and DO events. -- **DownloadType** Differentiates the download type of SIH downloads between Metadata and Payload downloads. -- **Edition** Indicates the edition of Windows being used. +- **DownloadScenarioId** A unique ID for a given download, used to tie together Windows Update and Delivery Optimizer events. +- **DownloadType** Differentiates the download type of “Self-Initiated Healing” (SIH) downloads between Metadata and Payload downloads. +- **Edition** Identifies the edition of Windows currently running on the device. - **EventInstanceID** A globally unique identifier for event instance. -- **EventNamespaceID** Indicates whether the event succeeded or failed. Has the format EventType+Event where Event is Succeeded, Cancelled, Failed, etc. -- **EventScenario** Indicates the purpose of sending this event - whether because the software distribution just started downloading content, or whether it was cancelled, succeeded, or failed. -- **EventType** Possible values are Child, Bundle, or Driver. +- **EventNamespaceID** The ID of the test events environment. +- **EventScenario** Indicates the purpose for sending this event: whether because the software distribution just started downloading content; or whether it was cancelled, succeeded, or failed. +- **EventType** Identifies the type of the event (Child, Bundle, or Driver). - **ExtendedStatusCode** Secondary error code for certain scenarios where StatusCode wasn't specific enough. - **FeatureUpdatePause** Indicates whether feature OS updates are paused on the device. - **FlightBranch** The branch that a device is on if participating in flighting (pre-release builds). @@ -4016,39 +4219,39 @@ The following fields are available: - **HandlerType** Indicates what kind of content is being downloaded (app, driver, windows patch, etc.). - **HardwareId** If this download was for a driver targeted to a particular device model, this ID indicates the model of the device. - **HomeMobileOperator** The mobile operator that the device was originally intended to work with. -- **HostName** The hostname URL the content is downloading from. +- **HostName** The parent URL the content is downloading from. - **IPVersion** Indicates whether the download took place over IPv4 or IPv6. -- **IsAOACDevice** Is it Always On, Always Connected? +- **IsAOACDevice** Indicates whether the device is an Always On, Always Connected (AOAC) device. - **IsDependentSet** Indicates whether a driver is a part of a larger System Hardware/Firmware Update - **IsWUfBDualScanEnabled** Indicates if Windows Update for Business dual scan is enabled on the device. - **IsWUfBEnabled** Indicates if Windows Update for Business is enabled on the device. -- **NetworkCostBitMask** Indicates what kind of network the device is connected to (roaming, metered, over data cap, etc.) +- **NetworkCostBitMask** A flag indicating the cost of the network (congested, fixed, variable, over data limit, roaming, etc.) used for downloading the update content. - **NetworkRestrictionStatus** More general version of NetworkCostBitMask, specifying whether Windows considered the current network to be "metered." - **PackageFullName** The package name of the content. - **PhonePreviewEnabled** Indicates whether a phone was opted-in to getting preview builds, prior to flighting (pre-release builds) being introduced. -- **PlatformRole** The PowerPlatformRole as defined on MSDN +- **PlatformRole** The role of the OS platform (Desktop, Mobile, Workstation, etc.). - **ProcessName** The process name of the caller who initiated API calls, in the event where CallerApplicationName was not provided. - **ProcessorArchitecture** Processor architecture of the system (x86, AMD64, ARM). - **QualityUpdatePause** Indicates whether quality OS updates are paused on the device. -- **RelatedCV** The previous Correlation Vector that was used before swapping with a new one +- **RelatedCV** The Correlation Vector that was used before the most recent change to a new Correlation Vector. - **RepeatFailFlag** Indicates whether this specific piece of content had previously failed to download. -- **RevisionNumber** Identifies the revision number of this specific piece of content. -- **ServiceGuid** An ID which represents which service the software distribution client is installing content for (Windows Update, Microsoft Store, etc.). -- **Setup360Phase** If the download is for an operating system upgrade, this datapoint indicates which phase of the upgrade is underway. -- **ShippingMobileOperator** The mobile operator that a device shipped on. +- **RevisionNumber** The revision number of the specified piece of content. +- **ServiceGuid** A unique identifier for the service that the software distribution client is installing content for (Windows Update, Windows Store, etc.). +- **Setup360Phase** Identifies the active phase of the upgrade download if the current download is for an Operating System upgrade. +- **ShippingMobileOperator** The mobile operator linked to the device when the device shipped. - **StatusCode** Indicates the result of a Download event (success, cancellation, failure code HResult). - **SystemBIOSMajorRelease** Major version of the BIOS. - **SystemBIOSMinorRelease** Minor version of the BIOS. - **TargetGroupId** For drivers targeted to a specific device model, this ID indicates the distribution group of devices receiving that driver. - **TargetingVersion** For drivers targeted to a specific device model, this is the version number of the drivers being distributed to the device. -- **TargetMetadataVersion** For self-initiated healing, this is the target version of the SIH engine to download (if needed). If not, the value is null. +- **TargetMetadataVersion** The version of the currently downloading (or most recently downloaded) package. - **ThrottlingServiceHResult** Result code (success/failure) while contacting a web service to determine whether this device should download content yet. -- **TimeToEstablishConnection** Time (in ms) it took to establish the connection prior to beginning downloaded. -- **TotalExpectedBytes** The total count of bytes that the download is expected to be. +- **TimeToEstablishConnection** Time (in milliseconds) it took to establish the connection prior to beginning downloaded. +- **TotalExpectedBytes** The total size (in Bytes) expected to be downloaded. - **UpdateId** An identifier associated with the specific piece of content. - **UpdateID** An identifier associated with the specific piece of content. -- **UpdateImportance** Indicates whether a piece of content was marked as Important, Recommended, or Optional. -- **UsedDO** Whether the download used the delivery optimization service. +- **UpdateImportance** Indicates whether the content was marked as Important, Recommended, or Optional. +- **UsedDO** Indicates whether the download used the Delivery Optimization (DO) service. - **UsedSystemVolume** Indicates whether the content was downloaded to the device's main system storage drive, or an alternate storage drive. - **WUDeviceID** The unique identifier of a specific device, used to identify how many devices are encountering success or a particular issue. - **WUSetting** Indicates the users' current updating settings. @@ -4221,7 +4424,7 @@ The following fields are available: - **EndpointUrl** The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments. - **EventScenario** The purpose of this event, such as scan started, scan succeeded, or scan failed. - **ExtendedStatusCode** The secondary status code of the event. -- **LeafCertId** Integral ID from the FragmentSigning data for certificate that failed. +- **LeafCertId** The integral ID from the FragmentSigning data for the certificate that failed. - **ListOfSHA256OfIntermediateCerData** A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate. - **MetadataIntegrityMode** The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce - **MetadataSignature** A base64-encoded string of the signature associated with the update metadata (specified by revision ID). @@ -4232,7 +4435,7 @@ The following fields are available: - **ServiceGuid** Identifies the service to which the software distribution client is connected, Example: Windows Update or Microsoft Store - **SHA256OfLeafCerData** A base64 encoding of the hash for the Base64CerData in the FragmentSigning data of the leaf certificate. - **SHA256OfLeafCertPublicKey** A base64 encoding of the hash of the Base64CertData in the FragmentSigning data of the leaf certificate. -- **SHA256OfTimestampToken** A base64-encoded string of hash of the timestamp token blob. +- **SHA256OfTimestampToken** An encoded string of the timestamp token. - **SignatureAlgorithm** The hash algorithm for the metadata signature. - **SLSPrograms** A test program to which a device may have opted in. Example: Insider Fast - **StatusCode** The status code of the event. @@ -4452,6 +4655,22 @@ The following fields are available: - **UpdateId** Unique ID for each update. +### Update360Telemetry.UpdateAgentCommit + +This event collects information regarding the commit phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. + +The following fields are available: + +- **ErrorCode** The error code returned for the current install phase. +- **FlightId** Unique ID for each flight. +- **ObjectId** Unique value for each Update Agent mode. +- **RelatedCV** Correlation vector value generated from the latest USO scan. +- **Result** Outcome of the install phase of the update. +- **ScenarioId** Indicates the update scenario. +- **SessionId** Unique value for each update attempt. +- **UpdateId** Unique ID for each update. + + ### Update360Telemetry.UpdateAgentDownloadRequest This event sends data for the download request phase of updating Windows via the new Unified Update Platform (UUP) scenario. Applicable to PC and Mobile. @@ -4483,6 +4702,26 @@ The following fields are available: - **UpdateId** Unique ID for each Update. +### Update360Telemetry.UpdateAgentExpand + +This event collects information regarding the expansion phase of the new Unified Update Platform (UUP) update scenario, which is leveraged by both Mobile and Desktop. + +The following fields are available: + +- **ElapsedTickCount** Time taken for expand phase. +- **EndFreeSpace** Free space after expand phase. +- **EndSandboxSize** Sandbox size after expand phase. +- **ErrorCode** The error code returned for the current install phase. +- **FlightId** Unique ID for each flight. +- **ObjectId** Unique value for each Update Agent mode. +- **RelatedCV** Correlation vector value generated from the latest USO scan. +- **ScenarioId** Indicates the update scenario. +- **SessionId** Unique value for each update attempt. +- **StartFreeSpace** Free space before expand phase. +- **StartSandboxSize** Sandbox size after expand phase. +- **UpdateId** Unique ID for each update. + + ### Update360Telemetry.UpdateAgentInitialize This event sends data for the initialize phase of updating Windows via the new Unified Update Platform (UUP) scenario, which is applicable to both PCs and Mobile. @@ -4501,6 +4740,22 @@ The following fields are available: - **UpdateId** Unique ID for each update. +### Update360Telemetry.UpdateAgentInstall + +This event sends data for the install phase of updating Windows. + +The following fields are available: + +- **ErrorCode** The error code returned for the current install phase. +- **FlightId** Unique value for each Update Agent mode (same concept as InstanceId for Setup360). +- **ObjectId** Correlation vector value generated from the latest USO scan. +- **RelatedCV** Correlation vector value generated from the latest USO scan. +- **Result** The result for the current install phase. +- **ScenarioId** Indicates the update scenario. +- **SessionId** Unique value for each update attempt. +- **UpdateId** Unique ID for each update. + + ### Update360Telemetry.UpdateAgentMitigationResult This event sends data indicating the result of each update agent mitigation. @@ -4578,6 +4833,18 @@ The following fields are available: ## Upgrade events +### FacilitatorTelemetry.DCATDownload + +This event indicates whether devices received additional or critical supplemental content during an OS Upgrade, to help keep Windows up-to-date and secure. + + + +### FacilitatorTelemetry.InitializeDU + +This event determines whether devices received additional or critical supplemental content during an OS upgrade. + + + ### Setup360Telemetry.Downlevel This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up-to-date and secure. @@ -4865,7 +5132,7 @@ The following fields are available: - **RebootReason** Reason for the reboot. -## Microsoft Store events +## Windows Store events ### Microsoft.Windows.Store.Partner.ReportApplication @@ -5623,17 +5890,17 @@ This event indicates that a scan for a Windows Update occurred. The following fields are available: -- **deferReason** Reason why the device could not check for updates. -- **detectionBlockreason** Reason for detection not completing. +- **deferReason** The reason why the device could not check for updates. +- **detectionBlockreason** The reason detection did not complete. - **detectionDeferreason** A log of deferral reasons for every update state. -- **errorCode** The returned error code. +- **errorCode** The error code returned for the current process. - **eventScenario** End-to-end update session ID, or indicates the purpose of sending this event - whether because the software distribution just started installing content, or whether it was cancelled, succeeded, or failed. -- **flightID** The specific ID of the Windows Insider build the device is getting. -- **interactive** Indicates whether the session was user initiated. -- **revisionNumber** Update revision number. -- **updateId** Update ID. -- **updateScenarioType** The update session type. -- **wuDeviceid** Unique device ID used by Windows Update. +- **flightID** The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable. +- **interactive** Indicates whether the user initiated the session. +- **revisionNumber** The Update revision number. +- **updateId** The unique identifier of the Update. +- **updateScenarioType** Identifies the type of update session being performed. +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Orchestrator.Download @@ -5696,7 +5963,7 @@ The following fields are available: - **deferReason** Reason for install not completing. - **errorCode** The error code reppresented by a hexadecimal value. - **eventScenario** End-to-end update session ID. -- **flightID** The specific ID of the Windows Insider build the device is getting. +- **flightID** The ID of the Windows Insider build the device is getting. - **flightUpdate** Indicates whether the update is a Windows Insider build. - **ForcedRebootReminderSet** A boolean value that indicates if a forced reboot will happen for updates. - **installCommitfailedtime** The time it took for a reboot to happen but the upgrade failed to progress. @@ -5741,14 +6008,26 @@ This event is sent after a Windows update install completes. The following fields are available: -- **batteryLevel** Current battery capacity in mWh or percentage left. -- **bundleId** Identifier associated with the specific content bundle. +- **batteryLevel** Current battery capacity in megawatt-hours (mWh) or percentage left. +- **bundleId** The unique identifier associated with the specific content bundle. - **bundleRevisionnumber** Identifies the revision number of the content bundle. - **errorCode** The error code returned for the current phase. - **eventScenario** State of update action. -- **flightID** Unique update ID. +- **flightID** The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable. - **sessionType** The Windows Update session type (Interactive or Background). -- **wuDeviceid** Unique device ID used by Windows Update. +- **wuDeviceid** The unique device identifier used by Windows Update. + + +### Microsoft.Windows.Update.Orchestrator.PowerMenuOptionsChanged + +This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed. + +The following fields are available: + +- **powermenuNewOptions** The new options after the power menu changed. +- **powermenuOldOptions** The old options before the power menu changed. +- **rebootPendingMinutes** If the power menu changed because a reboot is pending due to a update, this indicates how long that reboot has been pending. +- **wuDeviceid** The device ID recorded by Windows Update if the power menu changed because a reboot is pending due to an update. ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart @@ -5953,7 +6232,7 @@ The following fields are available: - **revisionNumber** Revision number of the OS. - **scheduledRebootTime** Time scheduled for the reboot. - **updateId** Identifies which update is being scheduled. -- **wuDeviceid** Unique device ID used by Windows Update. +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Ux.MusNotification.ToastDisplayedToScheduleReboot @@ -5985,12 +6264,44 @@ The following fields are available: ## Windows Update mitigation events +### Mitigation360Telemetry.MitigationCustom.CleanupSafeOsImages + +This event sends data specific to the CleanupSafeOsImages mitigation used for OS Updates. + +The following fields are available: + +- **ClientId** The client ID used by Windows Update. +- **FlightId** The ID of each Windows Insider build the device received. +- **InstanceId** A unique device ID that identifies each update instance. +- **MitigationScenario** The update scenario in which the mitigation was executed. +- **MountedImageCount** The number of mounted images. +- **MountedImageMatches** The number of mounted image matches. +- **MountedImagesFailed** The number of mounted images that could not be removed. +- **MountedImagesRemoved** The number of mounted images that were successfully removed. +- **MountedImagesSkipped** The number of mounted images that were not found. +- **RelatedCV** The correlation vector value generated from the latest USO scan. +- **Result** HResult of this operation. +- **ScenarioId** ID indicating the mitigation scenario. +- **ScenarioSupported** Indicates whether the scenario was supported. +- **SessionId** Unique value for each update attempt. +- **UpdateId** Unique ID for each Windows Update. +- **WuId** Unique ID for the Windows Update client. + + ### Mitigation360Telemetry.MitigationCustom.FixupEditionId This event sends data specific to the FixupEditionId mitigation used for OS Updates. +## Windows Update Reserve Manager events + +### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. + + + ## Winlogon events ### Microsoft.Windows.Security.Winlogon.SetupCompleteLogon diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md index 63376e03ed..27fcd87f88 100644 --- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md +++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1709.md @@ -7,9 +7,13 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security localizationpriority: high +audience: ITPro author: brianlic-msft ms.author: brianlic -ms.date: 12/13/2018 +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article +ms.date: 02/15/2019 --- @@ -46,15 +50,14 @@ Invalid Signature - This event is superseded by an event that contains additiona The following fields are available: -- **DatasourceApplicationFile_RS1** An ID for the system, calculated by hashing hardware identifiers. - **DatasourceApplicationFile_RS4** An ID for the system, calculated by hashing hardware identifiers. - **DatasourceDevicePnp_RS4** An ID for the system, calculated by hashing hardware identifiers. - **DatasourceDriverPackage_RS4** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_RS4** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPassive_RS4** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPostUpgrade_RS4** The count of the number of this particular object type present on this device. +- **DatasourceSystemBios_19H1Setup** The count of the number of this particular object type present on this device. - **DatasourceSystemBios_RS4** The count of the number of this particular object type present on this device. -- **DecisionApplicationFile_RS1** An ID for the system, calculated by hashing hardware identifiers. - **DecisionApplicationFile_RS4** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_RS4** The count of the number of this particular object type present on this device. - **DecisionDriverPackage_RS4** The count of the number of this particular object type present on this device. @@ -62,26 +65,24 @@ The following fields are available: - **DecisionMatchingInfoPassive_RS4** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPostUpgrade_RS4** The count of the number of this particular object type present on this device. - **DecisionMediaCenter_RS4** The count of the number of this particular object type present on this device. +- **DecisionSystemBios_19H1Setup** The total DecisionSystemBios objects targeting the next release of Windows on this device. - **DecisionSystemBios_RS4** The total DecisionSystemBios objects targeting Windows 10 version, 1803 present on this device. -- **DecisionTest_RS1** An ID for the system, calculated by hashing hardware identifiers. - **InventoryApplicationFile** The count of the number of this particular object type present on this device. - **InventoryLanguagePack** The count of the number of this particular object type present on this device. - **InventoryMediaCenter** The count of the number of this particular object type present on this device. - **InventorySystemBios** The count of the number of this particular object type present on this device. -- **InventoryTest** The count of the number of this particular object type present on this device. - **InventoryUplevelDriverPackage** The count of the number of this particular object type present on this device. - **PCFP** An ID for the system, calculated by hashing hardware identifiers. -- **SystemMemory** The count of SystemMemory objects present on this machine. +- **SystemMemory** The count of the number of this particular object type present on this device. - **SystemProcessorCompareExchange** The count of the number of this particular object type present on this device. - **SystemProcessorLahfSahf** The count of the number of this particular object type present on this device. -- **SystemProcessorNx** The count of SystemProcessorNx objects present on this machine. -- **SystemProcessorPrefetchW** The count of SystemProcessorPrefetchW objects present on this machine. +- **SystemProcessorNx** The total number of objects of this type present on this device. +- **SystemProcessorPrefetchW** The total number of objects of this type present on this device. - **SystemProcessorSse2** The count of SystemProcessorSse2 objects present on this machine. -- **SystemTouch** The count of SystemTouch objects present on this machine. -- **SystemWim** The count of SystemWim objects present on this machine. -- **SystemWindowsActivationStatus** The count of SystemWindowsActivationStatus objects present on this machine. -- **SystemWlan** The count of the number of this particular object type present on this device. -- **Wmdrm_RS1** An ID for the system, calculated by hashing hardware identifiers. +- **SystemTouch** The count of the number of this particular object type present on this device. +- **SystemWim** The total number of objects of this type present on this device. +- **SystemWindowsActivationStatus** The count of the number of this particular object type present on this device. +- **SystemWlan** The total number of objects of this type present on this device. - **Wmdrm_RS4** The total Wmdrm objects targeting Windows 10, version 1803 present on this device. @@ -506,7 +507,7 @@ The following fields are available: ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveAdd -This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date. +This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up to date. This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). @@ -625,6 +626,7 @@ The following fields are available: - **AppraiserVersion** The version of the Appraiser file generating the events. - **Blocking** Is the device blocked from upgrade due to a BIOS block? +- **DisplayGenericMessageGated** Indicates whether a generic offer block message will be shown for the bios. - **HasBiosBlock** Does the device have a BIOS block? @@ -885,6 +887,7 @@ The following fields are available: - **AppraiserVersion** The version of the Appraiser file generating the events. - **Context** Indicates what mode Appraiser is running in. Example: Setup or Telemetry. - **PCFP** An ID for the system calculated by hashing hardware identifiers. +- **Subcontext** Indicates what categories of incompatibilities appraiser is scanning for. Can be N/A, Resolve, or a semicolon-delimited list that can include App, Dev, Sys, Gat, or Rescan. - **Time** The client time of the event. @@ -1339,7 +1342,7 @@ The following fields are available: - **AppraiserTaskExitCode** The Appraiser task exist code. - **AppraiserTaskLastRun** The last runtime for the Appraiser task. - **CensusVersion** The version of Census that generated the current data for this device. -- **IEVersion** Retrieves which version of Internet Explorer is running on this device. +- **IEVersion** The version of Internet Explorer that is running on the device. ### Census.Battery @@ -1539,20 +1542,20 @@ Provides information on several important data points about Processor settings The following fields are available: -- **KvaShadow** Microcode info of the processor. +- **KvaShadow** This is the micro code information of the processor. - **MMSettingOverride** Microcode setting of the processor. - **MMSettingOverrideMask** Microcode setting override of the processor. -- **ProcessorArchitecture** Retrieves the processor architecture of the installed operating system. The complete list of values can be found in DimProcessorArchitecture. -- **ProcessorClockSpeed** Retrieves the clock speed of the processor in MHz. -- **ProcessorCores** Retrieves the number of cores in the processor. -- **ProcessorIdentifier** The processor identifier of a manufacturer. -- **ProcessorManufacturer** Retrieves the name of the processor's manufacturer. -- **ProcessorModel** Retrieves the name of the processor model. +- **ProcessorArchitecture** Retrieves the processor architecture of the installed operating system. +- **ProcessorClockSpeed** Clock speed of the processor in MHz. +- **ProcessorCores** Number of logical cores in the processor. +- **ProcessorIdentifier** Processor Identifier of a manufacturer. +- **ProcessorManufacturer** Name of the processor manufacturer. +- **ProcessorModel** Name of the processor model. - **ProcessorPhysicalCores** Number of physical cores in the processor. -- **ProcessorUpdateRevision** Retrieves the processor architecture of the installed operating system. +- **ProcessorUpdateRevision** The microcode revision. - **ProcessorUpdateStatus** Enum value that represents the processor microcode load status -- **SocketCount** Number of physical CPU sockets of the machine. -- **SpeculationControl** If the system has enabled protections needed to validate the speculation control vulnerability. +- **SocketCount** Count of CPU sockets. +- **SpeculationControl** Indicates whether the system has enabled protections needed to validate the speculation control vulnerability. ### Census.Security @@ -2016,6 +2019,81 @@ The following fields are available: - **WDDMVersion** The Windows Display Driver Model version. +## Failover Clustering events + +### Microsoft.Windows.Server.FailoverClusteringCritical.ClusterSummary2 + +This event returns information about how many resources and of what type are in the server cluster. This data is collected to keep Windows Server safe, secure, and up to date. The data includes information about whether hardware is configured correctly, if the software is patched correctly, and assists in preventing crashes by attributing issues (like fatal errors) to workloads and system configurations. + +The following fields are available: + +- **autoAssignSite** The cluster parameter: auto site. +- **autoBalancerLevel** The cluster parameter: auto balancer level. +- **autoBalancerMode** The cluster parameter: auto balancer mode. +- **blockCacheSize** The configured size of the block cache. +- **ClusterAdConfiguration** The ad configuration of the cluster. +- **clusterAdType** The cluster parameter: mgmt_point_type. +- **clusterDumpPolicy** The cluster configured dump policy. +- **clusterFunctionalLevel** The current cluster functional level. +- **clusterGuid** The unique identifier for the cluster. +- **clusterWitnessType** The witness type the cluster is configured for. +- **countNodesInSite** The number of nodes in the cluster. +- **crossSiteDelay** The cluster parameter: CrossSiteDelay. +- **crossSiteThreshold** The cluster parameter: CrossSiteThreshold. +- **crossSubnetDelay** The cluster parameter: CrossSubnetDelay. +- **crossSubnetThreshold** The cluster parameter: CrossSubnetThreshold. +- **csvCompatibleFilters** The cluster parameter: ClusterCsvCompatibleFilters. +- **csvIncompatibleFilters** The cluster parameter: ClusterCsvIncompatibleFilters. +- **csvResourceCount** The number of resources in the cluster. +- **currentNodeSite** The name configured for the current site for the cluster. +- **dasModeBusType** The direct storage bus type of the storage spaces. +- **downLevelNodeCount** The number of nodes in the cluster that are running down-level. +- **drainOnShutdown** Specifies whether a node should be drained when it is shut down. +- **dynamicQuorumEnabled** Specifies whether dynamic Quorum has been enabled. +- **enforcedAntiAffinity** The cluster parameter: enforced anti affinity. +- **genAppNames** The win32 service name of a clustered service. +- **genSvcNames** The command line of a clustered genapp. +- **hangRecoveryAction** The cluster parameter: hang recovery action. +- **hangTimeOut** Specifies the “hang time out” parameter for the cluster. +- **isCalabria** Specifies whether storage spaces direct is enabled. +- **isMixedMode** Identifies if the cluster is running with different version of OS for nodes. +- **isRunningDownLevel** Identifies if the current node is running down-level. +- **logLevel** Specifies the granularity that is logged in the cluster log. +- **logSize** Specifies the size of the cluster log. +- **lowerQuorumPriorityNodeId** The cluster parameter: lower quorum priority node ID. +- **minNeverPreempt** The cluster parameter: minimum never preempt. +- **minPreemptor** The cluster parameter: minimum preemptor priority. +- **netftIpsecEnabled** The parameter: netftIpsecEnabled. +- **NodeCount** The number of nodes in the cluster. +- **nodeId** The current node number in the cluster. +- **nodeResourceCounts** Specifies the number of node resources. +- **nodeResourceOnlineCounts** Specifies the number of node resources that are online. +- **numberOfSites** The number of different sites. +- **numNodesInNoSite** The number of nodes not belonging to a site. +- **plumbAllCrossSubnetRoutes** The cluster parameter: plumb all cross subnet routes. +- **preferredSite** The preferred site location. +- **privateCloudWitness** Specifies whether a private cloud witness exists for this cluster. +- **quarantineDuration** The quarantine duration. +- **quarantineThreshold** The quarantine threshold. +- **quorumArbitrationTimeout** In the event of an arbitration event, this specifies the quorum timeout period. +- **resiliencyLevel** Specifies the level of resiliency. +- **resourceCounts** Specifies the number of resources. +- **resourceTypeCounts** Specifies the number of resource types in the cluster. +- **resourceTypes** Data representative of each resource type. +- **resourceTypesPath** Data representative of the DLL path for each resource type. +- **sameSubnetDelay** The cluster parameter: same subnet delay. +- **sameSubnetThreshold** The cluster parameter: same subnet threshold. +- **secondsInMixedMode** The amount of time (in seconds) that the cluster has been in mixed mode (nodes with different operating system versions in the same cluster). +- **securityLevel** The cluster parameter: security level. +- **securityLevelForStorage** The cluster parameter: security level for storage. +- **sharedVolumeBlockCacheSize** Specifies the block cache size for shared for shared volumes. +- **shutdownTimeoutMinutes** Specifies the amount of time it takes to time out when shutting down. +- **upNodeCount** Specifies the number of nodes that are up (online). +- **useClientAccessNetworksForCsv** The cluster parameter: use client access networks for CSV. +- **vmIsolationTime** The cluster parameter: VM isolation time. +- **witnessDatabaseWriteTimeout** Specifies the timeout period for writing to the quorum witness database. + + ## Fault Reporting events ### Microsoft.Windows.FaultReporting.AppCrashEvent @@ -2367,35 +2445,35 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: -- **BusReportedDescription** System-supplied GUID that uniquely groups the functional devices associated with a single-function or multifunction device installed in the computer. -- **Class** System-supplied GUID that uniquely groups the functional devices associated with a single-function or multifunction device installed in the computer. -- **ClassGuid** A unique identifier for the driver installed. -- **COMPID** Name of the .sys image file (or wudfrd.sys if using user mode driver framework). -- **ContainerId** INF file name (the name could be renamed by OS, such as oemXX.inf) -- **Description** The version of the inventory binary generating the events. -- **DeviceState** The current error code for the device. -- **DriverId** A unique identifier for the driver installed. -- **DriverName** Name of the .sys image file (or wudfrd.sys if using user mode driver framework). +- **BusReportedDescription** The description of the device reported by the bus. +- **Class** The device setup class of the driver loaded for the device. +- **ClassGuid** The device class unique identifier of the driver package loaded on the device. +- **COMPID** The list of “Compatible IDs” for this device. +- **ContainerId** The system-supplied unique identifier that specifies which group(s) the device(s) installed on the parent (main) device belong to. +- **Description** The description of the device. +- **DeviceState** Identifies the current state of the parent (main) device. +- **DriverId** The unique identifier for the installed driver. +- **DriverName** The file name of the installed driver image. - **DriverPackageStrongName** The immediate parent directory name in the Directory field of InventoryDriverPackage. -- **DriverVerDate** The date of the driver loaded for the device. -- **DriverVerVersion** The version of the driver loaded for the device. -- **Enumerator** The bus that enumerated the device. -- **HWID** List of hardware ids for the device. -- **Inf** INF file name (the name could be renamed by OS, such as oemXX.inf) -- **InstallState** Device installation state. -- **InventoryVersion** The version of the inventory binary generating the events. -- **LowerClassFilters** Lower filter class drivers IDs installed for the device. -- **LowerFilters** Lower filter drivers IDs installed for the device. -- **Manufacturer** The device manufacturer. -- **MatchingID** Represents the hardware ID or compatible ID that Windows uses to install a device instance. -- **Model** The device model. -- **ParentId** Device instance id of the parent of the device. -- **ProblemCode** The current error code for the device. -- **Provider** The device provider. -- **Service** The device service name -- **STACKID** The device service name. -- **UpperClassFilters** The list of hardware ids for the stack -- **UpperFilters** Upper filter drivers IDs installed for the device +- **DriverVerDate** The date associated with the driver installed on the device. +- **DriverVerVersion** The version number of the driver installed on the device. +- **Enumerator** Identifies the bus that enumerated the device. +- **HWID** A list of hardware IDs for the device. +- **Inf** The name of the INF file (possibly renamed by the OS, such as oemXX.inf). +- **InstallState** The device installation state. For a list of values, see: https://msdn.microsoft.com/en-us/library/windows/hardware/ff543130.aspx +- **InventoryVersion** The version number of the inventory process generating the events. +- **LowerClassFilters** The identifiers of the Lower Class filters installed for the device. +- **LowerFilters** The identifiers of the Lower filters installed for the device. +- **Manufacturer** The manufacturer of the device. +- **MatchingID** The Hardware ID or Compatible ID that Windows uses to install a device instance. +- **Model** Identifies the model of the device. +- **ParentId** The Device Instance ID of the parent of the device. +- **ProblemCode** The error code currently returned by the device, if applicable. +- **Provider** Identifies the device provider. +- **Service** The name of the device service. +- **STACKID** The list of hardware IDs for the stack. +- **UpperClassFilters** The identifiers of the Upper Class filters installed for the device. +- **UpperFilters** The identifiers of the Upper filters installed for the device. ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove @@ -2543,28 +2621,29 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: -- **AddinCLSID** The CLSID for the Office addin -- **AddInCLSID** CLSID key for the office addin -- **AddInId** Office addin ID -- **AddinType** The type of the Office addin. -- **BinFileTimestamp** Timestamp of the Office addin -- **BinFileVersion** Version of the Office addin -- **Description** Office addin description -- **FileId** FileId of the Office addin -- **FileSize** File size of the Office addin -- **FriendlyName** Friendly name for office addin -- **FullPath** Unexpanded path to the office addin -- **LoadBehavior** Uint32 that describes the load behavior -- **LoadTime** Load time for the office add in -- **OfficeApplication** The office application for this add in -- **OfficeArchitecture** Architecture of the addin -- **OfficeVersion** The office version for this add in -- **OutlookCrashingAddin** Boolean that indicates if crashes have been found for this add in -- **ProductCompany** The name of the company associated with the Office addin -- **ProductName** The product name associated with the Office addin -- **ProductVersion** The version associated with the Office addin -- **ProgramId** The unique program identifier of the Office addin -- **Provider** Name of the provider for this addin +- **AddinCLSID** The class identifier key for the Microsoft Office add-in. +- **AddInCLSID** The class identifier key for the Microsoft Office add-in. +- **AddInId** The identifier for the Microsoft Office add-in. +- **AddinType** The type of the Microsoft Office add-in. +- **BinFileTimestamp** The timestamp of the Office add-in. +- **BinFileVersion** The version of the Microsoft Office add-in. +- **Description** Description of the Microsoft Office add-in. +- **FileId** The file identifier of the Microsoft Office add-in. +- **FileSize** The file size of the Microsoft Office add-in. +- **FriendlyName** The friendly name for the Microsoft Office add-in. +- **FullPath** The full path to the Microsoft Office add-in. +- **InventoryVersion** The version of the inventory binary generating the events. +- **LoadBehavior** Integer that describes the load behavior. +- **LoadTime** Load time for the Office add-in. +- **OfficeApplication** The Microsoft Office application associated with the add-in. +- **OfficeArchitecture** The architecture of the add-in. +- **OfficeVersion** The Microsoft Office version for this add-in. +- **OutlookCrashingAddin** Indicates whether crashes have been found for this add-in. +- **ProductCompany** The name of the company associated with the Office add-in. +- **ProductName** The product name associated with the Microsoft Office add-in. +- **ProductVersion** The version associated with the Office add-in. +- **ProgramId** The unique program identifier of the Microsoft Office add-in. +- **Provider** Name of the provider for this add-in. - **Usage** Data regarding usage of the add-in. @@ -2582,6 +2661,9 @@ This event indicates that a new sync is being generated for this object type. This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIdentifiersAdd @@ -2592,6 +2674,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: +- **InventoryVersion** The version of the inventory binary generating the events. - **OAudienceData** Sub-identifier for Microsoft Office release management, identifying the pilot group for a device - **OAudienceId** Microsoft Office identifier for Microsoft Office release management, identifying the pilot group for a device - **OMID** Identifier for the Office SQM Machine @@ -2607,6 +2690,9 @@ Diagnostic event to indicate a new sync is being generated for this object type This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeIESettingsAdd @@ -2617,6 +2703,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: +- **InventoryVersion** The version of the inventory binary generating the events. - **OIeFeatureAddon** Flag indicating which Microsoft Office products have this setting enabled. The FEATURE_ADDON_MANAGEMENT feature lets applications hosting the WebBrowser Control to respect add-on management selections made using the Add-on Manager feature of Internet Explorer. Add-ons disabled by the user or by administrative group policy will also be disabled in applications that enable this feature. - **OIeMachineLockdown** Flag indicating which Microsoft Office products have this setting enabled. When the FEATURE_LOCALMACHINE_LOCKDOWN feature is enabled, Internet Explorer applies security restrictions on content loaded from the user's local machine, which helps prevent malicious behavior involving local files. - **OIeMimeHandling** Flag indicating which Microsoft Office products have this setting enabled. When the FEATURE_MIME_HANDLING feature control is enabled, Internet Explorer handles MIME types more securely. Only applies to Windows Internet Explorer 6 for Windows XP Service Pack 2 (SP2) @@ -2640,6 +2727,9 @@ Diagnostic event to indicate a new sync is being generated for this object type This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeInsightsAdd @@ -2650,6 +2740,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: +- **InventoryVersion** The version of the inventory binary generating the events. - **OfficeApplication** The name of the Office application. - **OfficeArchitecture** The bitness of the Office application. - **OfficeVersion** The version of the Office application. @@ -2670,6 +2761,9 @@ Diagnostic event to indicate a new sync is being generated for this object type This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeProductsAdd @@ -2680,6 +2774,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: +- **InventoryVersion** The version of the inventory binary generating the events. - **OC2rApps** A GUID the describes the Office Click-To-Run apps - **OC2rSkus** Comma-delimited list (CSV) of Office Click-To-Run products installed on the device. For example, Office 2016 ProPlus - **OMsiApps** Comma-delimited list (CSV) of Office MSI products installed on the device. For example, Microsoft Word @@ -2692,6 +2787,9 @@ Diagnostic event to indicate a new sync is being generated for this object type This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsAdd @@ -2704,6 +2802,7 @@ The following fields are available: - **BrowserFlags** Browser flags for Office-related products - **ExchangeProviderFlags** Office Exchange provider policies +- **InventoryVersion** The version of the inventory binary generating the events. - **SharedComputerLicensing** Office Shared Computer Licensing policies @@ -2713,6 +2812,9 @@ Diagnostic event to indicate a new sync is being generated for this object type This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAAdd @@ -2779,6 +2881,9 @@ This event indicates that a new sync is being generated for this object type. This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeVBAStartSync @@ -2787,6 +2892,9 @@ Diagnostic event to indicate a new sync is being generated for this object type This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). +The following fields are available: + +- **InventoryVersion** The version of the inventory binary generating the events. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousUUPInfoAdd @@ -2841,6 +2949,14 @@ The following fields are available: - **IndicatorValue** The indicator value. +### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove + +This event is a counterpart to InventoryMiscellaneousUexIndicatorAdd that indicates that the item has been removed. + +This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). + + + ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorStartSync This event indicates that a new set of InventoryMiscellaneousUexIndicatorAdd events will be sent. @@ -3263,6 +3379,12 @@ This event indicates an error in the updater payload. This information assists i +### Microsoft.Windows.Sediment.Info.PhaseChange + +The event indicates progress made by the updater. This information assists in keeping Windows up to date. + + + ### Microsoft.Windows.Sediment.OSRSS.CheckingOneSettings This event indicates the parameters that the Operating System Remediation System Service (OSRSS) uses for a secure ping to Microsoft to help ensure Windows is up to date. @@ -3277,6 +3399,31 @@ The following fields are available: - **Time** The system time at which the event occurred. +### Microsoft.Windows.Sediment.OSRSS.DownloadingUrl + +This event provides information about the URL from which the Operating System Remediation System Service (OSRSS) is attempting to download. This information helps ensure Windows is up to date. + +The following fields are available: + +- **AttemptNumber** The count indicating which download attempt is starting. +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which data was downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.DownloadSuccess + +This event indicates the Operating System Remediation System Service (OSRSS) successfully download data from the indicated URL. This information helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which data was downloaded. + + ### Microsoft.Windows.Sediment.OSRSS.Error This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful. @@ -3292,6 +3439,65 @@ The following fields are available: - **Time** The system time at which the event occurred. +### Microsoft.Windows.Sediment.OSRSS.ExeSignatureValidated + +This event indicates the Operating System Remediation System Service (OSRSS) successfully validated the signature of an EXE from the indicated URL. The information provided helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which the validated EXE was downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.ExtractSuccess + +This event indicates that the Operating System Remediation System Service (OSRSS) successfully extracted downloaded content. The information provided helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which the successfully extracted content was downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.NewUrlFound + +This event indicates the Operating System Remediation System Service (OSRSS) succeeded in finding a new URL to download from. This helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The new URL from which content will be downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.ProcessCreated + +This event indicates the Operating System Remediation System Service (OSRSS) created a new process to execute content downloaded from the indicated URL. This information helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The new URL from which content will be executed. + + +### Microsoft.Windows.Sediment.OSRSS.SelfUpdate + +This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version. + +The following fields are available: + +- **ServiceVersionMajor** The major version number for the component. +- **ServiceVersionMinor** The minor version number for the component. +- **Time** The system timestamp for when the event occurred. + + ### Microsoft.Windows.Sediment.OSRSS.UrlState This event indicates the state the Operating System Remediation System Service (OSRSS) is in while attempting a download from the URL. @@ -3306,6 +3512,107 @@ The following fields are available: - **Time** System timestamp the event was fired +### Microsoft.Windows.Sediment.ServiceInstaller.ApplicabilityCheckFailed + +This event returns data relating to the error state after one of the applicability checks for the installer component of the Operating System Remediation System Service (OSRSS) has failed. + +The following fields are available: + +- **CheckName** The name of the applicability check that failed. +- **InstallerVersion** The version information for the installer component. +- **Time** The system timestamp for when the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.AttemptingUpdate + +This event indicates the Operating System Remediation System Service (OSRSS) installer is attempting an update to itself. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.BinaryUpdated + +This event indicates the Operating System Remediation System Service (OSRSS) updated installer binaries with new binaries as part of its self-update process. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.InstallerLaunched + +This event indicates the Operating System Remediation System Service (OSRSS) has launched. The information provided helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.ServiceInstalled + +This event indicates the Operating System Remediation System Service (OSRSS) successfully installed the Installer Component. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.ServiceRestarted + +This event indicates the Operating System Remediation System Service (OSRSS) has restarted after installing an updated version of itself. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.ServiceStarted + +This event indicates the Operating System Remediation System Service (OSRSS) has started after installing an updated version of itself. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.ServiceStopped + +This event indicates the Operating System Remediation System Service (OSRSS) was stopped by a self-updated to install an updated version of itself. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.UpdaterCompleted + +This event indicates the Operating System Remediation System Service (OSRSS) successfully completed the self-update operation. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.UpdaterLaunched + +This event indicates the Operating System Remediation System Service (OSRSS) successfully launched the self-updater after downloading it. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + ### Microsoft.Windows.SedimentLauncher.Applicable Indicates whether a given plugin is applicable. @@ -3642,7 +3949,7 @@ The following fields are available: - **EventInstanceID** A unique identifier for event instance. - **EventScenario** Indicates the purpose of sending this event – whether because the software distribution just started checking for content, or whether it was cancelled, succeeded, or failed. - **HandlerReasons** If an action has been assessed as inapplicable, the installer technology-specific logic prevented it. -- **ServiceGuid** A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.) +- **ServiceGuid** A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.). - **StandardReasons** If an action has been assessed as inapplicable, the standard logic the prevented it. - **StatusCode** Result code of the event (success, cancellation, failure code HResult). - **UpdateID** A unique identifier for the action being acted upon. @@ -3708,7 +4015,7 @@ The following fields are available: - **EventScenario** Indicates the purpose of sending this event – whether because the software distribution just started checking for content, or whether it was cancelled, succeeded, or failed. - **FailedParseActions** The list of actions that were not successfully parsed. - **ParsedActions** The list of actions that were successfully parsed. -- **ServiceGuid** A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.) +- **ServiceGuid** A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.). - **WUDeviceID** The unique identifier controlled by the software distribution client. @@ -3797,50 +4104,81 @@ The following fields are available: - **WUDeviceID** The unique identifier of a specific device, used to identify how many devices are encountering success or a particular issue. -### SoftwareUpdateClientTelemetry.Download +### SoftwareUpdateClientTelemetry.Commit -Download process event for target update on Windows Update client (see eventscenario field for specifics, e.g.: started/failed/succeeded) +This event tracks the commit process post the update installation when software update client is trying to update the device. The following fields are available: -- **ActiveDownloadTime** Number of seconds the update was actively being downloaded. -- **AppXBlockHashValidationFailureCount** A count of the number of blocks that have failed validation after being downloaded. -- **AppXDownloadScope** Indicates the scope of the download for application content. For streaming install scenarios, AllContent - non-streaming download, RequiredOnly - streaming download requested content required for launch, AutomaticOnly - streaming download requested automatic streams for the app, and Unknown - for events sent before download scope is determined by the Windows Update client. - **BiosFamily** The family of the BIOS (Basic Input Output System). - **BiosName** The name of the device BIOS. - **BiosReleaseDate** The release date of the device BIOS. - **BiosSKUNumber** The sku number of the device BIOS. - **BIOSVendor** The vendor of the BIOS. - **BiosVersion** The version of the BIOS. -- **BundleBytesDownloaded** Number of bytes downloaded for the specific content bundle. - **BundleId** Identifier associated with the specific content bundle; should not be all zeros if the bundleID was found. +- **BundleRevisionNumber** Identifies the revision number of the content bundle +- **CallerApplicationName** The name provided by the caller who initiated API calls into the software distribution client +- **ClientVersion** The version number of the software distribution client. +- **DeviceModel** What is the device model. +- **EventInstanceID** A globally unique identifier for event instance. +- **EventScenario** State of call +- **EventType** Possible values are "Child", "Bundle", or "Driver". +- **FlightId** The specific id of the flight the device is getting +- **HandlerType** Indicates the kind of content (app, driver, windows patch, etc.) +- **RevisionNumber** Unique revision number of Update +- **ServerId** Identifier for the service to which the software distribution client is connecting, such as Windows Update and Microsoft Store. +- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc) +- **SystemBIOSMajorRelease** Major version of the BIOS. +- **SystemBIOSMinorRelease** Minor version of the BIOS. +- **UpdateId** Unique Update ID +- **WUDeviceID** UniqueDeviceID + + +### SoftwareUpdateClientTelemetry.Download + +Download process event for target update on Windows Update client (see eventscenario field for specifics, e.g.: started/failed/succeeded) + +The following fields are available: + +- **ActiveDownloadTime** How long the download took, in seconds, excluding time where the update wasn't actively being downloaded. +- **AppXBlockHashValidationFailureCount** A count of the number of blocks that have failed validation after being downloaded. +- **AppXDownloadScope** Indicates the scope of the download for application content. +- **BiosFamily** The family of the BIOS (Basic Input Output System). +- **BiosName** The name of the device BIOS. +- **BiosReleaseDate** The release date of the device BIOS. +- **BiosSKUNumber** The SKU number of the device BIOS. +- **BIOSVendor** The vendor of the BIOS. +- **BiosVersion** The version of the BIOS. +- **BundleBytesDownloaded** Number of bytes downloaded for the specific content bundle. +- **BundleId** Identifier associated with the specific content bundle. - **BundleRepeatFailFlag** Indicates whether this particular update bundle had previously failed to download. - **BundleRevisionNumber** Identifies the revision number of the content bundle. - **BytesDownloaded** Number of bytes that were downloaded for an individual piece of content (not the entire bundle). -- **CachedEngineVersion** For self-initiated healing, the version of the SIH engine that is cached on the device. If the SIH engine does not exist, the value is null. -- **CallerApplicationName** The name provided by the caller who initiated API calls into the software distribution client. -- **CbsDownloadMethod** Indicates whether the download was a full-file download or a partial/delta download. +- **CachedEngineVersion** The version of the “Self-Initiated Healing” (SIH) engine that is cached on the device, if applicable. +- **CallerApplicationName** The name provided by the application that initiated API calls into the software distribution client. +- **CbsDownloadMethod** Indicates whether the download was a full- or a partial-file download. - **CDNCountryCode** Two letter country abbreviation for the Content Distribution Network (CDN) location. - **CDNId** ID which defines which CDN the software distribution client downloaded the content from. - **ClientVersion** The version number of the software distribution client. - **CurrentMobileOperator** The mobile operator the device is currently connected to. -- **DeviceModel** What is the device model. +- **DeviceModel** The model of the device. - **DownloadPriority** Indicates whether a download happened at background, normal, or foreground priority. -- **DownloadScenarioId** A unique ID for a given download used to tie together WU and DO events. -- **DownloadType** Differentiates the download type of SIH downloads between Metadata and Payload downloads. +- **DownloadScenarioId** A unique ID for a given download, used to tie together Windows Update and Delivery Optimizer events. +- **DownloadType** Differentiates the download type of “Self-Initiated Healing” (SIH) downloads between Metadata and Payload downloads. - **EventInstanceID** A globally unique identifier for event instance. -- **EventScenario** Indicates the purpose of sending this event - whether because the software distribution just started downloading content, or whether it was cancelled, succeeded, or failed. -- **EventType** Possible values are Child, Bundle, or Driver. +- **EventScenario** Indicates the purpose for sending this event: whether because the software distribution just started downloading content; or whether it was cancelled, succeeded, or failed. +- **EventType** Identifies the type of the event (Child, Bundle, or Driver). - **ExtendedStatusCode** Secondary error code for certain scenarios where StatusCode wasn't specific enough. - **FeatureUpdatePause** Indicates whether feature OS updates are paused on the device. - **FlightBranch** The branch that a device is on if participating in flighting (pre-release builds). - **FlightBuildNumber** If this download was for a flight (pre-release build), this indicates the build number of that flight. -- **FlightId** The specific ID of the flight (pre-release build) the device is getting. +- **FlightId** The specific id of the flight (pre-release build) the device is getting. - **FlightRing** The ring (speed of getting builds) that a device is on if participating in flighting (pre-release builds). - **HandlerType** Indicates what kind of content is being downloaded (app, driver, windows patch, etc.). - **HardwareId** If this download was for a driver targeted to a particular device model, this ID indicates the model of the device. - **HomeMobileOperator** The mobile operator that the device was originally intended to work with. -- **HostName** The hostname URL the content is downloading from. +- **HostName** The parent URL the content is downloading from. - **IPVersion** Indicates whether the download took place over IPv4 or IPv6. - **IsDependentSet** Indicates whether a driver is a part of a larger System Hardware/Firmware Update - **IsWUfBDualScanEnabled** Indicates if Windows Update for Business dual scan is enabled on the device. @@ -3851,25 +4189,25 @@ The following fields are available: - **PhonePreviewEnabled** Indicates whether a phone was opted-in to getting preview builds, prior to flighting (pre-release builds) being introduced. - **ProcessName** The process name of the caller who initiated API calls, in the event where CallerApplicationName was not provided. - **QualityUpdatePause** Indicates whether quality OS updates are paused on the device. -- **RelatedCV** The previous Correlation Vector that was used before swapping with a new one. +- **RelatedCV** The previous Correlation Vector that was used before swapping with a new one - **RepeatFailFlag** Indicates whether this specific piece of content had previously failed to download. -- **RevisionNumber** Identifies the revision number of this specific piece of content. -- **ServiceGuid** An ID that represents which service the software distribution client is installing content for (Windows Update, Microsoft Store, etc.). -- **Setup360Phase** If the download is for an operating system upgrade, this datapoint indicates which phase of the upgrade is underway. -- **ShippingMobileOperator** The mobile operator that a device shipped on. +- **RevisionNumber** The revision number of the specified piece of content. +- **ServiceGuid** A unique identifier for the service that the software distribution client is installing content for (Windows Update, Windows Store, etc.). +- **Setup360Phase** Identifies the active phase of the upgrade download if the current download is for an Operating System upgrade. +- **ShippingMobileOperator** The mobile operator linked to the device when the device shipped. - **StatusCode** Indicates the result of a Download event (success, cancellation, failure code HResult). - **SystemBIOSMajorRelease** Major version of the BIOS. - **SystemBIOSMinorRelease** Minor version of the BIOS. - **TargetGroupId** For drivers targeted to a specific device model, this ID indicates the distribution group of devices receiving that driver. - **TargetingVersion** For drivers targeted to a specific device model, this is the version number of the drivers being distributed to the device. -- **TargetMetadataVersion** For self-initiated healing, this is the target version of the SIH engine to download (if needed). If not, the value is null. +- **TargetMetadataVersion** The version of the currently downloading (or most recently downloaded) package. - **ThrottlingServiceHResult** Result code (success/failure) while contacting a web service to determine whether this device should download content yet. -- **TimeToEstablishConnection** Time (in ms) it took to establish the connection prior to beginning downloaded. -- **TotalExpectedBytes** The total count of bytes that the download is expected to be. +- **TimeToEstablishConnection** Time (in milliseconds) it took to establish the connection prior to beginning downloaded. +- **TotalExpectedBytes** The total size (in Bytes) expected to be downloaded. - **UpdateId** An identifier associated with the specific piece of content. - **UpdateID** An identifier associated with the specific piece of content. -- **UpdateImportance** Indicates whether a piece of content was marked as Important, Recommended, or Optional. -- **UsedDO** Whether the download used the delivery optimization service. +- **UpdateImportance** Indicates whether the content was marked as Important, Recommended, or Optional. +- **UsedDO** Indicates whether the download used the Delivery Optimization (DO) service. - **UsedSystemVolume** Indicates whether the content was downloaded to the device's main system storage drive, or an alternate storage drive. - **WUDeviceID** The unique identifier of a specific device, used to identify how many devices are encountering success or a particular issue. @@ -3941,14 +4279,14 @@ The following fields are available: - **BIOSVendor** The vendor of the BIOS. - **BiosVersion** The version of the BIOS. - **BundleId** Identifier associated with the specific content bundle; should not be all zeros if the bundleID was found. -- **BundleRepeatFailFlag** Has this particular update bundle previously failed to install? +- **BundleRepeatFailFlag** Indicates whether this particular update bundle previously failed to install. - **BundleRevisionNumber** Identifies the revision number of the content bundle. - **CachedEngineVersion** For self-initiated healing, the version of the SIH engine that is cached on the device. If the SIH engine does not exist, the value is null. - **CallerApplicationName** The name provided by the caller who initiated API calls into the software distribution client. - **ClientVersion** The version number of the software distribution client. - **CSIErrorType** The stage of CBS installation where it failed. -- **CurrentMobileOperator** Mobile operator that device is currently connected to. -- **DeviceModel** What is the device model. +- **CurrentMobileOperator** The mobile operator to which the device is currently connected. +- **DeviceModel** The device model. - **DriverPingBack** Contains information about the previous driver and system state. - **EventInstanceID** A globally unique identifier for event instance. - **EventScenario** Indicates the purpose of sending this event - whether because the software distribution just started installing content, or whether it was cancelled, succeeded, or failed. @@ -3964,21 +4302,21 @@ The following fields are available: - **HardwareId** If this install was for a driver targeted to a particular device model, this ID indicates the model of the device. - **HomeMobileOperator** The mobile operator that the device was originally intended to work with. - **IntentPFNs** Intended application-set metadata for atomic update scenarios. -- **IsDependentSet** Is the driver part of a larger System Hardware/Firmware update? -- **IsFinalOutcomeEvent** Does this event signal the end of the update/upgrade process? -- **IsFirmware** Is this update a firmware update? -- **IsSuccessFailurePostReboot** Did it succeed and then fail after a restart? +- **IsDependentSet** Indicates whether the driver is part of a larger System Hardware/Firmware update. +- **IsFinalOutcomeEvent** Indicates whether this event signals the end of the update/upgrade process. +- **IsFirmware** Indicates whether this update is a firmware update. +- **IsSuccessFailurePostReboot** Indicates whether the update succeeded and then failed after a restart. - **IsWUfBDualScanEnabled** Is Windows Update for Business dual scan enabled on the device? - **IsWUfBEnabled** Indicates whether Windows Update for Business is enabled on the device. -- **MergedUpdate** Was the OS update and a BSP update merged for installation? +- **MergedUpdate** Indicates whether the OS update and a BSP update merged for installation. - **MsiAction** The stage of MSI installation where it failed. - **MsiProductCode** The unique identifier of the MSI installer. - **PackageFullName** The package name of the content being installed. - **PhonePreviewEnabled** Indicates whether a phone was getting preview build, prior to flighting being introduced. -- **ProcessName** The process name of the caller who initiated API calls, in the event where CallerApplicationName was not provided. -- **QualityUpdatePause** Are quality OS updates paused on the device? +- **ProcessName** The process name of the caller who initiated API calls, in the event that CallerApplicationName was not provided. +- **QualityUpdatePause** Indicates whether quality OS updates are paused on the device. - **RelatedCV** The previous Correlation Vector that was used before swapping with a new one -- **RepeatFailFlag** Indicates whether this specific piece of content had previously failed to install. +- **RepeatFailFlag** Indicates whether this specific piece of content previously failed to install. - **RevisionNumber** The revision number of this specific piece of content. - **ServiceGuid** An ID which represents which service the software distribution client is installing content for (Windows Update, Microsoft Store, etc.). - **Setup360Phase** If the install is for an operating system upgrade, indicates which phase of the upgrade is underway. @@ -3988,8 +4326,8 @@ The following fields are available: - **SystemBIOSMinorRelease** Minor version of the BIOS. - **TargetGroupId** For drivers targeted to a specific device model, this ID indicates the distribution group of devices receiving that driver. - **TargetingVersion** For drivers targeted to a specific device model, this is the version number of the drivers being distributed to the device. -- **TransactionCode** The ID which represents a given MSI installation -- **UpdateId** Unique update ID +- **TransactionCode** The ID that represents a given MSI installation. +- **UpdateId** Unique update ID. - **UpdateID** An identifier associated with the specific piece of content. - **UpdateImportance** Indicates whether a piece of content was marked as Important, Recommended, or Optional. - **UsedSystemVolume** Indicates whether the content was downloaded and then installed from the device's main system storage drive, or an alternate storage drive. @@ -4020,7 +4358,7 @@ The following fields are available: - **EndpointUrl** The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments. - **EventScenario** The purpose of this event, such as scan started, scan succeeded, or scan failed. - **ExtendedStatusCode** The secondary status code of the event. -- **LeafCertId** Integral ID from the FragmentSigning data for certificate that failed. +- **LeafCertId** The integral ID from the FragmentSigning data for the certificate that failed. - **ListOfSHA256OfIntermediateCerData** A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate. - **MetadataIntegrityMode** The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce - **MetadataSignature** A base64-encoded string of the signature associated with the update metadata (specified by revision ID). @@ -4031,7 +4369,7 @@ The following fields are available: - **ServiceGuid** Identifies the service to which the software distribution client is connected, Example: Windows Update or Microsoft Store - **SHA256OfLeafCerData** A base64 encoding of the hash for the Base64CerData in the FragmentSigning data of the leaf certificate. - **SHA256OfLeafCertPublicKey** A base64 encoding of the hash of the Base64CertData in the FragmentSigning data of the leaf certificate. -- **SHA256OfTimestampToken** A base64-encoded string of hash of the timestamp token blob. +- **SHA256OfTimestampToken** An encoded string of the timestamp token. - **SignatureAlgorithm** The hash algorithm for the metadata signature. - **SLSPrograms** A test program to which a device may have opted in. Example: Insider Fast - **StatusCode** The status code of the event. @@ -4282,6 +4620,7 @@ The following fields are available: - **FlightId** Unique ID for each flight. - **InternalFailureResult** Indicates a non-fatal error from a plugin. - **ObjectId** Unique value for each Update Agent mode (same concept as InstanceId for Setup360). +- **PackageCategoriesSkipped** Indicates package categories that were skipped, if applicable. - **PackageCountOptional** # of optional packages requested. - **PackageCountRequired** # of required packages requested. - **PackageCountTotal** Total # of packages needed. @@ -4519,36 +4858,36 @@ The following fields are available: - **CV** Correlation vector. - **DetectorVersion** Most recently run detector version for the current campaign. - **GlobalEventCounter** Client side counter that indicates the ordering of events sent by this user. -- **key1** UI interaction data -- **key10** UI interaction data -- **key11** UI interaction data -- **key12** UI interaction data -- **key13** UI interaction data -- **key14** UI interaction data -- **key15** UI interaction data -- **key16** UI interaction data -- **key17** UI interaction data -- **key18** UI interaction data -- **key19** UI interaction data -- **key2** UI interaction data -- **key20** UI interaction data -- **key21** UI interaction data -- **key22** UI interaction data -- **key23** UI interaction data -- **key24** UI interaction data -- **key25** UI interaction data -- **key26** UI interaction data -- **key27** UI interaction data -- **key28** UI interaction data -- **key29** UI interaction data -- **key3** UI interaction data -- **key30** UI interaction data -- **key4** UI interaction data -- **key5** UI interaction data -- **key6** UI interaction data -- **key7** UI interaction data -- **key8** UI interaction data -- **key9** UI interaction data +- **key1** UI interaction data. +- **key10** UI interaction data. +- **key11** UI interaction data. +- **key12** UI interaction data. +- **key13** UI interaction data. +- **key14** UI interaction data. +- **key15** UI interaction data. +- **key16** UI interaction data. +- **key17** UI interaction data. +- **key18** UI interaction data. +- **key19** UI interaction data. +- **key2** UI interaction data. +- **key20** UI interaction data. +- **key21** UI interaction data. +- **key22** UI interaction data. +- **key23** UI interaction data. +- **key24** The interaction data for the user interface. +- **key25** The interaction data for the user interface. +- **key26** The interaction data for the user interface. +- **key27** The interaction data for the user interface. +- **key28** The interaction data for the user interface. +- **key29** UI interaction data. +- **key3** UI interaction data. +- **key30** UI interaction data. +- **key4** UI interaction data. +- **key5** UI interaction data. +- **key6** UI interaction data. +- **key7** UI interaction data. +- **key8** UI interaction data. +- **key9** UI interaction data. - **PackageVersion** Current package version of the update notification. - **schema** UI interaction type. @@ -4643,6 +4982,12 @@ This event indicates whether devices received additional or critical supplementa +### FacilitatorTelemetry.InitializeDU + +This event determines whether devices received additional or critical supplemental content during an OS upgrade. + + + ### Setup360Telemetry.Downlevel This event sends data indicating that the device has started the downlevel phase of the upgrade, to help keep Windows up-to-date and secure. @@ -4734,6 +5079,7 @@ This event sends data indicating that the device has invoked the predownload qui The following fields are available: - **ClientId** Using Windows Update, this will be the Windows Update client ID that is passed to Setup. In Media setup, default value is Media360, but can be overwritten by the caller to a unique value. +- **FlightData** Unique value that identifies the flight. - **HostOSBuildNumber** The build number of the previous OS. - **HostOsSkuName** The OS edition which is running Setup360 instance (previous operating system). - **InstanceId** A unique GUID that identifies each instance of setuphost.exe. @@ -4848,6 +5194,17 @@ This event sends a summary of all the setup mitigations available for this updat This event collects information regarding the post reboot phase of the new UUP (Unified Update Platform) update scenario; which is leveraged by both Mobile and Desktop. +The following fields are available: + +- **ClientId** The Windows Update client ID passed to Setup. +- **Count** The count of applicable OneSettings for the device. +- **FlightData** The ID for the flight (test instance version). +- **InstanceId** The GUID (Globally-Unique ID) that identifies each instance of setuphost.exe. +- **Parameters** The set of name value pair parameters sent to OneSettings to determine if there are any applicable OneSettings. +- **ReportId** The Update ID passed to Setup. +- **Result** The HResult of the event error. +- **ScenarioId** The update scenario ID. +- **Values** Values sent back to the device, if applicable. ### Setup360Telemetry.UnexpectedEvent @@ -4908,17 +5265,17 @@ This event provides the results from the WaaSMedic engine The following fields are available: - **detectionSummary** Result of each applicable detection that was run. -- **featureAssessmentImpact** WaaS Assessment impact for feature updates. +- **featureAssessmentImpact** Windows as a Service (WaaS) Assessment impact on feature updates - **hrEngineResult** Indicates the WaaSMedic engine operation error codes -- **insufficientSessions** Device not eligible for diagnostics. -- **isManaged** Device is managed for updates. -- **isWUConnected** Device is connected to Windows Update. -- **noMoreActions** No more applicable diagnostics. -- **qualityAssessmentImpact** WaaS Assessment impact for quality updates. +- **insufficientSessions** True, if the device has enough activity to be eligible for update diagnostics. False, if otherwise +- **isManaged** Indicates the device is managed for updates +- **isWUConnected** Indicates the device is connected to Windows Update +- **noMoreActions** All available WaaSMedic diagnostics have run. There are no pending diagnostics and corresponding actions +- **qualityAssessmentImpact** Windows as a Service (WaaS) Assessment impact for quality updates - **remediationSummary** Result of each operation performed on a device to fix an invalid state or configuration that's preventing the device from getting updates. For example, if Windows Update service is turned off, the fix is to turn the it back on. -- **usingBackupFeatureAssessment** Relying on backup feature assessment. -- **usingBackupQualityAssessment** Relying on backup quality assessment. -- **versionString** Version of the WaaSMedic engine. +- **usingBackupFeatureAssessment** The WaaSMedic engine contacts Windows as a Service (WaaS) Assessment to determine whether the device is up-to-date. If WaaS Assessment isn't available, the engine falls back to backup feature assessments, which are determined programmatically on the client +- **usingBackupQualityAssessment** The WaaSMedic engine contacts Windows as a Service (WaaS) Assessment to determine whether the device is up-to-date. If WaaS Assessment isn't available, the engine falls back to backup quality assessments, which are determined programmatically on the client +- **versionString** Installed version of the WaaSMedic engine ## Windows Error Reporting events @@ -4941,7 +5298,7 @@ The following fields are available: - **ReportId** WER Report Id associated with this bug check (used for finding the corresponding report archive in Watson). -## Microsoft Store events +## Windows Store events ### Microsoft.Windows.Store.Partner.ReportApplication @@ -5446,7 +5803,7 @@ The following fields are available: - **bytesRequested** Number of bytes requested for the download. - **callerName** Name of the API caller. - **cdnUrl** The URL of the source CDN. -- **clientTelId** A random number used for device sampling. +- **clientTelId** Random number used for device selection - **costFlags** A set of flags representing network cost. - **deviceProfile** Identifies the usage or form factor (such as Desktop, Xbox, or VM). - **diceRoll** Random number used for determining if a client will use peering. @@ -5579,14 +5936,14 @@ This event collects information regarding the install phase of the new device ma The following fields are available: -- **errorCode** The error code returned for the current install phase -- **flightId** The unique identifier for each flight -- **objectId** Unique value for each Update Agent mode -- **relatedCV** Correlation vector value generated from the latest scan -- **result** Result of the install phase of update. 0 = Succeeded 1 = Failed, 2 = Cancelled, 3 = Blocked, 4 = BlockCancelled +- **errorCode** The error code returned for the current install phase. +- **flightId** The unique identifier for each flight (pre-release builds). +- **objectId** Unique value for each diagnostics session. +- **relatedCV** Correlation vector value generated from the latest scan. +- **result** Outcome of the install phase of the update. - **scenarioId** The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate -- **sessionId** Unique value for each Update Agent mode attempt -- **updateId** Unique ID for each update +- **sessionId** Unique value for each update session. +- **updateId** Unique ID for each Update. ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentModeStart @@ -5595,13 +5952,13 @@ This event sends data for the start of each mode during the process of updating The following fields are available: -- **flightId** The unique identifier for each flight -- **mode** Indicates that the Update Agent mode that has started. 1 = Initialize, 2 = DownloadRequest, 3 = Install, 4 = Commit -- **objectId** Unique value for each Update Agent mode -- **relatedCV** Correlation vector value generated from the latest scan +- **flightId** The unique identifier for each flight (pre-release builds). +- **mode** Indicates the active Update Agent mode. +- **objectId** Unique value for each diagnostics session. +- **relatedCV** Correlation vector value generated from the latest scan. - **scenarioId** The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate -- **sessionId** Unique value for each Update Agent mode attempt -- **updateId** Unique ID for each update +- **sessionId** The unique identifier for each update session. +- **updateId** The unique identifier for each Update. ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed @@ -5610,6 +5967,18 @@ This event indicates that a notification dialog box is about to be displayed to +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootAcceptAutoDialog + +This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed. + + + +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootFirstReminderDialog + +This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed. + + + ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootRebootFailedDialog This event indicates that the Enhanced Engaged restart "restart failed" dialog box was displayed. @@ -5622,6 +5991,18 @@ This event indicates that the Enhanced Engaged restart "restart imminent" dialog +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootSecondReminderDialog + +This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart. + + + +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootThirdReminderDialog + +This event indicates that the third reminder dialog box for Enhanced Engaged restart was displayed. + + + ### Microsoft.Windows.Update.NotificationUx.RebootScheduled Indicates when a reboot is scheduled by the system or a user for a security, quality, or feature update. @@ -5646,6 +6027,12 @@ This event indicates a policy is present that may restrict update activity to ou +### Microsoft.Windows.Update.Orchestrator.AttemptImmediateReboot + +This event sends data when the Windows Update Orchestrator is set to reboot immediately after installing the update. + + + ### Microsoft.Windows.Update.Orchestrator.BlockedByActiveHours This event indicates that update activity was blocked because it is within the active hours window. @@ -5680,17 +6067,17 @@ This event indicates that a scan for a Windows Update occurred. The following fields are available: -- **deferReason** Reason why the device could not check for updates. -- **detectionBlockreason** Reason for detection not completing. +- **deferReason** The reason why the device could not check for updates. +- **detectionBlockreason** The reason detection did not complete. - **detectionRetryMode** Indicates whether we will try to scan again. -- **errorCode** The returned error code. +- **errorCode** The error code returned for the current process. - **eventScenario** End-to-end update session ID, or indicates the purpose of sending this event - whether because the software distribution just started installing content, or whether it was cancelled, succeeded, or failed. -- **flightID** The specific ID of the Windows Insider build the device is getting. -- **interactive** Indicates whether the session was user initiated. -- **revisionNumber** Update revision number. -- **updateId** Update ID. -- **updateScenarioType** Device ID -- **wuDeviceid** Unique device ID used by Windows Update. +- **flightID** The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable. +- **interactive** Indicates whether the user initiated the session. +- **revisionNumber** The Update revision number. +- **updateId** The unique identifier of the Update. +- **updateScenarioType** Identifies the type of update session being performed. +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded @@ -5780,7 +6167,7 @@ The following fields are available: - **deferReason** Reason for install not completing. - **errorCode** The error code reppresented by a hexadecimal value. - **eventScenario** End-to-end update session ID. -- **flightID** The specific ID of the Windows Insider build the device is getting. +- **flightID** The ID of the Windows Insider build the device is getting. - **flightUpdate** Indicates whether the update is a Windows Insider build. - **ForcedRebootReminderSet** A boolean value that indicates if a forced reboot will happen for updates. - **installCommitfailedtime** The time it took for a reboot to happen but the upgrade failed to progress. @@ -5826,15 +6213,21 @@ This event is sent after a Windows update install completes. The following fields are available: -- **batteryLevel** Current battery capacity in mWh or percentage left. -- **bundleId** Identifier associated with the specific content bundle. +- **batteryLevel** Current battery capacity in megawatt-hours (mWh) or percentage left. +- **bundleId** The unique identifier associated with the specific content bundle. - **bundleRevisionnumber** Identifies the revision number of the content bundle. - **errorCode** The error code returned for the current phase. - **eventScenario** State of update action. -- **flightID** Update session type +- **flightID** The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable. - **sessionType** The Windows Update session type (Interactive or Background). -- **updateScenarioType** The update session type. -- **wuDeviceid** Unique device ID used by Windows Update. +- **updateScenarioType** Identifies the type of Update session being performed. +- **wuDeviceid** The unique device identifier used by Windows Update. + + +### Microsoft.Windows.Update.Orchestrator.PowerMenuOptionsChanged + +This event is sent when the options in power menu changed, usually due to an update pending reboot, or after a update is installed. + ### Microsoft.Windows.Update.Orchestrator.PreShutdownStart @@ -6055,7 +6448,7 @@ The following fields are available: - **scheduledRebootTime** Time scheduled for the reboot. - **scheduledRebootTimeInUTC** Time scheduled for the reboot, in UTC. - **updateId** Identifies which update is being scheduled. -- **wuDeviceid** Unique device ID used by Windows Update. +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerFirstReadyToReboot @@ -6101,24 +6494,32 @@ This event sends data specific to the CleanupSafeOsImages mitigation used for OS The following fields are available: -- **ClientId** In the WU scenario, this will be the WU client ID that is passed to Setup. In Media setup, default value is Media360, but can be overwritten by the caller to a unique value. -- **FlightId** Unique identifier for each flight. -- **InstanceId** Unique GUID that identifies each instances of setuphost.exe. +- **ClientId** The client ID used by Windows Update. +- **FlightId** The ID of each Windows Insider build the device received. +- **InstanceId** A unique device ID that identifies each update instance. - **MitigationScenario** The update scenario in which the mitigation was executed. -- **MountedImageCount** Number of mounted images. -- **MountedImageMatches** Number of mounted images that were under %systemdrive%\$Windows.~BT. -- **MountedImagesFailed** Number of mounted images under %systemdrive%\$Windows.~BT that could not be removed. -- **MountedImagesRemoved** Number of mounted images under %systemdrive%\$Windows.~BT that were successfully removed. -- **MountedImagesSkipped** Number of mounted images that were not under %systemdrive%\$Windows.~BT. -- **RelatedCV** Correlation vector value generated from the latest USO scan. +- **MountedImageCount** The number of mounted images. +- **MountedImageMatches** The number of mounted image matches. +- **MountedImagesFailed** The number of mounted images that could not be removed. +- **MountedImagesRemoved** The number of mounted images that were successfully removed. +- **MountedImagesSkipped** The number of mounted images that were not found. +- **RelatedCV** The correlation vector value generated from the latest USO scan. - **Result** HResult of this operation. - **ScenarioId** ID indicating the mitigation scenario. - **ScenarioSupported** Indicates whether the scenario was supported. - **SessionId** Unique value for each update attempt. -- **UpdateId** Unique ID for each Update. +- **UpdateId** Unique ID for each Windows Update. - **WuId** Unique ID for the Windows Update client. +## Windows Update Reserve Manager events + +### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. + + + ## Winlogon events ### Microsoft.Windows.Security.Winlogon.SetupCompleteLogon diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md index c8a8b09e66..e3c6418b17 100644 --- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md +++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md @@ -7,9 +7,13 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security localizationpriority: high +audience: ITPro author: brianlic-msft ms.author: brianlic -ms.date: 12/13/2018 +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article +ms.date: 02/15/2019 --- @@ -47,55 +51,55 @@ This event lists the types of objects and how many of each exist on the client d The following fields are available: - **DatasourceApplicationFile_RS1** An ID for the system, calculated by hashing hardware identifiers. -- **DatasourceApplicationFile_RS3** The total DecisionApplicationFile objects targeting the next release of Windows on this device. +- **DatasourceApplicationFile_RS3** The count of the number of this particular object type present on this device. - **DatasourceApplicationFile_RS5** The count of the number of this particular object type present on this device. - **DatasourceDevicePnp_RS1** The total DataSourceDevicePnp objects targeting Windows 10 version 1607 on this device. -- **DatasourceDevicePnp_RS3** The total DatasourceDevicePnp objects targeting the next release of Windows on this device. +- **DatasourceDevicePnp_RS3** The count of the number of this particular object type present on this device. - **DatasourceDevicePnp_RS5** The count of the number of this particular object type present on this device. - **DatasourceDriverPackage_RS1** The total DataSourceDriverPackage objects targeting Windows 10 version 1607 on this device. -- **DatasourceDriverPackage_RS3** The total DatasourceDriverPackage objects targeting the next release of Windows on this device. +- **DatasourceDriverPackage_RS3** The count of the number of this particular object type present on this device. - **DatasourceDriverPackage_RS5** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_RS1** The total DataSourceMatchingInfoBlock objects targeting Windows 10 version 1607 on this device. -- **DataSourceMatchingInfoBlock_RS3** The total DataSourceMatchingInfoBlock objects targeting the next release of Windows on this device. +- **DataSourceMatchingInfoBlock_RS3** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_RS5** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPassive_RS1** The total DataSourceMatchingInfoPassive objects targeting Windows 10 version 1607 on this device. -- **DataSourceMatchingInfoPassive_RS3** The total DataSourceMatchingInfoPassive objects targeting the next release of Windows on this device. +- **DataSourceMatchingInfoPassive_RS3** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPassive_RS5** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPostUpgrade_RS1** The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1607 on this device. -- **DataSourceMatchingInfoPostUpgrade_RS3** The total DataSourceMatchingInfoPostUpgrade objects targeting the next release of Windows on this device. +- **DataSourceMatchingInfoPostUpgrade_RS3** The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1709 on this device. - **DataSourceMatchingInfoPostUpgrade_RS5** The count of the number of this particular object type present on this device. - **DatasourceSystemBios_RS1** The total DatasourceSystemBios objects targeting Windows 10 version 1607 present on this device. -- **DatasourceSystemBios_RS3** The total DatasourceSystemBios objects targeting the next release of Windows on this device. +- **DatasourceSystemBios_RS3** The total DatasourceSystemBios objects targeting Windows 10 version 1709 present on this device. - **DatasourceSystemBios_RS5** The count of the number of this particular object type present on this device. - **DatasourceSystemBios_RS5Setup** The count of the number of this particular object type present on this device. - **DecisionApplicationFile_RS1** An ID for the system, calculated by hashing hardware identifiers. -- **DecisionApplicationFile_RS3** The total DecisionApplicationFile objects targeting the next release of Windows on this device. +- **DecisionApplicationFile_RS3** The count of the number of this particular object type present on this device. - **DecisionApplicationFile_RS5** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_RS1** The total DecisionDevicePnp objects targeting Windows 10 version 1607 on this device. -- **DecisionDevicePnp_RS3** The total DecisionDevicePnp objects targeting the next release of Windows on this device. +- **DecisionDevicePnp_RS3** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_RS5** The count of the number of this particular object type present on this device. - **DecisionDriverPackage_RS1** The total DecisionDriverPackage objects targeting Windows 10 version 1607 on this device. -- **DecisionDriverPackage_RS3** The total DecisionDriverPackage objects targeting the next release of Windows on this device. +- **DecisionDriverPackage_RS3** The count of the number of this particular object type present on this device. - **DecisionDriverPackage_RS5** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoBlock_RS1** The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1607 present on this device. -- **DecisionMatchingInfoBlock_RS3** The total DecisionMatchingInfoBlock objects targeting the next release of Windows on this device. +- **DecisionMatchingInfoBlock_RS3** The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1709 present on this device. - **DecisionMatchingInfoBlock_RS5** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPassive_RS1** The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1607 on this device. -- **DecisionMatchingInfoPassive_RS3** The total DataSourceMatchingInfoPassive objects targeting the next release of Windows on this device. +- **DecisionMatchingInfoPassive_RS3** The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1803 on this device. - **DecisionMatchingInfoPassive_RS5** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPostUpgrade_RS1** The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1607 on this device. -- **DecisionMatchingInfoPostUpgrade_RS3** The total DecisionMatchingInfoPostUpgrade objects targeting the next release of Windows on this device. +- **DecisionMatchingInfoPostUpgrade_RS3** The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1709 on this device. - **DecisionMatchingInfoPostUpgrade_RS5** The count of the number of this particular object type present on this device. - **DecisionMediaCenter_RS1** The total DecisionMediaCenter objects targeting Windows 10 version 1607 present on this device. -- **DecisionMediaCenter_RS3** The total DecisionMediaCenter objects targeting the next release of Windows on this device. +- **DecisionMediaCenter_RS3** The total DecisionMediaCenter objects targeting Windows 10 version 1709 present on this device. - **DecisionMediaCenter_RS5** The count of the number of this particular object type present on this device. - **DecisionSystemBios_RS1** The total DecisionSystemBios objects targeting Windows 10 version 1607 on this device. -- **DecisionSystemBios_RS3** The total DecisionSystemBios objects targeting the next release of Windows on this device. +- **DecisionSystemBios_RS3** The total DecisionSystemBios objects targeting Windows 10 version 1709 on this device. - **DecisionSystemBios_RS5** The total DecisionSystemBios objects targeting the next release of Windows on this device. -- **DecisionSystemBios_RS5Setup** The total DecisionSystemBios objects targeting the next release of Windows on this device. +- **DecisionSystemBios_RS5Setup** The count of the number of this particular object type present on this device. - **DecisionTest_RS1** An ID for the system, calculated by hashing hardware identifiers. - **InventoryApplicationFile** The count of the number of this particular object type present on this device. -- **InventoryLanguagePack** The count of InventoryLanguagePack objects present on this machine. +- **InventoryLanguagePack** The count of the number of this particular object type present on this device. - **InventoryMediaCenter** The count of the number of this particular object type present on this device. - **InventorySystemBios** The count of the number of this particular object type present on this device. - **InventoryTest** The count of the number of this particular object type present on this device. @@ -104,15 +108,15 @@ The following fields are available: - **SystemMemory** The count of the number of this particular object type present on this device. - **SystemProcessorCompareExchange** The count of the number of this particular object type present on this device. - **SystemProcessorLahfSahf** The count of the number of this particular object type present on this device. -- **SystemProcessorNx** The count of SystemProcessorNx objects present on this machine. -- **SystemProcessorPrefetchW** The count of the number of this particular object type present on this device. -- **SystemProcessorSse2** The count of SystemProcessorSse2 objects present on this machine. +- **SystemProcessorNx** The total number of objects of this type present on this device. +- **SystemProcessorPrefetchW** The total number of objects of this type present on this device. +- **SystemProcessorSse2** The total number of objects of this type present on this device. - **SystemTouch** The count of SystemTouch objects present on this machine. -- **SystemWim** The count of SystemWim objects present on this machine. +- **SystemWim** The total number of objects of this type present on this device. - **SystemWindowsActivationStatus** The count of SystemWindowsActivationStatus objects present on this machine. -- **SystemWlan** The count of SystemWlan objects present on this machine. +- **SystemWlan** The total number of objects of this type present on this device. - **Wmdrm_RS1** An ID for the system, calculated by hashing hardware identifiers. -- **Wmdrm_RS3** The total Wmdrm objects targeting the next release of Windows on this device. +- **Wmdrm_RS3** An ID for the system, calculated by hashing hardware identifiers. - **Wmdrm_RS5** The count of the number of this particular object type present on this device. @@ -540,7 +544,7 @@ The following fields are available: ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveAdd -This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date. +This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up to date. This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). @@ -1223,6 +1227,12 @@ The following fields are available: - **WindowsNotActivatedDecision** Is the current operating system activated? +### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusEndSync + +This event indicates that a full set of SystemWindowsActivationStatusAdd events has succeeded in being sent. + + + ### Microsoft.Windows.Appraiser.General.SystemWindowsActivationStatusRemove This event indicates that the SystemWindowsActivationStatus object is no longer present. @@ -1377,7 +1387,7 @@ The following fields are available: - **AppraiserTaskExitCode** The Appraiser task exist code. - **AppraiserTaskLastRun** The last runtime for the Appraiser task. - **CensusVersion** The version of Census that generated the current data for this device. -- **IEVersion** IE version running on the device. +- **IEVersion** The version of Internet Explorer that is running on the device. ### Census.Battery @@ -1578,7 +1588,7 @@ Provides information on several important data points about Processor settings The following fields are available: -- **KvaShadow** Microcode info of the processor. +- **KvaShadow** This is the micro code information of the processor. - **MMSettingOverride** Microcode setting of the processor. - **MMSettingOverrideMask** Microcode setting override of the processor. - **PreviousUpdateRevision** Previous microcode revision. @@ -1589,10 +1599,10 @@ The following fields are available: - **ProcessorManufacturer** Name of the processor manufacturer. - **ProcessorModel** Name of the processor model. - **ProcessorPhysicalCores** Number of physical cores in the processor. -- **ProcessorUpdateRevision** Microcode revision +- **ProcessorUpdateRevision** The microcode revision. - **ProcessorUpdateStatus** Enum value that represents the processor microcode load status. - **SocketCount** Count of CPU sockets. -- **SpeculationControl** If the system has enabled protections needed to validate the speculation control vulnerability. +- **SpeculationControl** Indicates whether the system has enabled protections needed to validate the speculation control vulnerability. ### Census.Security @@ -2844,6 +2854,81 @@ The following fields are available: - **WDDMVersion** The Windows Display Driver Model version. +## Failover Clustering events + +### Microsoft.Windows.Server.FailoverClusteringCritical.ClusterSummary2 + +This event returns information about how many resources and of what type are in the server cluster. This data is collected to keep Windows Server safe, secure, and up to date. The data includes information about whether hardware is configured correctly, if the software is patched correctly, and assists in preventing crashes by attributing issues (like fatal errors) to workloads and system configurations. + +The following fields are available: + +- **autoAssignSite** The cluster parameter: auto site. +- **autoBalancerLevel** The cluster parameter: auto balancer level. +- **autoBalancerMode** The cluster parameter: auto balancer mode. +- **blockCacheSize** The configured size of the block cache. +- **ClusterAdConfiguration** The ad configuration of the cluster. +- **clusterAdType** The cluster parameter: mgmt_point_type. +- **clusterDumpPolicy** The cluster configured dump policy. +- **clusterFunctionalLevel** The current cluster functional level. +- **clusterGuid** The unique identifier for the cluster. +- **clusterWitnessType** The witness type the cluster is configured for. +- **countNodesInSite** The number of nodes in the cluster. +- **crossSiteDelay** The cluster parameter: CrossSiteDelay. +- **crossSiteThreshold** The cluster parameter: CrossSiteThreshold. +- **crossSubnetDelay** The cluster parameter: CrossSubnetDelay. +- **crossSubnetThreshold** The cluster parameter: CrossSubnetThreshold. +- **csvCompatibleFilters** The cluster parameter: ClusterCsvCompatibleFilters. +- **csvIncompatibleFilters** The cluster parameter: ClusterCsvIncompatibleFilters. +- **csvResourceCount** The number of resources in the cluster. +- **currentNodeSite** The name configured for the current site for the cluster. +- **dasModeBusType** The direct storage bus type of the storage spaces. +- **downLevelNodeCount** The number of nodes in the cluster that are running down-level. +- **drainOnShutdown** Specifies whether a node should be drained when it is shut down. +- **dynamicQuorumEnabled** Specifies whether dynamic Quorum has been enabled. +- **enforcedAntiAffinity** The cluster parameter: enforced anti affinity. +- **genAppNames** The win32 service name of a clustered service. +- **genSvcNames** The command line of a clustered genapp. +- **hangRecoveryAction** The cluster parameter: hang recovery action. +- **hangTimeOut** Specifies the “hang time out” parameter for the cluster. +- **isCalabria** Specifies whether storage spaces direct is enabled. +- **isMixedMode** Identifies if the cluster is running with different version of OS for nodes. +- **isRunningDownLevel** Identifies if the current node is running down-level. +- **logLevel** Specifies the granularity that is logged in the cluster log. +- **logSize** Specifies the size of the cluster log. +- **lowerQuorumPriorityNodeId** The cluster parameter: lower quorum priority node ID. +- **minNeverPreempt** The cluster parameter: minimum never preempt. +- **minPreemptor** The cluster parameter: minimum preemptor priority. +- **netftIpsecEnabled** The parameter: netftIpsecEnabled. +- **NodeCount** The number of nodes in the cluster. +- **nodeId** The current node number in the cluster. +- **nodeResourceCounts** Specifies the number of node resources. +- **nodeResourceOnlineCounts** Specifies the number of node resources that are online. +- **numberOfSites** The number of different sites. +- **numNodesInNoSite** The number of nodes not belonging to a site. +- **plumbAllCrossSubnetRoutes** The cluster parameter: plumb all cross subnet routes. +- **preferredSite** The preferred site location. +- **privateCloudWitness** Specifies whether a private cloud witness exists for this cluster. +- **quarantineDuration** The quarantine duration. +- **quarantineThreshold** The quarantine threshold. +- **quorumArbitrationTimeout** In the event of an arbitration event, this specifies the quorum timeout period. +- **resiliencyLevel** Specifies the level of resiliency. +- **resourceCounts** Specifies the number of resources. +- **resourceTypeCounts** Specifies the number of resource types in the cluster. +- **resourceTypes** Data representative of each resource type. +- **resourceTypesPath** Data representative of the DLL path for each resource type. +- **sameSubnetDelay** The cluster parameter: same subnet delay. +- **sameSubnetThreshold** The cluster parameter: same subnet threshold. +- **secondsInMixedMode** The amount of time (in seconds) that the cluster has been in mixed mode (nodes with different operating system versions in the same cluster). +- **securityLevel** The cluster parameter: security level. +- **securityLevelForStorage** The cluster parameter: security level for storage. +- **sharedVolumeBlockCacheSize** Specifies the block cache size for shared for shared volumes. +- **shutdownTimeoutMinutes** Specifies the amount of time it takes to time out when shutting down. +- **upNodeCount** Specifies the number of nodes that are up (online). +- **useClientAccessNetworksForCsv** The cluster parameter: use client access networks for CSV. +- **vmIsolationTime** The cluster parameter: VM isolation time. +- **witnessDatabaseWriteTimeout** Specifies the timeout period for writing to the quorum witness database. + + ## Fault Reporting events ### Microsoft.Windows.FaultReporting.AppCrashEvent @@ -3015,6 +3100,17 @@ The following fields are available: - **ProgramIds** The unique program identifier the driver is associated with. +### Microsoft.Windows.Inventory.Core.InventoryApplicationDriverStartSync + +The InventoryApplicationDriverStartSync event indicates that a new set of InventoryApplicationDriverStartAdd events will be sent. + +This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). + +The following fields are available: + +- **InventoryVersion** The version of the inventory component. + + ### Microsoft.Windows.Inventory.Core.InventoryApplicationFrameworkAdd This event provides the basic metadata about the frameworks an application may depend on. @@ -3191,35 +3287,35 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: -- **BusReportedDescription** System-supplied GUID that uniquely groups the functional devices associated with a single-function or multifunction device installed in the computer. -- **Class** A unique identifier for the driver installed. -- **ClassGuid** Name of the .sys image file (or wudfrd.sys if using user mode driver framework). -- **COMPID** INF file name (the name could be renamed by OS, such as oemXX.inf) -- **ContainerId** The version of the inventory binary generating the events. -- **Description** The current error code for the device. -- **DeviceState** The device description. -- **DriverId** DeviceState is a bitmask of the following: DEVICE_IS_CONNECTED 0x0001 (currently only for container). DEVICE_IS_NETWORK_DEVICE 0x0002 (currently only for container). DEVICE_IS_PAIRED 0x0004 (currently only for container). DEVICE_IS_ACTIVE 0x0008 (currently never set). DEVICE_IS_MACHINE 0x0010 (currently only for container). DEVICE_IS_PRESENT 0x0020 (currently always set). DEVICE_IS_HIDDEN 0x0040. DEVICE_IS_PRINTER 0x0080 (currently only for container). DEVICE_IS_WIRELESS 0x0100. DEVICE_IS_WIRELESS_FAT 0x0200. The most common values are therefore: 32 (0x20)= device is present. 96 (0x60)= device is present but hidden. 288 (0x120)= device is a wireless device that is present -- **DriverName** A unique identifier for the driver installed. -- **DriverPackageStrongName** The immediate parent directory name in the Directory field of InventoryDriverPackage -- **DriverVerDate** Name of the .sys image file (or wudfrd.sys if using user mode driver framework). +- **BusReportedDescription** The description of the device reported by the bus. +- **Class** The device setup class of the driver loaded for the device. +- **ClassGuid** The device class unique identifier of the driver package loaded on the device. +- **COMPID** The list of “Compatible IDs” for this device. +- **ContainerId** The system-supplied unique identifier that specifies which group(s) the device(s) installed on the parent (main) device belong to. +- **Description** The description of the device. +- **DeviceState** Identifies the current state of the parent (main) device. +- **DriverId** The unique identifier for the installed driver. +- **DriverName** The name of the driver image file. +- **DriverPackageStrongName** The immediate parent directory name in the Directory field of InventoryDriverPackage. +- **DriverVerDate** The date associated with the driver loaded on the device. - **DriverVerVersion** The immediate parent directory name in the Directory field of InventoryDriverPackage. -- **Enumerator** The date of the driver loaded for the device. -- **HWID** The version of the driver loaded for the device. -- **Inf** The bus that enumerated the device. -- **InstallState** The device installation state. One of these values: https://msdn.microsoft.com/en-us/library/windows/hardware/ff543130.aspx -- **InventoryVersion** List of hardware ids for the device. -- **LowerClassFilters** Lower filter class drivers IDs installed for the device -- **LowerFilters** Lower filter drivers IDs installed for the device -- **Manufacturer** INF file name (the name could be renamed by OS, such as oemXX.inf) -- **MatchingID** Device installation state. -- **Model** The version of the inventory binary generating the events. -- **ParentId** Lower filter class drivers IDs installed for the device. -- **ProblemCode** Lower filter drivers IDs installed for the device. -- **Provider** The device manufacturer. -- **Service** The device service name -- **STACKID** Represents the hardware ID or compatible ID that Windows uses to install a device instance. -- **UpperClassFilters** Upper filter drivers IDs installed for the device -- **UpperFilters** The device model. +- **Enumerator** Identifies the bus that enumerated the device. +- **HWID** A list of hardware IDs for the device. +- **Inf** The name of the INF file (possibly renamed by the OS, such as oemXX.inf). +- **InstallState** The device installation state. For a list of values, see: https://msdn.microsoft.com/en-us/library/windows/hardware/ff543130.aspx +- **InventoryVersion** The version number of the inventory process generating the events. +- **LowerClassFilters** The identifiers of the Lower Class filters installed for the device. +- **LowerFilters** The identifiers of the Lower filters installed for the device. +- **Manufacturer** The manufacturer of the device. +- **MatchingID** The Hardware ID or Compatible ID that Windows uses to install a device instance. +- **Model** Identifies the model of the device. +- **ParentId** The Device Instance ID of the parent of the device. +- **ProblemCode** The error code currently returned by the device, if applicable. +- **Provider** Identifies the device provider. +- **Service** The name of the device service. +- **STACKID** The list of hardware IDs for the stack. +- **UpperClassFilters** The identifiers of the Upper Class filters installed for the device. +- **UpperFilters** The identifiers of the Upper filters installed for the device. ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove @@ -3367,29 +3463,29 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: -- **AddinCLSID** The CLSID for the Office addin -- **AddInCLSID** CLSID key for the office addin -- **AddInId** Office addin ID -- **AddinType** The type of the Office addin. -- **BinFileTimestamp** Timestamp of the Office addin -- **BinFileVersion** Version of the Office addin -- **Description** Office addin description -- **FileId** FileId of the Office addin -- **FileSize** File size of the Office addin -- **FriendlyName** Friendly name for office addin -- **FullPath** Unexpanded path to the office addin +- **AddinCLSID** The class identifier key for the Microsoft Office add-in. +- **AddInCLSID** The class identifier key for the Microsoft Office add-in. +- **AddInId** The identifier for the Microsoft Office add-in. +- **AddinType** The type of the Microsoft Office add-in. +- **BinFileTimestamp** The timestamp of the Office add-in. +- **BinFileVersion** The version of the Microsoft Office add-in. +- **Description** Description of the Microsoft Office add-in. +- **FileId** The file identifier of the Microsoft Office add-in. +- **FileSize** The file size of the Microsoft Office add-in. +- **FriendlyName** The friendly name for the Microsoft Office add-in. +- **FullPath** The full path to the Microsoft Office add-in. - **InventoryVersion** The version of the inventory binary generating the events. -- **LoadBehavior** Uint32 that describes the load behavior +- **LoadBehavior** Integer that describes the load behavior. - **LoadTime** Load time for the office addin -- **OfficeApplication** The office application for this addin -- **OfficeArchitecture** Architecture of the addin -- **OfficeVersion** The office version for this addin -- **OutlookCrashingAddin** Boolean that indicates if crashes have been found for this addin -- **ProductCompany** The name of the company associated with the Office addin -- **ProductName** The product name associated with the Office addin -- **ProductVersion** The version associated with the Office addin -- **ProgramId** The unique program identifier of the Office addin -- **Provider** Name of the provider for this addin +- **OfficeApplication** The Microsoft Office application associated with the add-in. +- **OfficeArchitecture** The architecture of the add-in. +- **OfficeVersion** The Microsoft Office version for this add-in. +- **OutlookCrashingAddin** Indicates whether crashes have been found for this add-in. +- **ProductCompany** The name of the company associated with the Office add-in. +- **ProductName** The product name associated with the Microsoft Office add-in. +- **ProductVersion** The version associated with the Office add-in. +- **ProgramId** The unique program identifier of the Microsoft Office add-in. +- **Provider** Name of the provider for this add-in. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove @@ -3785,6 +3881,81 @@ The following fields are available: - **UptimeDeltaMS** Total time (in milliseconds) added to Uptime since the last event +## Miracast events + +### Microsoft.Windows.Cast.Miracast.MiracastSessionEnd + +This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session + +The following fields are available: + +- **AudioChannelCount** The number of audio channels. +- **AudioSampleRate** The sample rate of audio in terms of samples per second. +- **AudioSubtype** The unique subtype identifier of the audio codec (encoding method) used for audio encoding. +- **AverageBitrate** The average video bitrate used during the Miracast session, in bits per second. +- **AverageDataRate** The average available bandwidth reported by the WiFi driver during the Miracast session, in bits per second. +- **AveragePacketSendTimeInMs** The average time required for the network to send a sample, in milliseconds. +- **ConnectorType** The type of connector used during the Miracast session. +- **EncodeAverageTimeMS** The average time to encode a frame of video, in milliseconds. +- **EncodeCount** The count of total frames encoded in the session. +- **EncodeMaxTimeMS** The maximum time to encode a frame, in milliseconds. +- **EncodeMinTimeMS** The minimum time to encode a frame, in milliseconds. +- **EncoderCreationTimeInMs** The time required to create the video encoder, in milliseconds. +- **ErrorSource** Identifies the component that encountered an error that caused a disconnect, if applicable. +- **FirstFrameTime** The time (tick count) when the first frame is sent. +- **FirstLatencyMode** The first latency mode. +- **FrameAverageTimeMS** Average time to process an entire frame, in milliseconds. +- **FrameCount** The total number of frames processed. +- **FrameMaxTimeMS** The maximum time required to process an entire frame, in milliseconds. +- **FrameMinTimeMS** The minimum time required to process an entire frame, in milliseconds. +- **Glitches** The number of frames that failed to be delivered on time. +- **HardwareCursorEnabled** Indicates if hardware cursor was enabled when the connection ended. +- **HDCPState** The state of HDCP (High-bandwidth Digital Content Protection) when the connection ended. +- **HighestBitrate** The highest video bitrate used during the Miracast session, in bits per second. +- **HighestDataRate** The highest available bandwidth reported by the WiFi driver, in bits per second. +- **LastLatencyMode** The last reported latency mode. +- **LastLatencyTime** The last reported latency time. +- **LogTimeReference** The reference time, in tick counts. +- **LowestBitrate** The lowest video bitrate used during the Miracast session, in bits per second. +- **LowestDataRate** The lowest video bitrate used during the Miracast session, in bits per second. +- **MediaErrorCode** The error code reported by the media session, if applicable. +- **MiracastEntry** The time (tick count) when the Miracast driver was first loaded. +- **MiracastM1** The time (tick count) when the M1 request was sent. +- **MiracastM2** The time (tick count) when the M2 request was sent. +- **MiracastM3** The time (tick count) when the M3 request was sent. +- **MiracastM4** The time (tick count) when the M4 request was sent. +- **MiracastM5** The time (tick count) when the M5 request was sent. +- **MiracastM6** The time (tick count) when the M6 request was sent. +- **MiracastM7** The time (tick count) when the M7 request was sent. +- **MiracastSessionState** The state of the Miracast session when the connection ended. +- **MiracastStreaming** The time (tick count) when the Miracast session first started processing frames. +- **ProfileCount** The count of profiles generated from the receiver M4 response. +- **ProfileCountAfterFiltering** The count of profiles after filtering based on available bandwidth and encoder capabilities. +- **RefreshRate** The refresh rate set on the remote display. +- **RotationSupported** Indicates if the Miracast receiver supports display rotation. +- **RTSPSessionId** The unique identifier of the RTSP session. This matches the RTSP session ID for the receiver for the same session. +- **SessionGuid** The unique identifier of to correlate various Miracast events from a session. +- **SinkHadEdid** Indicates if the Miracast receiver reported an EDID. +- **SupportMicrosoftColorSpaceConversion** Indicates whether the Microsoft color space conversion for extra color fidelity is supported by the receiver. +- **SupportsMicrosoftDiagnostics** Indicates whether the Miracast receiver supports the Microsoft Diagnostics Miracast extension. +- **SupportsMicrosoftFormatChange** Indicates whether the Miracast receiver supports the Microsoft Format Change Miracast extension. +- **SupportsMicrosoftLatencyManagement** Indicates whether the Miracast receiver supports the Microsoft Latency Management Miracast extension. +- **SupportsMicrosoftRTCP** Indicates whether the Miracast receiver supports the Microsoft RTCP Miracast extension. +- **SupportsMicrosoftVideoFormats** Indicates whether the Miracast receiver supports Microsoft video format for 3:2 resolution. +- **SupportsWiDi** Indicates whether Miracast receiver supports Intel WiDi extensions. +- **TeardownErrorCode** The error code reason for teardown provided by the receiver, if applicable. +- **TeardownErrorReason** The text string reason for teardown provided by the receiver, if applicable. +- **UIBCEndState** Indicates whether UIBC was enabled when the connection ended. +- **UIBCEverEnabled** Indicates whether UIBC was ever enabled. +- **UIBCStatus** The result code reported by the UIBC setup process. +- **VideoBitrate** The starting bitrate for the video encoder. +- **VideoCodecLevel** The encoding level used for encoding, specific to the video subtype. +- **VideoHeight** The height of encoded video frames. +- **VideoSubtype** The unique subtype identifier of the video codec (encoding method) used for video encoding. +- **VideoWidth** The width of encoded video frames. +- **WFD2Supported** Indicates if the Miracast receiver supports WFD2 protocol. + + ## OneDrive events ### Microsoft.OneDrive.Sync.Setup.APIOperation @@ -3920,10 +4091,10 @@ Event tells us effectiveness of new privacy experience. The following fields are available: -- **isAdmin** Whether the current user is an administrator or not +- **isAdmin** whether the person who is logging in is an admin - **isLaunching** Whether or not the privacy consent experience will be launched -- **isSilentElevation** Whether the current user has enabled silent elevation -- **privacyConsentState** The current state of the privacy consent experience +- **isSilentElevation** whether the user has most restrictive UAC controls +- **privacyConsentState** whether the user has completed privacy experience - **userRegionCode** The current user's region setting @@ -4227,6 +4398,17 @@ This event indicates an error in the updater payload. This information assists i +### Microsoft.Windows.Sediment.Info.PhaseChange + +The event indicates progress made by the updater. This information assists in keeping Windows up to date. + +The following fields are available: + +- **NewPhase** The phase of progress made. +- **ReleaseVer** The version information for the component in which the change occurred. +- **Time** The system time at which the phase chance occurred. + + ### Microsoft.Windows.Sediment.OSRSS.CheckingOneSettings This event indicates the parameters that the Operating System Remediation System Service (OSRSS) uses for a secure ping to Microsoft to help ensure Windows is up to date. @@ -4241,6 +4423,31 @@ The following fields are available: - **Time** The system time at which the event occurred. +### Microsoft.Windows.Sediment.OSRSS.DownloadingUrl + +This event provides information about the URL from which the Operating System Remediation System Service (OSRSS) is attempting to download. This information helps ensure Windows is up to date. + +The following fields are available: + +- **AttemptNumber** The count indicating which download attempt is starting. +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which data was downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.DownloadSuccess + +This event indicates the Operating System Remediation System Service (OSRSS) successfully download data from the indicated URL. This information helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which data was downloaded. + + ### Microsoft.Windows.Sediment.OSRSS.Error This event indicates an error occurred in the Operating System Remediation System Service (OSRSS). The information provided helps ensure future upgrade/update attempts are more successful. @@ -4256,6 +4463,65 @@ The following fields are available: - **Time** The system time at which the event occurred. +### Microsoft.Windows.Sediment.OSRSS.ExeSignatureValidated + +This event indicates the Operating System Remediation System Service (OSRSS) successfully validated the signature of an EXE from the indicated URL. The information provided helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which the validated EXE was downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.ExtractSuccess + +This event indicates that the Operating System Remediation System Service (OSRSS) successfully extracted downloaded content. The information provided helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The URL from which the successfully extracted content was downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.NewUrlFound + +This event indicates the Operating System Remediation System Service (OSRSS) succeeded in finding a new URL to download from. This helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The new URL from which content will be downloaded. + + +### Microsoft.Windows.Sediment.OSRSS.ProcessCreated + +This event indicates the Operating System Remediation System Service (OSRSS) created a new process to execute content downloaded from the indicated URL. This information helps ensure Windows is up to date. + +The following fields are available: + +- **ServiceVersionMajor** The Major version information of the component. +- **ServiceVersionMinor** The Minor version information of the component. +- **Time** The system time at which the event occurred. +- **Url** The new URL from which content will be executed. + + +### Microsoft.Windows.Sediment.OSRSS.SelfUpdate + +This event returns metadata after Operating System Remediation System Service (OSRSS) successfully replaces itself with a new version. + +The following fields are available: + +- **ServiceVersionMajor** The major version number for the component. +- **ServiceVersionMinor** The minor version number for the component. +- **Time** The system timestamp for when the event occurred. + + ### Microsoft.Windows.Sediment.OSRSS.UrlState This event indicates the state the Operating System Remediation System Service (OSRSS) is in while attempting a download from the URL. @@ -4270,6 +4536,66 @@ The following fields are available: - **Time** System timestamp when the event was started. +### Microsoft.Windows.Sediment.ServiceInstaller.AttemptingUpdate + +This event indicates the Operating System Remediation System Service (OSRSS) installer is attempting an update to itself. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.BinaryUpdated + +This event indicates the Operating System Remediation System Service (OSRSS) updated installer binaries with new binaries as part of its self-update process. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.ServiceRestarted + +This event indicates the Operating System Remediation System Service (OSRSS) has restarted after installing an updated version of itself. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.ServiceStopped + +This event indicates the Operating System Remediation System Service (OSRSS) was stopped by a self-updated to install an updated version of itself. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.UpdaterCompleted + +This event indicates the Operating System Remediation System Service (OSRSS) successfully completed the self-update operation. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + +### Microsoft.Windows.Sediment.ServiceInstaller.UpdaterLaunched + +This event indicates the Operating System Remediation System Service (OSRSS) successfully launched the self-updater after downloading it. This information helps ensure Windows is up to date. + +The following fields are available: + +- **InstallerVersion** The version information of the Installer component. +- **Time** The system time at which the event occurred. + + ### Microsoft.Windows.SedimentLauncher.Applicable Indicates whether a given plugin is applicable. @@ -4293,6 +4619,7 @@ Indicates whether a given plugin has completed its work. The following fields are available: - **CV** Correlation vector. +- **FailedReasons** Concatenated list of failure reasons. - **GlobalEventCounter** Client side counter which indicates ordering of events sent by this user. - **PackageVersion** Current package version of Remediation. - **PluginName** Name of the plugin specified for each generic plugin event. @@ -4480,30 +4807,6 @@ The following fields are available: ## SIH events -### SIHEngineTelemetry.EvalApplicability - -This event is sent when targeting logic is evaluated to determine if a device is eligible for a given action. - -The following fields are available: - -- **ActionReasons** If an action has been assessed as inapplicable, the additional logic prevented it. -- **AdditionalReasons** If an action has been assessed as inapplicable, the additional logic prevented it. -- **CachedEngineVersion** The engine DLL version that is being used. -- **EventInstanceID** A unique identifier for event instance. -- **EventScenario** Indicates the purpose of sending this event – whether because the software distribution just started checking for content, or whether it was cancelled, succeeded, or failed. -- **HandlerReasons** If an action has been assessed as inapplicable, the installer technology-specific logic prevented it. -- **IsExecutingAction** If the action is presently being executed. -- **ServiceGuid** A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.) -- **SihclientVersion** The client version that is being used. -- **StandardReasons** If an action has been assessed as inapplicable, the standard logic the prevented it. -- **StatusCode** Result code of the event (success, cancellation, failure code HResult). -- **UpdateID** A unique identifier for the action being acted upon. -- **WuapiVersion** The Windows Update API version that is currently installed. -- **WuaucltVersion** The Windows Update client version that is currently installed. -- **WuauengVersion** The Windows Update engine version that is currently installed. -- **WUDeviceID** The unique identifier controlled by the software distribution client. - - ### SIHEngineTelemetry.SLSActionData This event reports if the SIH client was able to successfully parse the manifest describing the actions to be evaluated. @@ -4515,7 +4818,7 @@ The following fields are available: - **EventScenario** Indicates the purpose of sending this event – whether because the software distribution just started checking for content, or whether it was cancelled, succeeded, or failed. - **FailedParseActions** The list of actions that were not successfully parsed. - **ParsedActions** The list of actions that were successfully parsed. -- **ServiceGuid** A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.) +- **ServiceGuid** A unique identifier that represents which service the software distribution client is connecting to (SIH, Windows Update, Microsoft Store, etc.). - **SihclientVersion** The client version that is being used. - **WuapiVersion** The Windows Update API version that is currently installed. - **WuaucltVersion** The Windows Update client version that is currently installed. @@ -4631,7 +4934,7 @@ The following fields are available: - **FlightId** The specific id of the flight the device is getting - **HandlerType** Indicates the kind of content (app, driver, windows patch, etc.) - **RevisionNumber** Identifies the revision number of this specific piece of content -- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Microsoft Store, etc) +- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc) - **SystemBIOSMajorRelease** Major release version of the system bios - **SystemBIOSMinorRelease** Minor release version of the system bios - **UpdateId** Identifier associated with the specific piece of content @@ -4644,32 +4947,32 @@ Download process event for target update on Windows Update client. See EventScen The following fields are available: -- **ActiveDownloadTime** Number of seconds the update was actively being downloaded. +- **ActiveDownloadTime** How long the download took, in seconds, excluding time where the update wasn't actively being downloaded. - **AppXBlockHashValidationFailureCount** A count of the number of blocks that have failed validation after being downloaded. -- **AppXDownloadScope** Indicates the scope of the download for application content. For streaming install scenarios, AllContent - non-streaming download, RequiredOnly - streaming download requested content required for launch, AutomaticOnly - streaming download requested automatic streams for the app, and Unknown - for events sent before download scope is determined by the Windows Update client. +- **AppXDownloadScope** Indicates the scope of the download for application content. - **BiosFamily** The family of the BIOS (Basic Input Output System). - **BiosName** The name of the device BIOS. - **BiosReleaseDate** The release date of the device BIOS. -- **BiosSKUNumber** The sku number of the device BIOS. +- **BiosSKUNumber** The SKU number of the device BIOS. - **BIOSVendor** The vendor of the BIOS. - **BiosVersion** The version of the BIOS. - **BundleBytesDownloaded** Number of bytes downloaded for the specific content bundle. -- **BundleId** Identifier associated with the specific content bundle; should not be all zeros if the bundleID was found. +- **BundleId** Identifier associated with the specific content bundle. - **BundleRepeatFailFlag** Indicates whether this particular update bundle previously failed to download. - **BundleRevisionNumber** Identifies the revision number of the content bundle. - **BytesDownloaded** Number of bytes that were downloaded for an individual piece of content (not the entire bundle). -- **CallerApplicationName** The name provided by the caller who initiated API calls into the software distribution client. -- **CbsDownloadMethod** Indicates whether the download was a full-file download or a partial/delta download. +- **CallerApplicationName** The name provided by the application that initiated API calls into the software distribution client. +- **CbsDownloadMethod** The method used for downloading the update content related to the Component Based Servicing (CBS) technology. - **CDNCountryCode** Two letter country abbreviation for the Content Distribution Network (CDN) location. - **CDNId** ID which defines which CDN the software distribution client downloaded the content from. - **ClientVersion** The version number of the software distribution client. - **CurrentMobileOperator** The mobile operator the device is currently connected to. -- **DeviceModel** What is the device model. +- **DeviceModel** The model of the device. - **DownloadPriority** Indicates whether a download happened at background, normal, or foreground priority. -- **DownloadScenarioId** A unique ID for a given download used to tie together WU and DO events. +- **DownloadScenarioId** A unique ID for a given download, used to tie together Windows Update and Delivery Optimizer events. - **EventInstanceID** A globally unique identifier for event instance. -- **EventScenario** Indicates the purpose of sending this event - whether because the software distribution just started downloading content, or whether it was cancelled, succeeded, or failed. -- **EventType** Possible values are Child, Bundle, or Driver. +- **EventScenario** Indicates the purpose for sending this event: whether because the software distribution just started downloading content; or whether it was cancelled, succeeded, or failed. +- **EventType** Identifies the type of the event (Child, Bundle, or Driver). - **ExtendedStatusCode** Secondary error code for certain scenarios where StatusCode wasn't specific enough. - **FeatureUpdatePause** Indicates whether feature OS updates are paused on the device. - **FlightBranch** The branch that a device is on if participating in flighting (pre-release builds). @@ -4679,35 +4982,35 @@ The following fields are available: - **HandlerType** Indicates what kind of content is being downloaded (app, driver, windows patch, etc.). - **HardwareId** If this download was for a driver targeted to a particular device model, this ID indicates the model of the device. - **HomeMobileOperator** The mobile operator that the device was originally intended to work with. -- **HostName** The hostname URL the content is downloading from. +- **HostName** The parent URL the content is downloading from. - **IPVersion** Indicates whether the download took place over IPv4 or IPv6. - **IsDependentSet** Indicates whether a driver is a part of a larger System Hardware/Firmware Update - **IsWUfBDualScanEnabled** Indicates if Windows Update for Business dual scan is enabled on the device. - **IsWUfBEnabled** Indicates if Windows Update for Business is enabled on the device. -- **NetworkCostBitMask** Indicates what kind of network the device is connected to (roaming, metered, over data cap, etc.) +- **NetworkCostBitMask** A flag indicating the cost of the network (congested, fixed, variable, over data limit, roaming, etc.) used for downloading the update content. - **NetworkRestrictionStatus** More general version of NetworkCostBitMask, specifying whether Windows considered the current network to be "metered." - **PackageFullName** The package name of the content. - **PhonePreviewEnabled** Indicates whether a phone was opted-in to getting preview builds, prior to flighting (pre-release builds) being introduced. -- **ProcessName** The process name of the caller who initiated API calls, in the event where CallerApplicationName was not provided. +- **ProcessName** The process name of the application that initiated API calls, in the event where CallerApplicationName was not provided. - **QualityUpdatePause** Indicates whether quality OS updates are paused on the device. - **RegulationReason** The reason that the update is regulated -- **RelatedCV** The previous Correlation Vector that was used before swapping with a new one. +- **RelatedCV** The Correlation Vector that was used before the most recent change to a new Correlation Vector. - **RepeatFailFlag** Indicates whether this specific piece of content had previously failed to download. -- **RevisionNumber** Identifies the revision number of this specific piece of content. -- **ServiceGuid** An ID that represents which service the software distribution client is installing content for (Windows Update, Microsoft Store, etc.). -- **Setup360Phase** If the download is for an operating system upgrade, this datapoint indicates which phase of the upgrade is underway. -- **ShippingMobileOperator** The mobile operator that a device shipped on. +- **RevisionNumber** The revision number of the specified piece of content. +- **ServiceGuid** A unique identifier for the service that the software distribution client is installing content for (Windows Update, Windows Store, etc.). +- **Setup360Phase** Identifies the active phase of the upgrade download if the current download is for an Operating System upgrade. +- **ShippingMobileOperator** The mobile operator linked to the device when the device shipped. - **StatusCode** Indicates the result of a Download event (success, cancellation, failure code HResult). - **SystemBIOSMajorRelease** Major version of the BIOS. - **SystemBIOSMinorRelease** Minor version of the BIOS. - **TargetGroupId** For drivers targeted to a specific device model, this ID indicates the distribution group of devices receiving that driver. - **TargetingVersion** For drivers targeted to a specific device model, this is the version number of the drivers being distributed to the device. - **ThrottlingServiceHResult** Result code (success/failure) while contacting a web service to determine whether this device should download content yet. -- **TimeToEstablishConnection** Time (in ms) it took to establish the connection prior to beginning downloaded. -- **TotalExpectedBytes** The total count of bytes that the download is expected to be. +- **TimeToEstablishConnection** Time (in milliseconds) it took to establish the connection prior to beginning downloaded. +- **TotalExpectedBytes** The total size (in Bytes) expected to be downloaded. - **UpdateId** An identifier associated with the specific piece of content. -- **UpdateImportance** Indicates whether a piece of content was marked as Important, Recommended, or Optional. -- **UsedDO** Whether the download used the delivery optimization service. +- **UpdateImportance** Indicates whether the content was marked as Important, Recommended, or Optional. +- **UsedDO** Whether the download used the Delivery Optimization (DO) service. - **UsedSystemVolume** Indicates whether the content was downloaded to the device's main system storage drive, or an alternate storage drive. - **WUDeviceID** The unique identifier of a specific device, used to identify how many devices are encountering success or a particular issue. @@ -4855,24 +5158,24 @@ The following fields are available: - **EndpointUrl** The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments. - **EventScenario** The purpose of this event, such as scan started, scan succeeded, or scan failed. - **ExtendedStatusCode** The secondary status code of the event. -- **LeafCertId** Integral ID from the FragmentSigning data for certificate that failed. +- **LeafCertId** The integral ID from the FragmentSigning data for the certificate that failed. - **ListOfSHA256OfIntermediateCerData** A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate. - **MetadataIntegrityMode** The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce -- **MetadataSignature** A base64-encoded string of the signature associated with the update metadata (specified by revision ID). -- **RawMode** Raw unparsed mode string from the SLS response. May be null if not applicable. +- **MetadataSignature** Base64 string of the signature associated with the update metadata (specified by revision id) +- **RawMode** The raw unparsed mode string from the SLS response. This field is null if not applicable. - **RawValidityWindowInDays** The raw unparsed validity window string in days of the timestamp token. This field is null if not applicable. -- **RevisionId** The revision ID for a specific piece of content. -- **RevisionNumber** The revision number for a specific piece of content. +- **RevisionId** Identifies the revision of this specific piece of content +- **RevisionNumber** Identifies the revision number of this specific piece of content - **ServiceGuid** Identifies the service to which the software distribution client is connected, Example: Windows Update or Microsoft Store - **SHA256OfLeafCerData** A base64 encoding of the hash for the Base64CerData in the FragmentSigning data of the leaf certificate. -- **SHA256OfLeafCertPublicKey** A base64 encoding of the hash of the Base64CertData in the FragmentSigning data of the leaf certificate. -- **SHA256OfTimestampToken** A base64-encoded string of hash of the timestamp token blob. -- **SignatureAlgorithm** The hash algorithm for the metadata signature. +- **SHA256OfLeafCertPublicKey** Base64 encoding of hash of the Base64CertData in the FragmentSigning data of leaf certificate. +- **SHA256OfTimestampToken** An encoded string of the timestamp token. +- **SignatureAlgorithm** Hash algorithm for the metadata signature - **SLSPrograms** A test program to which a device may have opted in. Example: Insider Fast - **StatusCode** The status code of the event. - **TimestampTokenCertThumbprint** The thumbprint of the encoded timestamp token. - **TimestampTokenId** The time this was created. It is encoded in a timestamp blob and will be zero if the token is malformed. -- **UpdateId** The update ID for a specific piece of content. +- **UpdateId** Identifier associated with the specific piece of content - **ValidityWindowInDays** The validity window that's in effect when verifying the timestamp. @@ -5169,36 +5472,36 @@ The following fields are available: - **CV** Correlation vector. - **DetectorVersion** Most recently run detector version for the current campaign. - **GlobalEventCounter** Client side counter that indicates the ordering of events sent by this user. -- **key1** UI interaction data -- **key10** UI interaction data -- **key11** UI interaction data -- **key12** UI interaction data -- **key13** UI interaction data -- **key14** UI interaction data -- **key15** UI interaction data -- **key16** UI interaction data -- **key17** UI interaction data -- **key18** UI interaction data -- **key19** UI interaction data -- **key2** UI interaction data -- **key20** UI interaction data -- **key21** UI interaction data -- **key22** UI interaction data -- **key23** UI interaction data -- **key24** UI interaction data -- **key25** UI interaction data -- **key26** UI interaction data -- **key27** UI interaction data -- **key28** UI interaction data -- **key29** UI interaction data -- **key3** UI interaction data -- **key30** UI interaction data -- **key4** UI interaction data -- **key5** UI interaction data -- **key6** UI interaction data -- **key7** UI interaction data -- **key8** UI interaction data -- **key9** UI interaction data +- **key1** UI interaction data. +- **key10** UI interaction data. +- **key11** UI interaction data. +- **key12** UI interaction data. +- **key13** UI interaction data. +- **key14** UI interaction data. +- **key15** UI interaction data. +- **key16** UI interaction data. +- **key17** UI interaction data. +- **key18** UI interaction data. +- **key19** UI interaction data. +- **key2** UI interaction data. +- **key20** UI interaction data. +- **key21** UI interaction data. +- **key22** UI interaction data. +- **key23** UI interaction data. +- **key24** UI interaction data. +- **key25** UI interaction data. +- **key26** The interaction data for the user interface. +- **key27** UI interaction data. +- **key28** UI interaction data. +- **key29** UI interaction data. +- **key3** UI interaction data. +- **key30** UI interaction data. +- **key4** UI interaction data. +- **key5** UI interaction data. +- **key6** UI interaction data. +- **key7** UI interaction data. +- **key8** UI interaction data. +- **key9** UI interaction data. - **PackageVersion** Current package version of the update notification. - **schema** UI interaction type. @@ -5301,6 +5604,16 @@ The following fields are available: - **Type** Type of package that was downloaded. +### FacilitatorTelemetry.DUDownload + +This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows. + +The following fields are available: + +- **PackageCategoriesFailed** Lists the categories of packages that failed to download. +- **PackageCategoriesSkipped** Lists the categories of package downloads that were skipped. + + ### FacilitatorTelemetry.InitializeDU This event determines whether devices received additional or critical supplemental content during an OS upgrade. @@ -5374,7 +5687,7 @@ The following fields are available: - **Setup360Extended** Detailed information about the phase or action when the potential failure occurred. - **Setup360Mode** The phase of Setup360. Example: Predownload, Install, Finalize, Rollback. - **Setup360Result** The result of Setup360. This is an HRESULT error code that is used to diagnose errors. -- **Setup360Scenario** The Setup360 flow type. Example: Boot, Media, Update, MCT. +- **Setup360Scenario** The Setup360 flow type. Example: Boot, Media, Update, MCT - **SetupVersionBuildNumber** The build number of Setup360 (build number of target OS). - **State** Exit state of a Setup360 run. Example: succeeded, failed, blocked, cancelled. - **TestId** ID that uniquely identifies a group of events. @@ -5516,7 +5829,7 @@ The following fields are available: - **InstanceId** Retrieves a unique identifier for each instance of a setup session. - **Operation** Facilitator’s last known operation (scan, download, etc.). - **ReportId** ID for tying together events stream side. -- **ResultCode** Result returned by setup for the entire operation. +- **ResultCode** Result returned for the entire setup operation. - **Scenario** Dynamic Update scenario (Image DU, or Setup DU). - **ScenarioId** Identifies the update scenario. - **TargetBranch** Branch of the target OS. @@ -5675,7 +5988,7 @@ The following fields are available: - **PertProb** Constant used in algorithm for randomization. -## Microsoft Store events +## Windows Store events ### Microsoft.Windows.Store.StoreActivating @@ -5947,9 +6260,9 @@ The following fields are available: - **CatalogId** The name of the product catalog from which this app was chosen. - **FailedRetry** Indicates whether the installation or update retry was successful. -- **HResult** The HResult code of the operation. -- **PFN** The Package Family Name of the app that is being installed or updated. -- **ProductId** The product ID of the app that is being updated or installed. +- **HResult** Resulting HResult error/success code of this call +- **PFN** Package Family Name of the app that being installed or updated +- **ProductId** Product Id of the app that is being updated or installed ### Microsoft.Windows.StoreAgent.Telemetry.FulfillmentInitiate @@ -6114,7 +6427,7 @@ The following fields are available: - **current** Result of currency check. - **dismOperationSucceeded** Dism uninstall operation status. -- **hResult** Failure Error code. +- **hResult** Failure error code. - **oSVersion** Build number of the device. - **paused** Indicates whether the device is paused. - **rebootRequestSucceeded** Reboot Configuration Service Provider (CSP) call success status. @@ -6259,7 +6572,7 @@ The following fields are available: - **background** Indicates whether the download is happening in the background. - **bytesRequested** Number of bytes requested for the download. - **callerName** Name of the API caller. -- **cdnUrl** The URL of the source CDN +- **cdnUrl** The URL of the source Content Distribution Network (CDN). - **costFlags** A set of flags representing network cost. - **deviceProfile** Identifies the usage or form factor (such as Desktop, Xbox, or VM). - **diceRoll** Random number used for determining if a client will use peering. @@ -6334,21 +6647,21 @@ This event collects information regarding the state of devices and drivers on th The following fields are available: - **activated** Whether the entire device manifest update is considered activated and in use. -- **analysisErrorCount** How many driver packages that could not be analyzed because errors were hit during the analysis. +- **analysisErrorCount** The number of driver packages that could not be analyzed because errors occurred during analysis. - **flightId** Unique ID for each flight. -- **missingDriverCount** How many driver packages that were delivered by the device manifest that are missing from the system. -- **missingUpdateCount** How many updates that were part of the device manifest that are missing from the system. +- **missingDriverCount** The number of driver packages delivered by the device manifest that are missing from the system. +- **missingUpdateCount** The number of updates in the device manifest that are missing from the system. - **objectId** Unique value for each diagnostics session. -- **publishedCount** How many drivers packages that were delivered by the device manifest that are published and available to be used on devices. +- **publishedCount** The number of drivers packages delivered by the device manifest that are published and available to be used on devices. - **relatedCV** Correlation vector value generated from the latest USO scan. - **scenarioId** Indicates the update scenario. - **sessionId** Unique value for each update session. -- **summary** A summary string that contains some basic information about driver packages that are part of the device manifest and any devices on the system that those driver packages match on. +- **summary** A summary string that contains basic information about driver packages that are part of the device manifest and any devices on the system that those driver packages match. - **summaryAppendError** A Boolean indicating if there was an error appending more information to the summary string. -- **truncatedDeviceCount** How many devices are missing from the summary string due to there not being enough room in the string. -- **truncatedDriverCount** How many driver packages are missing from the summary string due to there not being enough room in the string. +- **truncatedDeviceCount** The number of devices missing from the summary string because there is not enough room in the string. +- **truncatedDriverCount** The number of driver packages missing from the summary string because there is not enough room in the string. - **unpublishedCount** How many drivers packages that were delivered by the device manifest that are still unpublished and unavailable to be used on devices. -- **updateId** Unique ID for each Update. +- **updateId** The unique ID for each update. ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentCommit @@ -6419,11 +6732,11 @@ This event collects information regarding the install phase of the new device ma The following fields are available: - **errorCode** The error code returned for the current install phase. -- **flightId** Unique ID for each flight. +- **flightId** The unique identifier for each flight (pre-release builds). - **objectId** Unique value for each diagnostics session. -- **relatedCV** Correlation vector value generated from the latest USO scan. +- **relatedCV** Correlation vector value generated from the latest scan. - **result** Outcome of the install phase of the update. -- **scenarioId** Indicates the update scenario. +- **scenarioId** The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate - **sessionId** Unique value for each update session. - **updateId** Unique ID for each Update. @@ -6434,13 +6747,13 @@ This event sends data for the start of each mode during the process of updating The following fields are available: -- **flightId** Unique ID for each flight. -- **mode** The mode that is starting. +- **flightId** The unique identifier for each flight (pre-release builds). +- **mode** Indicates the active Update Agent mode. - **objectId** Unique value for each diagnostics session. -- **relatedCV** Correlation vector value generated from the latest USO scan. -- **scenarioId** Indicates the update scenario. -- **sessionId** Unique value for each update session. -- **updateId** Unique ID for each Update. +- **relatedCV** Correlation vector value generated from the latest scan. +- **scenarioId** The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate +- **sessionId** The unique identifier for each update session. +- **updateId** The unique identifier for each Update. ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed @@ -6565,6 +6878,22 @@ The following fields are available: - **UtcTime** The time that dialog box was displayed, in Coordinated Universal Time. +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootReminderDialog + +This event returns information relating to the Enhanced Engaged reboot reminder dialog that was displayed. + +The following fields are available: + +- **DeviceLocalTime** The time at which the reboot reminder dialog was shown (based on the local device time settings). +- **ETag** The OneSettings versioning value. +- **ExitCode** Indicates how users exited the reboot reminder dialog box. +- **RebootVersion** The version of the DTE (Direct-to-Engaged). +- **UpdateId** The ID of the update that is waiting for reboot to finish installation. +- **UpdateRevision** The revision of the update that is waiting for reboot to finish installation. +- **UserResponseString** The option chosen by the user on the reboot dialog box. +- **UtcTime** The time at which the reboot reminder dialog was shown (in UTC). + + ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootSecondReminderDialog This event indicates that the second reminder dialog box was displayed for Enhanced Engaged restart. @@ -6597,6 +6926,12 @@ The following fields are available: - **UtcTime** The time that the dialog box was displayed, in Coordinated Universal Time. +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedSecondRebootReminderDialog + +This event is sent when a second reminder dialog is displayed during Enhanced Engaged Reboot. + + + ### Microsoft.Windows.Update.NotificationUx.RebootScheduled Indicates when a reboot is scheduled by the system or a user for a security, quality, or feature update. @@ -6671,7 +7006,7 @@ The following fields are available: - **displayNeededReason** List of reasons for needing display. - **eventScenario** Indicates the purpose of the event (scan started, succeeded, failed, etc.). -- **filteredDeferReason** Applicable filtered reasons why reboot was postponed (such as user active, or low battery).. +- **filteredDeferReason** Applicable filtered reasons why reboot was postponed (such as user active, or low battery). - **gameModeReason** Name of the executable that caused the game mode state check to start. - **ignoredReason** List of reasons that were intentionally ignored. - **raisedDeferReason** Indicates all potential reasons for postponing restart (such as user active, or low battery). @@ -6688,20 +7023,20 @@ This event indicates that a scan for a Windows Update occurred. The following fields are available: -- **deferReason** Reason why the device could not check for updates. -- **detectionBlockingPolicy** State of update action. -- **detectionBlockreason** State of update action +- **deferReason** The reason why the device could not check for updates. +- **detectionBlockingPolicy** The Policy that blocked detection. +- **detectionBlockreason** The reason detection did not complete. - **detectionRetryMode** Indicates whether we will try to scan again. -- **errorCode** Error info +- **errorCode** The error code returned for the current process. - **eventScenario** End-to-end update session ID, or indicates the purpose of sending this event - whether because the software distribution just started installing content, or whether it was cancelled, succeeded, or failed. -- **flightID** The specific ID of the Windows Insider build the device is getting. -- **interactive** Indicates whether the session was user initiated. -- **networkStatus** Error info -- **revisionNumber** Update revision number. -- **scanTriggerSource** Source of the triggered scan. -- **updateId** Update ID. -- **updateScenarioType** Device ID -- **wuDeviceid** Device ID +- **flightID** The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable. +- **interactive** Indicates whether the user initiated the session. +- **networkStatus** Indicates if the device is connected to the internet. +- **revisionNumber** The Update revision number. +- **scanTriggerSource** The source of the triggered scan. +- **updateId** The unique identifier of the Update. +- **updateScenarioType** Identifies the type of update session being performed. +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded @@ -6785,7 +7120,7 @@ This event is sent during update scan, download, or install, and indicates that The following fields are available: -- **configVersion** Escalation config version on device. +- **configVersion** The escalation configuration version on the device. - **downloadElapsedTime** Indicates how long since the download is required on device. - **downloadRiskLevel** At-risk level of download phase. - **installElapsedTime** Indicates how long since the install is required on device. @@ -6861,7 +7196,7 @@ The following fields are available: - **deferReason** Reason for install not completing. - **errorCode** The error code reppresented by a hexadecimal value. - **eventScenario** End-to-end update session ID. -- **flightID** Unique update ID +- **flightID** The ID of the Windows Insider build the device is getting. - **flightUpdate** Indicates whether the update is a Windows Insider build. - **ForcedRebootReminderSet** A boolean value that indicates if a forced reboot will happen for updates. - **installCommitfailedtime** The time it took for a reboot to happen but the upgrade failed to progress. @@ -6907,15 +7242,15 @@ This event is sent after a Windows update install completes. The following fields are available: -- **batteryLevel** Current battery capacity in mWh or percentage left. -- **bundleId** Identifier associated with the specific content bundle. +- **batteryLevel** Current battery capacity in megawatt-hours (mWh) or percentage left. +- **bundleId** The unique identifier associated with the specific content bundle. - **bundleRevisionnumber** Identifies the revision number of the content bundle. - **errorCode** The error code returned for the current phase. - **eventScenario** State of update action. -- **flightID** The flight ID of the device +- **flightID** The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable. - **sessionType** The Windows Update session type (Interactive or Background). -- **updateScenarioType** The update session type. -- **wuDeviceid** Unique device ID used by Windows Update. +- **updateScenarioType** Identifies the type of Update session being performed. +- **wuDeviceid** The unique device identifier used by Windows Update. ### Microsoft.Windows.Update.Orchestrator.PowerMenuOptionsChanged @@ -7188,7 +7523,7 @@ The following fields are available: - **scheduledRebootTime** Time scheduled for the reboot. - **scheduledRebootTimeInUTC** Time scheduled for the reboot, in UTC. - **updateId** Identifies which update is being scheduled. -- **wuDeviceid** Unique DeviceID +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerFirstReadyToReboot @@ -7234,21 +7569,21 @@ This event sends data specific to the CleanupSafeOsImages mitigation used for OS The following fields are available: -- **ClientId** In the WU scenario, this will be the WU client ID that is passed to Setup. In Media setup, default value is Media360, but can be overwritten by the caller to a unique value. -- **FlightId** Unique identifier for each flight. -- **InstanceId** Unique GUID that identifies each instances of setuphost.exe. +- **ClientId** The client ID used by Windows Update. +- **FlightId** The ID of each Windows Insider build the device received. +- **InstanceId** A unique device ID that identifies each update instance. - **MitigationScenario** The update scenario in which the mitigation was executed. -- **MountedImageCount** Number of mounted images. -- **MountedImageMatches** Number of mounted images that were under %systemdrive%\$Windows.~BT. -- **MountedImagesFailed** Number of mounted images under %systemdrive%\$Windows.~BT that could not be removed. -- **MountedImagesRemoved** Number of mounted images under %systemdrive%\$Windows.~BT that were successfully removed. -- **MountedImagesSkipped** Number of mounted images that were not under %systemdrive%\$Windows.~BT. -- **RelatedCV** Correlation vector value generated from the latest USO scan. +- **MountedImageCount** The number of mounted images. +- **MountedImageMatches** The number of mounted image matches. +- **MountedImagesFailed** The number of mounted images that could not be removed. +- **MountedImagesRemoved** The number of mounted images that were successfully removed. +- **MountedImagesSkipped** The number of mounted images that were not found. +- **RelatedCV** The correlation vector value generated from the latest USO scan. - **Result** HResult of this operation. - **ScenarioId** ID indicating the mitigation scenario. - **ScenarioSupported** Indicates whether the scenario was supported. - **SessionId** Unique value for each update attempt. -- **UpdateId** Unique ID for each Update. +- **UpdateId** Unique ID for each Windows Update. - **WuId** Unique ID for the Windows Update client. @@ -7297,6 +7632,38 @@ The following fields are available: - **WuId** Unique ID for the Windows Update client. +## Windows Update Reserve Manager events + +### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending. + + + +### Microsoft.Windows.UpdateReserveManager.FunctionReturnedError + +This event is sent when the Update Reserve Manager returns an error from one of its internal functions. + + + +### Microsoft.Windows.UpdateReserveManager.PrepareTIForReserveInitialization + +This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot. + + + +### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. + + + +### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed. + + + ## Winlogon events ### Microsoft.Windows.Security.Winlogon.SetupCompleteLogon diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md index 639c8005ed..8916790a12 100644 --- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md +++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1809.md @@ -7,9 +7,13 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security localizationpriority: high +audience: ITPro author: brianlic-msft ms.author: brianlic -ms.date: 12/13/2018 +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article +ms.date: 02/15/2019 --- @@ -306,7 +310,7 @@ The following fields are available: - **DatasourceApplicationFile_19H1Setup** The count of the number of this particular object type present on this device. - **DatasourceApplicationFile_RS1** An ID for the system, calculated by hashing hardware identifiers. - **DatasourceApplicationFile_RS2** An ID for the system, calculated by hashing hardware identifiers. -- **DatasourceApplicationFile_RS3** The total DecisionApplicationFile objects targeting the next release of Windows on this device. +- **DatasourceApplicationFile_RS3** The count of the number of this particular object type present on this device. - **DatasourceApplicationFile_RS4** The count of the number of this particular object type present on this device. - **DatasourceApplicationFile_RS4Setup** The count of the number of this particular object type present on this device. - **DatasourceApplicationFile_RS5** The count of the number of this particular object type present on this device. @@ -317,8 +321,8 @@ The following fields are available: - **DatasourceDevicePnp_19H1** The count of the number of this particular object type present on this device. - **DatasourceDevicePnp_19H1Setup** The count of the number of this particular object type present on this device. - **DatasourceDevicePnp_RS1** The total DataSourceDevicePnp objects targeting Windows 10 version 1607 on this device. -- **DatasourceDevicePnp_RS2** The total DatasourceDevicePnp objects targeting Windows 10 version 1703 present on this device. -- **DatasourceDevicePnp_RS3** The total DatasourceDevicePnp objects targeting the next release of Windows on this device. +- **DatasourceDevicePnp_RS2** The count of the number of this particular object type present on this device. +- **DatasourceDevicePnp_RS3** The count of the number of this particular object type present on this device. - **DatasourceDevicePnp_RS3Setup** The count of the number of this particular object type present on this device. - **DatasourceDevicePnp_RS4** The count of the number of this particular object type present on this device. - **DatasourceDevicePnp_RS4Setup** The count of the number of this particular object type present on this device. @@ -331,7 +335,7 @@ The following fields are available: - **DatasourceDriverPackage_19H1Setup** The count of the number of this particular object type present on this device. - **DatasourceDriverPackage_RS1** The total DataSourceDriverPackage objects targeting Windows 10 version 1607 on this device. - **DatasourceDriverPackage_RS2** The total DataSourceDriverPackage objects targeting Windows 10, version 1703 on this device. -- **DatasourceDriverPackage_RS3** The total DatasourceDriverPackage objects targeting the next release of Windows on this device. +- **DatasourceDriverPackage_RS3** The count of the number of this particular object type present on this device. - **DatasourceDriverPackage_RS3Setup** The count of the number of this particular object type present on this device. - **DatasourceDriverPackage_RS4** The count of the number of this particular object type present on this device. - **DatasourceDriverPackage_RS4Setup** The count of the number of this particular object type present on this device. @@ -343,8 +347,8 @@ The following fields are available: - **DataSourceMatchingInfoBlock_19H1** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_19H1Setup** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_RS1** The total DataSourceMatchingInfoBlock objects targeting Windows 10 version 1607 on this device. -- **DataSourceMatchingInfoBlock_RS2** The total DataSourceMatchingInfoBlock objects targeting Windows 10 version 1703 present on this device. -- **DataSourceMatchingInfoBlock_RS3** The total DataSourceMatchingInfoBlock objects targeting the next release of Windows on this device. +- **DataSourceMatchingInfoBlock_RS2** The count of the number of this particular object type present on this device. +- **DataSourceMatchingInfoBlock_RS3** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_RS4** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_RS4Setup** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoBlock_RS5** The count of the number of this particular object type present on this device. @@ -356,7 +360,7 @@ The following fields are available: - **DataSourceMatchingInfoPassive_19H1Setup** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPassive_RS1** The total DataSourceMatchingInfoPassive objects targeting Windows 10 version 1607 on this device. - **DataSourceMatchingInfoPassive_RS2** The count of the number of this particular object type present on this device. -- **DataSourceMatchingInfoPassive_RS3** The total DataSourceMatchingInfoPassive objects targeting the next release of Windows on this device. +- **DataSourceMatchingInfoPassive_RS3** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPassive_RS4** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPassive_RS4Setup** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPassive_RS5** The count of the number of this particular object type present on this device. @@ -367,8 +371,8 @@ The following fields are available: - **DataSourceMatchingInfoPostUpgrade_19H1** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPostUpgrade_19H1Setup** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPostUpgrade_RS1** The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1607 on this device. -- **DataSourceMatchingInfoPostUpgrade_RS2** The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1703 present on this device. -- **DataSourceMatchingInfoPostUpgrade_RS3** The total DataSourceMatchingInfoPostUpgrade objects targeting the next release of Windows on this device. +- **DataSourceMatchingInfoPostUpgrade_RS2** The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1703 on this device. +- **DataSourceMatchingInfoPostUpgrade_RS3** The total DataSourceMatchingInfoPostUpgrade objects targeting Windows 10 version 1709 on this device. - **DataSourceMatchingInfoPostUpgrade_RS4** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPostUpgrade_RS4Setup** The count of the number of this particular object type present on this device. - **DataSourceMatchingInfoPostUpgrade_RS5** The count of the number of this particular object type present on this device. @@ -380,7 +384,7 @@ The following fields are available: - **DatasourceSystemBios_19H1Setup** The count of the number of this particular object type present on this device. - **DatasourceSystemBios_RS1** The total DatasourceSystemBios objects targeting Windows 10 version 1607 present on this device. - **DatasourceSystemBios_RS2** The total DatasourceSystemBios objects targeting Windows 10 version 1703 present on this device. -- **DatasourceSystemBios_RS3** The total DatasourceSystemBios objects targeting the next release of Windows on this device. +- **DatasourceSystemBios_RS3** The total DatasourceSystemBios objects targeting Windows 10 version 1709 present on this device. - **DatasourceSystemBios_RS3Setup** The count of the number of this particular object type present on this device. - **DatasourceSystemBios_RS4** The count of the number of this particular object type present on this device. - **DatasourceSystemBios_RS4Setup** The count of the number of this particular object type present on this device. @@ -393,7 +397,7 @@ The following fields are available: - **DecisionApplicationFile_19H1Setup** The count of the number of this particular object type present on this device. - **DecisionApplicationFile_RS1** The count of the number of this particular object type present on this device. - **DecisionApplicationFile_RS2** The count of the number of this particular object type present on this device. -- **DecisionApplicationFile_RS3** The total DecisionApplicationFile objects targeting the next release of Windows on this device. +- **DecisionApplicationFile_RS3** The count of the number of this particular object type present on this device. - **DecisionApplicationFile_RS4** The count of the number of this particular object type present on this device. - **DecisionApplicationFile_RS4Setup** The count of the number of this particular object type present on this device. - **DecisionApplicationFile_RS5** The count of the number of this particular object type present on this device. @@ -404,8 +408,8 @@ The following fields are available: - **DecisionDevicePnp_19H1** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_19H1Setup** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_RS1** The total DecisionDevicePnp objects targeting Windows 10 version 1607 on this device. -- **DecisionDevicePnp_RS2** The total DecisionDevicePnp objects targeting Windows 10 version 1703 present on this device. -- **DecisionDevicePnp_RS3** The total DecisionDevicePnp objects targeting the next release of Windows on this device. +- **DecisionDevicePnp_RS2** The count of the number of this particular object type present on this device. +- **DecisionDevicePnp_RS3** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_RS3Setup** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_RS4** The count of the number of this particular object type present on this device. - **DecisionDevicePnp_RS4Setup** The count of the number of this particular object type present on this device. @@ -418,7 +422,7 @@ The following fields are available: - **DecisionDriverPackage_19H1Setup** The count of the number of this particular object type present on this device. - **DecisionDriverPackage_RS1** The total DecisionDriverPackage objects targeting Windows 10 version 1607 on this device. - **DecisionDriverPackage_RS2** The count of the number of this particular object type present on this device. -- **DecisionDriverPackage_RS3** The total DecisionDriverPackage objects targeting the next release of Windows on this device. +- **DecisionDriverPackage_RS3** The count of the number of this particular object type present on this device. - **DecisionDriverPackage_RS3Setup** The count of the number of this particular object type present on this device. - **DecisionDriverPackage_RS4** The count of the number of this particular object type present on this device. - **DecisionDriverPackage_RS4Setup** The count of the number of this particular object type present on this device. @@ -431,8 +435,8 @@ The following fields are available: - **DecisionMatchingInfoBlock_19H1Setup** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoBlock_RS1** The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1607 present on this device. - **DecisionMatchingInfoBlock_RS2** The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1703 present on this device. -- **DecisionMatchingInfoBlock_RS3** The total DecisionMatchingInfoBlock objects targeting the next release of Windows on this device. -- **DecisionMatchingInfoBlock_RS4** The count of the number of this particular object type present on this device. +- **DecisionMatchingInfoBlock_RS3** The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1709 present on this device. +- **DecisionMatchingInfoBlock_RS4** The total DecisionMatchingInfoBlock objects targeting Windows 10 version 1803 present on this device. - **DecisionMatchingInfoBlock_RS4Setup** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoBlock_RS5** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoBlock_RS5Setup** The count of the number of this particular object type present on this device. @@ -442,8 +446,8 @@ The following fields are available: - **DecisionMatchingInfoPassive_19H1** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPassive_19H1Setup** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPassive_RS1** The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1607 on this device. -- **DecisionMatchingInfoPassive_RS2** The count of the number of this particular object type present on this device. -- **DecisionMatchingInfoPassive_RS3** The total DataSourceMatchingInfoPassive objects targeting the next release of Windows on this device. +- **DecisionMatchingInfoPassive_RS2** The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1703 on this device. +- **DecisionMatchingInfoPassive_RS3** The total DecisionMatchingInfoPassive objects targeting Windows 10 version 1803 on this device. - **DecisionMatchingInfoPassive_RS4** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPassive_RS4Setup** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPassive_RS5** The count of the number of this particular object type present on this device. @@ -454,8 +458,8 @@ The following fields are available: - **DecisionMatchingInfoPostUpgrade_19H1** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPostUpgrade_19H1Setup** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPostUpgrade_RS1** The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1607 on this device. -- **DecisionMatchingInfoPostUpgrade_RS2** The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1703 present on this device. -- **DecisionMatchingInfoPostUpgrade_RS3** The total DecisionMatchingInfoPostUpgrade objects targeting the next release of Windows on this device. +- **DecisionMatchingInfoPostUpgrade_RS2** The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1703 on this device. +- **DecisionMatchingInfoPostUpgrade_RS3** The total DecisionMatchingInfoPostUpgrade objects targeting Windows 10 version 1709 on this device. - **DecisionMatchingInfoPostUpgrade_RS4** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPostUpgrade_RS4Setup** The count of the number of this particular object type present on this device. - **DecisionMatchingInfoPostUpgrade_RS5** The count of the number of this particular object type present on this device. @@ -467,8 +471,8 @@ The following fields are available: - **DecisionMediaCenter_19H1Setup** The total DecisionMediaCenter objects targeting the next release of Windows on this device. - **DecisionMediaCenter_RS1** The total DecisionMediaCenter objects targeting Windows 10 version 1607 present on this device. - **DecisionMediaCenter_RS2** The total DecisionMediaCenter objects targeting Windows 10 version 1703 present on this device. -- **DecisionMediaCenter_RS3** The total DecisionMediaCenter objects targeting the next release of Windows on this device. -- **DecisionMediaCenter_RS4** The count of the number of this particular object type present on this device. +- **DecisionMediaCenter_RS3** The total DecisionMediaCenter objects targeting Windows 10 version 1709 present on this device. +- **DecisionMediaCenter_RS4** The total DecisionMediaCenter objects targeting Windows 10 version 1803 present on this device. - **DecisionMediaCenter_RS4Setup** The count of the number of this particular object type present on this device. - **DecisionMediaCenter_RS5** The count of the number of this particular object type present on this device. - **DecisionMediaCenter_RS5Setup** The count of the number of this particular object type present on this device. @@ -478,8 +482,8 @@ The following fields are available: - **DecisionSystemBios_19H1** The count of the number of this particular object type present on this device. - **DecisionSystemBios_19H1Setup** The total DecisionSystemBios objects targeting the next release of Windows on this device. - **DecisionSystemBios_RS1** The total DecisionSystemBios objects targeting Windows 10 version 1607 on this device. -- **DecisionSystemBios_RS2** The total DecisionSystemBios objects targeting Windows 10 version 1703 present on this device. -- **DecisionSystemBios_RS3** The total DecisionSystemBios objects targeting the next release of Windows on this device. +- **DecisionSystemBios_RS2** The total DecisionSystemBios objects targeting Windows 10 version 1703 on this device. +- **DecisionSystemBios_RS3** The total DecisionSystemBios objects targeting Windows 10 version 1709 on this device. - **DecisionSystemBios_RS3Setup** The count of the number of this particular object type present on this device. - **DecisionSystemBios_RS4** The total DecisionSystemBios objects targeting Windows 10 version, 1803 present on this device. - **DecisionSystemBios_RS4Setup** The total DecisionSystemBios objects targeting the next release of Windows on this device. @@ -487,6 +491,7 @@ The following fields are available: - **DecisionSystemBios_RS5Setup** The total DecisionSystemBios objects targeting the next release of Windows on this device. - **DecisionSystemBios_TH1** The count of the number of this particular object type present on this device. - **DecisionSystemBios_TH2** The count of the number of this particular object type present on this device. +- **DecisionSystemProcessor_RS2** The count of the number of this particular object type present on this device. - **DecisionTest_RS1** An ID for the system, calculated by hashing hardware identifiers. - **InventoryApplicationFile** The count of the number of this particular object type present on this device. - **InventoryDeviceContainer** A count of device container objects in cache. @@ -496,25 +501,27 @@ The following fields are available: - **InventoryLanguagePack** The count of the number of this particular object type present on this device. - **InventoryMediaCenter** The count of the number of this particular object type present on this device. - **InventorySystemBios** The count of the number of this particular object type present on this device. +- **InventorySystemMachine** The count of the number of this particular object type present on this device. +- **InventorySystemProcessor** The count of the number of this particular object type present on this device. - **InventoryTest** The count of the number of this particular object type present on this device. - **InventoryUplevelDriverPackage** The count of the number of this particular object type present on this device. - **PCFP** The count of the number of this particular object type present on this device. - **SystemMemory** The count of the number of this particular object type present on this device. - **SystemProcessorCompareExchange** The count of the number of this particular object type present on this device. - **SystemProcessorLahfSahf** The count of the number of this particular object type present on this device. -- **SystemProcessorNx** The count of the number of this particular object type present on this device. -- **SystemProcessorPrefetchW** The count of the number of this particular object type present on this device. -- **SystemProcessorSse2** The count of the number of this particular object type present on this device. +- **SystemProcessorNx** The total number of objects of this type present on this device. +- **SystemProcessorPrefetchW** The total number of objects of this type present on this device. +- **SystemProcessorSse2** The total number of objects of this type present on this device. - **SystemTouch** The count of the number of this particular object type present on this device. -- **SystemWim** The count of the number of this particular object type present on this device. +- **SystemWim** The total number of objects of this type present on this device. - **SystemWindowsActivationStatus** The count of the number of this particular object type present on this device. -- **SystemWlan** The count of the number of this particular object type present on this device. +- **SystemWlan** The total number of objects of this type present on this device. - **Wmdrm_19ASetup** The count of the number of this particular object type present on this device. - **Wmdrm_19H1** The count of the number of this particular object type present on this device. - **Wmdrm_19H1Setup** The total Wmdrm objects targeting the next release of Windows on this device. - **Wmdrm_RS1** An ID for the system, calculated by hashing hardware identifiers. -- **Wmdrm_RS2** The total Wmdrm objects targeting Windows 10 version 1703 present on this device. -- **Wmdrm_RS3** The total Wmdrm objects targeting the next release of Windows on this device. +- **Wmdrm_RS2** An ID for the system, calculated by hashing hardware identifiers. +- **Wmdrm_RS3** An ID for the system, calculated by hashing hardware identifiers. - **Wmdrm_RS4** The total Wmdrm objects targeting Windows 10, version 1803 present on this device. - **Wmdrm_RS4Setup** The count of the number of this particular object type present on this device. - **Wmdrm_RS5** The count of the number of this particular object type present on this device. @@ -573,6 +580,10 @@ The following fields are available: - **ActiveNetworkConnection** Indicates whether the device is an active network device. - **AppraiserVersion** The version of the appraiser file generating the events. +- **CosDeviceRating** An enumeration that indicates if there is a driver on the target operating system. +- **CosDeviceSolution** An enumeration that indicates how a driver on the target operating system is available. +- **CosDeviceSolutionUrl** Microsoft.Windows.Appraiser.General.DatasourceDevicePnpAdd . Empty string +- **CosPopulatedFromId** The expected uplevel driver matching ID based on driver coverage data. - **IsBootCritical** Indicates whether the device boot is critical. - **UplevelInboxDriver** Indicates whether there is a driver uplevel for this device. - **WuDriverCoverage** Indicates whether there is a driver uplevel for this device, according to Windows Update. @@ -870,6 +881,7 @@ The following fields are available: - **DriverBlockOverridden** Does the driver package have an SDB block that blocks it from migrating, but that block has been overridden? - **DriverIsDeviceBlocked** Was the driver package was blocked because of a device block? - **DriverIsDriverBlocked** Is the driver package blocked because of a driver block? +- **DriverIsTroubleshooterBlocked** Indicates whether the driver package is blocked because of a troubleshooter block. - **DriverShouldNotMigrate** Should the driver package be migrated during upgrade? - **SdbDriverBlockOverridden** Does the driver package have an SDB block that blocks it from migrating, but that block has been overridden? @@ -937,7 +949,7 @@ The following fields are available: ### Microsoft.Windows.Appraiser.General.DecisionMatchingInfoPassiveAdd -This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up-to-date. +This event sends compatibility decision data about non-blocking entries on the system that are not keyed by either applications or devices, to help keep Windows up to date. This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). @@ -1320,6 +1332,7 @@ The following fields are available: - **AppraiserBranch** The source branch in which the currently running version of Appraiser was built. - **AppraiserProcess** The name of the process that launched Appraiser. - **AppraiserVersion** The version of the Appraiser file generating the events. +- **CensusId** A unique hardware identifier. - **Context** Indicates what mode Appraiser is running in. Example: Setup or Telemetry. - **PCFP** An ID for the system calculated by hashing hardware identifiers. - **Subcontext** Indicates what categories of incompatibilities appraiser is scanning for. Can be N/A, Resolve, or a semicolon-delimited list that can include App, Dev, Sys, Gat, or Rescan. @@ -1780,7 +1793,7 @@ The following fields are available: - **AppraiserTaskExitCode** The Appraiser task exist code. - **AppraiserTaskLastRun** The last runtime for the Appraiser task. - **CensusVersion** The version of Census that generated the current data for this device. -- **IEVersion** IE version running on the device. +- **IEVersion** The version of Internet Explorer that is running on the device. ### Census.Battery @@ -1989,18 +2002,14 @@ The following fields are available: - **AdvertisingId** Current state of the advertising ID setting. - **AppDiagnostics** Current state of the app diagnostics setting. - **Appointments** Current state of the calendar setting. -- **AppointmentsSystem** Current state of the calendar setting. - **Bluetooth** Current state of the Bluetooth capability setting. - **BluetoothSync** Current state of the Bluetooth sync capability setting. - **BroadFileSystemAccess** Current state of the broad file system access setting. - **CellularData** Current state of the cellular data capability setting. - **Chat** Current state of the chat setting. -- **ChatSystem** Current state of the chat setting. - **Contacts** Current state of the contacts setting. -- **ContactsSystem** Current state of the Contacts setting. - **DocumentsLibrary** Current state of the documents library setting. - **Email** Current state of the email setting. -- **EmailSystem** Current state of the email setting. - **FindMyDevice** Current state of the "find my device" setting. - **GazeInput** Current state of the gaze input setting. - **HumanInterfaceDevice** Current state of the human interface device setting. @@ -2012,7 +2021,6 @@ The following fields are available: - **Microphone** Current state of the microphone setting. - **PhoneCall** Current state of the phone call setting. - **PhoneCallHistory** Current state of the call history setting. -- **PhoneCallHistorySystem** Current state of the call history setting. - **PicturesLibrary** Current state of the pictures library setting. - **Radios** Current state of the radios setting. - **SensorsCustom** Current state of the custom sensor setting. @@ -2022,7 +2030,6 @@ The following fields are available: - **USB** Current state of the USB setting. - **UserAccountInformation** Current state of the account information setting. - **UserDataTasks** Current state of the tasks setting. -- **UserDataTasksSystem** Current state of the tasks setting. - **UserNotificationListener** Current state of the notifications setting. - **VideosLibrary** Current state of the videos library setting. - **Webcam** Current state of the camera setting. @@ -2035,7 +2042,7 @@ Provides information on several important data points about Processor settings The following fields are available: -- **KvaShadow** Microcode info of the processor. +- **KvaShadow** This is the micro code information of the processor. - **MMSettingOverride** Microcode setting of the processor. - **MMSettingOverrideMask** Microcode setting override of the processor. - **PreviousUpdateRevision** Previous microcode revision @@ -2046,10 +2053,10 @@ The following fields are available: - **ProcessorManufacturer** Name of the processor manufacturer. - **ProcessorModel** Name of the processor model. - **ProcessorPhysicalCores** Number of physical cores in the processor. -- **ProcessorUpdateRevision** Microcode revision +- **ProcessorUpdateRevision** The microcode revision. - **ProcessorUpdateStatus** Enum value that represents the processor microcode load status - **SocketCount** Count of CPU sockets. -- **SpeculationControl** If the system has enabled protections needed to validate the speculation control vulnerability. +- **SpeculationControl** Indicates whether the system has enabled protections needed to validate the speculation control vulnerability. ### Census.Security @@ -2097,6 +2104,7 @@ The following fields are available: - **PrimaryDiskTotalCapacity** Retrieves the amount of disk space on the primary disk of the device in MB. - **PrimaryDiskType** Retrieves an enumerator value of type STORAGE_BUS_TYPE that indicates the type of bus to which the device is connected. This should be used to interpret the raw device properties at the end of this structure (if any). +- **StorageReservePassedPolicy** Indicates whether the Storage Reserve policy, which ensures that updates have enough disk space and customers are on the latest OS, is enabled on this device. - **SystemVolumeTotalCapacity** Retrieves the size of the partition that the System volume is installed on in MB. @@ -2159,18 +2167,14 @@ The following fields are available: - **AdvertisingId** Current state of the advertising ID setting. - **AppDiagnostics** Current state of the app diagnostics setting. - **Appointments** Current state of the calendar setting. -- **AppointmentsSystem** Current state of the calendar setting. - **Bluetooth** Current state of the Bluetooth capability setting. - **BluetoothSync** Current state of the Bluetooth sync capability setting. - **BroadFileSystemAccess** Current state of the broad file system access setting. - **CellularData** Current state of the cellular data capability setting. - **Chat** Current state of the chat setting. -- **ChatSystem** Current state of the chat setting. - **Contacts** Current state of the contacts setting. -- **ContactsSystem** Current state of the contacts setting. - **DocumentsLibrary** Current state of the documents library setting. - **Email** Current state of the email setting. -- **EmailSystem** Current state of the email setting. - **GazeInput** Current state of the gaze input setting. - **HumanInterfaceDevice** Current state of the human interface device setting. - **InkTypeImprovement** Current state of the improve inking and typing setting. @@ -2182,7 +2186,6 @@ The following fields are available: - **Microphone** Current state of the microphone setting. - **PhoneCall** Current state of the phone call setting. - **PhoneCallHistory** Current state of the call history setting. -- **PhoneCallHistorySystem** Current state of the call history setting. - **PicturesLibrary** Current state of the pictures library setting. - **Radios** Current state of the radios setting. - **SensorsCustom** Current state of the custom sensor setting. @@ -2192,7 +2195,6 @@ The following fields are available: - **USB** Current state of the USB setting. - **UserAccountInformation** Current state of the account information setting. - **UserDataTasks** Current state of the tasks setting. -- **UserDataTasksSystem** Current state of the tasks setting. - **UserNotificationListener** Current state of the notifications setting. - **VideosLibrary** Current state of the videos library setting. - **Webcam** Current state of the camera setting. @@ -2542,6 +2544,42 @@ The following fields are available: - **transactionCanceled** Indicates whether the uninstall was cancelled. +### CbsServicingProvider.CbsQualityUpdateInstall + +This event reports on the performance and reliability results of installing Servicing content from Windows Update to keep Windows up to date. + +The following fields are available: + +- **buildVersion** The build version number of the update package. +- **clientId** The name of the application requesting the optional content. +- **corruptionHistoryFlags** A bitmask of the types of component store corruption that have caused update failures on the device. +- **corruptionType** An enumeration listing the type of data corruption responsible for the current update failure. +- **currentStateEnd** The final state of the package after the operation has completed. +- **doqTimeSeconds** The time in seconds spent updating drivers. +- **executeTimeSeconds** The number of seconds required to execute the install. +- **failureDetails** The driver or installer that caused the update to fail. +- **failureSourceEnd** An enumeration indicating at what phase of the update a failure occurred. +- **hrStatusEnd** The return code of the install operation. +- **initiatedOffline** A true or false value indicating whether the package was installed into an offline Windows Imaging Format (WIM) file. +- **majorVersion** The major version number of the update package. +- **minorVersion** The minor version number of the update package. +- **originalState** The starting state of the package. +- **overallTimeSeconds** The time (in seconds) to perform the overall servicing operation. +- **planTimeSeconds** The time in seconds required to plan the update operations. +- **poqTimeSeconds** The time in seconds processing file and registry operations. +- **postRebootTimeSeconds** The time (in seconds) to do startup processing for the update. +- **preRebootTimeSeconds** The time (in seconds) between execution of the installation and the reboot. +- **primitiveExecutionContext** An enumeration indicating at what phase of shutdown or startup the update was installed. +- **rebootCount** The number of reboots required to install the update. +- **rebootTimeSeconds** The time (in seconds) before startup processing begins for the update. +- **resolveTimeSeconds** The time in seconds required to resolve the packages that are part of the update. +- **revisionVersion** The revision version number of the update package. +- **rptTimeSeconds** The time in seconds spent executing installer plugins. +- **shutdownTimeSeconds** The time (in seconds) required to do shutdown processing for the update. +- **stackRevision** The revision number of the servicing stack. +- **stageTimeSeconds** The time (in seconds) required to stage all files that are part of the update. + + ## Deployment extensions ### DeploymentTelemetry.Deployment_End @@ -2609,7 +2647,7 @@ The following fields are available: - **AcDcStateAtLastShutdown** Identifies if the device was on battery or plugged in. - **BatteryLevelAtLastShutdown** The last recorded battery level. - **BatteryPercentageAtLastShutdown** The battery percentage at the last shutdown. -- **CrashDumpEnabled** Are crash dumps enabled? +- **CrashDumpEnabled** Indicates whether crash dumps are enabled. - **CumulativeCrashCount** Cumulative count of operating system crashes since the BootId reset. - **CurrentBootId** BootId at the time the abnormal shutdown event was being reported. - **Firmwaredata->ResetReasonEmbeddedController** The reset reason that was supplied by the firmware. @@ -2630,36 +2668,36 @@ The following fields are available: - **LastBugCheckVersion** The version of the information struct written during the crash. - **LastSuccessfullyShutdownBootId** BootId of the last fully successful shutdown. - **LongPowerButtonPressDetected** Identifies if the user was pressing and holding power button. -- **OOBEInProgress** Identifies if OOBE is running. +- **OOBEInProgress** Identifies if the Out-Of-Box-Experience is running. - **OSSetupInProgress** Identifies if the operating system setup is running. -- **PowerButtonCumulativePressCount** How many times has the power button been pressed? -- **PowerButtonCumulativeReleaseCount** How many times has the power button been released? -- **PowerButtonErrorCount** Indicates the number of times there was an error attempting to record power button metrics. -- **PowerButtonLastPressBootId** BootId of the last time the power button was pressed. -- **PowerButtonLastPressTime** Date and time of the last time the power button was pressed. -- **PowerButtonLastReleaseBootId** BootId of the last time the power button was released. -- **PowerButtonLastReleaseTime** Date and time of the last time the power button was released. +- **PowerButtonCumulativePressCount** Indicates the number of times the power button has been pressed ("pressed" not to be confused with "released"). +- **PowerButtonCumulativeReleaseCount** Indicates the number of times the power button has been released ("released" not to be confused with "pressed"). +- **PowerButtonErrorCount** Indicates the number of times there was an error attempting to record Power Button metrics (e.g.: due to a failure to lock/update the bootstat file). +- **PowerButtonLastPressBootId** BootId of the last time the Power Button was detected to have been pressed ("pressed" not to be confused with "released"). +- **PowerButtonLastPressTime** Date/time of the last time the Power Button was pressed ("pressed" not to be confused with "released"). +- **PowerButtonLastReleaseBootId** The Boot ID of the last time the Power Button was released ("released" not to be confused with "pressed"). +- **PowerButtonLastReleaseTime** The date and time the Power Button was most recently released ("released" not to be confused with "pressed"). - **PowerButtonPressCurrentCsPhase** Represents the phase of Connected Standby exit when the power button was pressed. - **PowerButtonPressIsShutdownInProgress** Indicates whether a system shutdown was in progress at the last time the power button was pressed. -- **PowerButtonPressLastPowerWatchdogStage** Progress while the monitor is being turned on. +- **PowerButtonPressLastPowerWatchdogStage** The last stage completed when the Power Button was most recently pressed. - **PowerButtonPressPowerWatchdogArmed** Indicates whether or not the watchdog for the monitor was active at the time of the last power button press. - **ShutdownDeviceType** Identifies who triggered a shutdown. Is it because of battery, thermal zones, or through a Kernel API. - **SleepCheckpoint** Provides the last checkpoint when there is a failure during a sleep transition. - **SleepCheckpointSource** Indicates whether the source is the EFI variable or bootstat file. - **SleepCheckpointStatus** Indicates whether the checkpoint information is valid. - **StaleBootStatData** Identifies if the data from bootstat is stale. -- **TransitionInfoBootId** BootId of the captured transition info. -- **TransitionInfoCSCount** l number of times the system transitioned from Connected Standby mode. -- **TransitionInfoCSEntryReason** Indicates the reason the device last entered Connected Standby mode. -- **TransitionInfoCSExitReason** Indicates the reason the device last exited Connected Standby mode. -- **TransitionInfoCSInProgress** At the time the last marker was saved, the system was in or entering Connected Standby mode. -- **TransitionInfoLastReferenceTimeChecksum** The checksum of TransitionInfoLastReferenceTimestamp, +- **TransitionInfoBootId** The Boot ID of the captured transition information. +- **TransitionInfoCSCount** The total number of times the system transitioned from "Connected Standby" mode to "On" when the last marker was saved. +- **TransitionInfoCSEntryReason** Indicates the reason the device last entered "Connected Standby" mode ("entered" not to be confused with "exited"). +- **TransitionInfoCSExitReason** Indicates the reason the device last exited "Connected Standby" mode ("exited" not to be confused with "entered"). +- **TransitionInfoCSInProgress** Indicates whether the system was in or entering Connected Standby mode when the last marker was saved. +- **TransitionInfoLastReferenceTimeChecksum** The checksum of TransitionInfoLastReferenceTimestamp. - **TransitionInfoLastReferenceTimestamp** The date and time that the marker was last saved. - **TransitionInfoLidState** Describes the state of the laptop lid. -- **TransitionInfoPowerButtonTimestamp** The date and time of the last time the power button was pressed. -- **TransitionInfoSleepInProgress** At the time the last marker was saved, the system was in or entering sleep mode. -- **TransitionInfoSleepTranstionsToOn** Total number of times the device transitioned from sleep mode. -- **TransitionInfoSystemRunning** At the time the last marker was saved, the device was running. +- **TransitionInfoPowerButtonTimestamp** The most recent date and time when the Power Button was pressed (collected via a different mechanism than PowerButtonLastPressTime). +- **TransitionInfoSleepInProgress** Indicates whether the system was in or entering Sleep mode when the last marker was saved. +- **TransitionInfoSleepTranstionsToOn** The total number of times the system transitioned from Sleep mode to on, when the last marker was saved. +- **TransitionInfoSystemRunning** Indicates whether the system was running when the last marker was saved. - **TransitionInfoSystemShutdownInProgress** Indicates whether a device shutdown was in progress when the power button was pressed. - **TransitionInfoUserShutdownInProgress** Indicates whether a user shutdown was in progress when the power button was pressed. - **TransitionLatestCheckpointId** Represents a unique identifier for a checkpoint during the device state transition. @@ -3369,6 +3407,7 @@ The following fields are available: - **GPUVendorID** The GPU vendor ID. - **InterfaceId** The GPU interface ID. - **IsDisplayDevice** Does the GPU have displaying capabilities? +- **IsHwSchSupported** Indicates whether the adapter supports hardware scheduling. - **IsHybridDiscrete** Does the GPU have discrete GPU capabilities in a hybrid device? - **IsHybridIntegrated** Does the GPU have integrated GPU capabilities in a hybrid device? - **IsLDA** Is the GPU comprised of Linked Display Adapters? @@ -3382,6 +3421,7 @@ The following fields are available: - **IsSoftwareDevice** Is this a software implementation of the GPU? - **KMDFilePath** The file path to the location of the Display Kernel Mode Driver in the Driver Store. - **MeasureEnabled** Is the device listening to MICROSOFT_KEYWORD_MEASURES? +- **MsHybridDiscrete** Indicates whether the adapter is a discrete adapter in a hybrid configuration. - **NumVidPnSources** The number of supported display output sources. - **NumVidPnTargets** The number of supported display output targets. - **SharedSystemMemoryB** The amount of system memory shared by GPU and CPU (in bytes). @@ -3393,6 +3433,81 @@ The following fields are available: - **WDDMVersion** The Windows Display Driver Model version. +## Failover Clustering events + +### Microsoft.Windows.Server.FailoverClusteringCritical.ClusterSummary2 + +This event returns information about how many resources and of what type are in the server cluster. This data is collected to keep Windows Server safe, secure, and up to date. The data includes information about whether hardware is configured correctly, if the software is patched correctly, and assists in preventing crashes by attributing issues (like fatal errors) to workloads and system configurations. + +The following fields are available: + +- **autoAssignSite** The cluster parameter: auto site. +- **autoBalancerLevel** The cluster parameter: auto balancer level. +- **autoBalancerMode** The cluster parameter: auto balancer mode. +- **blockCacheSize** The configured size of the block cache. +- **ClusterAdConfiguration** The ad configuration of the cluster. +- **clusterAdType** The cluster parameter: mgmt_point_type. +- **clusterDumpPolicy** The cluster configured dump policy. +- **clusterFunctionalLevel** The current cluster functional level. +- **clusterGuid** The unique identifier for the cluster. +- **clusterWitnessType** The witness type the cluster is configured for. +- **countNodesInSite** The number of nodes in the cluster. +- **crossSiteDelay** The cluster parameter: CrossSiteDelay. +- **crossSiteThreshold** The cluster parameter: CrossSiteThreshold. +- **crossSubnetDelay** The cluster parameter: CrossSubnetDelay. +- **crossSubnetThreshold** The cluster parameter: CrossSubnetThreshold. +- **csvCompatibleFilters** The cluster parameter: ClusterCsvCompatibleFilters. +- **csvIncompatibleFilters** The cluster parameter: ClusterCsvIncompatibleFilters. +- **csvResourceCount** The number of resources in the cluster. +- **currentNodeSite** The name configured for the current site for the cluster. +- **dasModeBusType** The direct storage bus type of the storage spaces. +- **downLevelNodeCount** The number of nodes in the cluster that are running down-level. +- **drainOnShutdown** Specifies whether a node should be drained when it is shut down. +- **dynamicQuorumEnabled** Specifies whether dynamic Quorum has been enabled. +- **enforcedAntiAffinity** The cluster parameter: enforced anti affinity. +- **genAppNames** The win32 service name of a clustered service. +- **genSvcNames** The command line of a clustered genapp. +- **hangRecoveryAction** The cluster parameter: hang recovery action. +- **hangTimeOut** Specifies the “hang time out” parameter for the cluster. +- **isCalabria** Specifies whether storage spaces direct is enabled. +- **isMixedMode** Identifies if the cluster is running with different version of OS for nodes. +- **isRunningDownLevel** Identifies if the current node is running down-level. +- **logLevel** Specifies the granularity that is logged in the cluster log. +- **logSize** Specifies the size of the cluster log. +- **lowerQuorumPriorityNodeId** The cluster parameter: lower quorum priority node ID. +- **minNeverPreempt** The cluster parameter: minimum never preempt. +- **minPreemptor** The cluster parameter: minimum preemptor priority. +- **netftIpsecEnabled** The parameter: netftIpsecEnabled. +- **NodeCount** The number of nodes in the cluster. +- **nodeId** The current node number in the cluster. +- **nodeResourceCounts** Specifies the number of node resources. +- **nodeResourceOnlineCounts** Specifies the number of node resources that are online. +- **numberOfSites** The number of different sites. +- **numNodesInNoSite** The number of nodes not belonging to a site. +- **plumbAllCrossSubnetRoutes** The cluster parameter: plumb all cross subnet routes. +- **preferredSite** The preferred site location. +- **privateCloudWitness** Specifies whether a private cloud witness exists for this cluster. +- **quarantineDuration** The quarantine duration. +- **quarantineThreshold** The quarantine threshold. +- **quorumArbitrationTimeout** In the event of an arbitration event, this specifies the quorum timeout period. +- **resiliencyLevel** Specifies the level of resiliency. +- **resourceCounts** Specifies the number of resources. +- **resourceTypeCounts** Specifies the number of resource types in the cluster. +- **resourceTypes** Data representative of each resource type. +- **resourceTypesPath** Data representative of the DLL path for each resource type. +- **sameSubnetDelay** The cluster parameter: same subnet delay. +- **sameSubnetThreshold** The cluster parameter: same subnet threshold. +- **secondsInMixedMode** The amount of time (in seconds) that the cluster has been in mixed mode (nodes with different operating system versions in the same cluster). +- **securityLevel** The cluster parameter: security level. +- **securityLevelForStorage** The cluster parameter: security level for storage. +- **sharedVolumeBlockCacheSize** Specifies the block cache size for shared for shared volumes. +- **shutdownTimeoutMinutes** Specifies the amount of time it takes to time out when shutting down. +- **upNodeCount** Specifies the number of nodes that are up (online). +- **useClientAccessNetworksForCsv** The cluster parameter: use client access networks for CSV. +- **vmIsolationTime** The cluster parameter: VM isolation time. +- **witnessDatabaseWriteTimeout** Specifies the timeout period for writing to the quorum witness database. + + ## Fault Reporting events ### Microsoft.Windows.FaultReporting.AppCrashEvent @@ -3409,7 +3524,6 @@ The following fields are available: - **ExceptionOffset** The address where the exception had occurred. - **Flags** Flags indicating how reporting is done. For example, queue the report, do not offer JIT debugging, or do not terminate the process after reporting. - **FriendlyAppName** The description of the app that has crashed, if different from the AppName. Otherwise, the process name. -- **IsCrashFatal** (Deprecated) True/False to indicate whether the crash resulted in process termination. - **IsFatal** True/False to indicate whether the crash resulted in process termination. - **ModName** Exception module name (e.g. bar.dll). - **ModTimeStamp** The date/time stamp of the module. @@ -3425,6 +3539,20 @@ The following fields are available: - **TargetAsId** The sequence number for the hanging process. +## Feature update events + +### Microsoft.Windows.Upgrade.Uninstall.UninstallFinalizedAndRebootTriggered + +This event indicates that the uninstall was properly configured and that a system reboot was initiated. + + + +### Microsoft.Windows.Upgrade.Uninstall.UninstallGoBackButtonClicked + +This event sends basic metadata about the starting point of uninstalling a feature update, which helps ensure customers can safely revert to a well-known state if the update caused any problems. + + + ## Hang Reporting events ### Microsoft.Windows.HangReporting.AppHangEvent @@ -3711,6 +3839,8 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: +- **audio.captureDriver** Audio device capture driver. Example: hdaudio.inf:db04a16ce4e8d6ee:HdAudModel:10.0.14887.1000:hdaudio\func_01 +- **audio.renderDriver** Audio device render driver. Example: hdaudio.inf:db04a16ce4e8d6ee:HdAudModel:10.0.14889.1001:hdaudio\func_01 - **Audio_CaptureDriver** The Audio device capture driver endpoint. - **Audio_RenderDriver** The Audio device render driver endpoint. - **InventoryVersion** The version of the inventory file generating the events. @@ -3748,34 +3878,35 @@ The following fields are available: - **BusReportedDescription** The description of the device reported by the bux. - **Class** The device setup class of the driver loaded for the device. -- **ClassGuid** The device class GUID from the driver package -- **COMPID** The device setup class guid of the driver loaded for the device. -- **ContainerId** The list of compat ids for the device. -- **Description** System-supplied GUID that uniquely groups the functional devices associated with a single-function or multifunction device installed in the computer. -- **DeviceState** The device description. -- **DriverId** DeviceState is a bitmask of the following: DEVICE_IS_CONNECTED 0x0001 (currently only for container). DEVICE_IS_NETWORK_DEVICE 0x0002 (currently only for container). DEVICE_IS_PAIRED 0x0004 (currently only for container). DEVICE_IS_ACTIVE 0x0008 (currently never set). DEVICE_IS_MACHINE 0x0010 (currently only for container). DEVICE_IS_PRESENT 0x0020 (currently always set). DEVICE_IS_HIDDEN 0x0040. DEVICE_IS_PRINTER 0x0080 (currently only for container). DEVICE_IS_WIRELESS 0x0100. DEVICE_IS_WIRELESS_FAT 0x0200. The most common values are therefore: 32 (0x20)= device is present. 96 (0x60)= device is present but hidden. 288 (0x120)= device is a wireless device that is present -- **DriverName** A unique identifier for the driver installed. -- **DriverPackageStrongName** The immediate parent directory name in the Directory field of InventoryDriverPackage -- **DriverVerDate** Name of the .sys image file (or wudfrd.sys if using user mode driver framework). -- **DriverVerVersion** The immediate parent directory name in the Directory field of InventoryDriverPackage. -- **Enumerator** The date of the driver loaded for the device. +- **ClassGuid** The device class unique identifier of the driver package loaded on the device. +- **COMPID** The list of “Compatible IDs” for this device. +- **ContainerId** The system-supplied unique identifier that specifies which group(s) the device(s) installed on the parent (main) device belong to. +- **Description** The description of the device. +- **DeviceInterfaceClasses** The device interfaces that this device implements. +- **DeviceState** Identifies the current state of the parent (main) device. +- **DriverId** The unique identifier for the installed driver. +- **DriverName** The name of the driver image file. +- **DriverPackageStrongName** The immediate parent directory name in the Directory field of InventoryDriverPackage. +- **DriverVerDate** The date associated with the driver installed on the device. +- **DriverVerVersion** The version number of the driver installed on the device. +- **Enumerator** Identifies the bus that enumerated the device. - **ExtendedInfs** The extended INF file names. -- **HWID** The version of the driver loaded for the device. -- **Inf** The bus that enumerated the device. -- **InstallState** The device installation state. One of these values: https://msdn.microsoft.com/en-us/library/windows/hardware/ff543130.aspx -- **InventoryVersion** List of hardware ids for the device. -- **LowerClassFilters** Lower filter class drivers IDs installed for the device -- **LowerFilters** Lower filter drivers IDs installed for the device -- **Manufacturer** INF file name (the name could be renamed by OS, such as oemXX.inf) -- **MatchingID** Device installation state. -- **Model** The version of the inventory binary generating the events. -- **ParentId** Lower filter class drivers IDs installed for the device. -- **ProblemCode** Lower filter drivers IDs installed for the device. -- **Provider** The device manufacturer. -- **Service** The device service name -- **STACKID** Represents the hardware ID or compatible ID that Windows uses to install a device instance. -- **UpperClassFilters** Upper filter drivers IDs installed for the device -- **UpperFilters** The device model. +- **HWID** A list of hardware IDs for the device. +- **Inf** The name of the INF file (possibly renamed by the OS, such as oemXX.inf). +- **InstallState** The device installation state. For a list of values, see: https://msdn.microsoft.com/en-us/library/windows/hardware/ff543130.aspx +- **InventoryVersion** The version number of the inventory process generating the events. +- **LowerClassFilters** The identifiers of the Lower Class filters installed for the device. +- **LowerFilters** The identifiers of the Lower filters installed for the device. +- **Manufacturer** The manufacturer of the device. +- **MatchingID** The Hardware ID or Compatible ID that Windows uses to install a device instance. +- **Model** Identifies the model of the device. +- **ParentId** The Device Instance ID of the parent of the device. +- **ProblemCode** The error code currently returned by the device, if applicable. +- **Provider** Identifies the device provider. +- **Service** The name of the device service. +- **STACKID** The list of hardware IDs for the stack. +- **UpperClassFilters** The identifiers of the Upper Class filters installed for the device. +- **UpperFilters** The identifiers of the Upper filters installed for the device. ### Microsoft.Windows.Inventory.Core.InventoryDevicePnpRemove @@ -3817,7 +3948,6 @@ The following fields are available: This event indicates that a new set of InventoryDeviceUsbHubClassAdd events will be sent. -This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedeviceinventorychange). The following fields are available: @@ -3974,30 +4104,30 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: -- **AddinCLSID** The CLSID for the Office add-in. -- **AddInCLSID** CLSID key for the office addin -- **AddInId** Office add-in ID. -- **AddinType** Office add-in Type. -- **BinFileTimestamp** Timestamp of the Office add-in. -- **BinFileVersion** Version of the Office add-in. -- **Description** Office add-in description. -- **FileId** FileId of the Office add-in. -- **FileSize** File size of the Office add-in. -- **FriendlyName** Friendly name for office add-in. -- **FullPath** Unexpanded path to the office add-in. +- **AddinCLSID** The class identifier key for the Microsoft Office add-in. +- **AddInCLSID** The class identifier key for the Microsoft Office add-in. +- **AddInId** The identifier for the Microsoft Office add-in. +- **AddinType** The type of the Microsoft Office add-in. +- **BinFileTimestamp** The timestamp of the Office add-in. +- **BinFileVersion** The version of the Microsoft Office add-in. +- **Description** Description of the Microsoft Office add-in. +- **FileId** The file identifier of the Microsoft Office add-in. +- **FileSize** The file size of the Microsoft Office add-in. +- **FriendlyName** The friendly name for the Microsoft Office add-in. +- **FullPath** The full path to the Microsoft Office add-in. - **InventoryVersion** The version of the inventory binary generating the events. -- **LoadBehavior** Uint32 that describes the load behavior. -- **LoadTime** Load time for the office addin -- **OfficeApplication** The office application for this add-in. -- **OfficeArchitecture** Architecture of the add-in. -- **OfficeVersion** The office version for this add-in. -- **OutlookCrashingAddin** Boolean that indicates if crashes have been found for this add-in. +- **LoadBehavior** Integer that describes the load behavior. +- **LoadTime** Load time for the Office add-in. +- **OfficeApplication** The Microsoft Office application associated with the add-in. +- **OfficeArchitecture** The architecture of the add-in. +- **OfficeVersion** The Microsoft Office version for this add-in. +- **OutlookCrashingAddin** Indicates whether crashes have been found for this add-in. - **ProductCompany** The name of the company associated with the Office add-in. -- **ProductName** The product name associated with the Office add-in. +- **ProductName** The product name associated with the Microsoft Office add-in. - **ProductVersion** The version associated with the Office add-in. -- **ProgramId** The unique program identifier of the Office add-in. +- **ProgramId** The unique program identifier of the Microsoft Office add-in. - **Provider** Name of the provider for this add-in. -- **Usage** Data regarding usage of the add-in. +- **Usage** Data about usage for the add-in. ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeAddInRemove @@ -4159,10 +4289,10 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: -- **BrowserFlags** Browser flags for Office-related products. -- **ExchangeProviderFlags** Provider policies for Office Exchange. +- **BrowserFlags** Browser flags for Office-related products +- **ExchangeProviderFlags** Provider policies for Office Exchange - **InventoryVersion** The version of the inventory binary generating the events. -- **SharedComputerLicensing** Office shared computer licensing policies. +- **SharedComputerLicensing** Office shared computer licensing policies ### Microsoft.Windows.Inventory.General.InventoryMiscellaneousOfficeSettingsStartSync @@ -4315,6 +4445,7 @@ This event includes fields from [Ms.Device.DeviceInventoryChange](#msdevicedevic The following fields are available: - **IndicatorValue** The indicator value. +- **Value** Describes an operating system indicator that may be relevant for the device upgrade. ### Microsoft.Windows.Inventory.Indicators.InventoryMiscellaneousUexIndicatorRemove @@ -4376,6 +4507,80 @@ The following fields are available: - **UserInputTime** The amount of time the loader application spent waiting for user input. +## Miracast events + +### Microsoft.Windows.Cast.Miracast.MiracastSessionEnd + +This event sends data at the end of a Miracast session that helps determine RTSP related Miracast failures along with some statistics about the session + +The following fields are available: + +- **AudioChannelCount** The number of audio channels. +- **AudioSampleRate** The sample rate of audio in terms of samples per second. +- **AudioSubtype** The unique subtype identifier of the audio codec (encoding method) used for audio encoding. +- **AverageBitrate** The average video bitrate used during the Miracast session, in bits per second. +- **AverageDataRate** The average available bandwidth reported by the WiFi driver during the Miracast session, in bits per second. +- **AveragePacketSendTimeInMs** The average time required for the network to send a sample, in milliseconds. +- **ConnectorType** The type of connector used during the Miracast session. +- **EncodeAverageTimeMS** The average time to encode a frame of video, in milliseconds. +- **EncodeCount** The count of total frames encoded in the session. +- **EncodeMaxTimeMS** The maximum time to encode a frame, in milliseconds. +- **EncodeMinTimeMS** The minimum time to encode a frame, in milliseconds. +- **EncoderCreationTimeInMs** The time required to create the video encoder, in milliseconds. +- **ErrorSource** Identifies the component that encountered an error that caused a disconnect, if applicable. +- **FirstFrameTime** The time (tick count) when the first frame is sent. +- **FirstLatencyMode** The first latency mode. +- **FrameAverageTimeMS** Average time to process an entire frame, in milliseconds. +- **FrameCount** The total number of frames processed. +- **FrameMaxTimeMS** The maximum time required to process an entire frame, in milliseconds. +- **FrameMinTimeMS** The minimum time required to process an entire frame, in milliseconds. +- **Glitches** The number of frames that failed to be delivered on time. +- **HardwareCursorEnabled** Indicates if hardware cursor was enabled when the connection ended. +- **HDCPState** The state of HDCP (High-bandwidth Digital Content Protection) when the connection ended. +- **HighestBitrate** The highest video bitrate used during the Miracast session, in bits per second. +- **HighestDataRate** The highest available bandwidth reported by the WiFi driver, in bits per second. +- **LastLatencyMode** The last reported latency mode. +- **LogTimeReference** The reference time, in tick counts. +- **LowestBitrate** The lowest video bitrate used during the Miracast session, in bits per second. +- **LowestDataRate** The lowest video bitrate used during the Miracast session, in bits per second. +- **MediaErrorCode** The error code reported by the media session, if applicable. +- **MiracastEntry** The time (tick count) when the Miracast driver was first loaded. +- **MiracastM1** The time (tick count) when the M1 request was sent. +- **MiracastM2** The time (tick count) when the M2 request was sent. +- **MiracastM3** The time (tick count) when the M3 request was sent. +- **MiracastM4** The time (tick count) when the M4 request was sent. +- **MiracastM5** The time (tick count) when the M5 request was sent. +- **MiracastM6** The time (tick count) when the M6 request was sent. +- **MiracastM7** The time (tick count) when the M7 request was sent. +- **MiracastSessionState** The state of the Miracast session when the connection ended. +- **MiracastStreaming** The time (tick count) when the Miracast session first started processing frames. +- **ProfileCount** The count of profiles generated from the receiver M4 response. +- **ProfileCountAfterFiltering** The count of profiles after filtering based on available bandwidth and encoder capabilities. +- **RefreshRate** The refresh rate set on the remote display. +- **RotationSupported** Indicates if the Miracast receiver supports display rotation. +- **RTSPSessionId** The unique identifier of the RTSP session. This matches the RTSP session ID for the receiver for the same session. +- **SessionGuid** The unique identifier of to correlate various Miracast events from a session. +- **SinkHadEdid** Indicates if the Miracast receiver reported an EDID. +- **SupportMicrosoftColorSpaceConversion** Indicates whether the Microsoft color space conversion for extra color fidelity is supported by the receiver. +- **SupportsMicrosoftDiagnostics** Indicates whether the Miracast receiver supports the Microsoft Diagnostics Miracast extension. +- **SupportsMicrosoftFormatChange** Indicates whether the Miracast receiver supports the Microsoft Format Change Miracast extension. +- **SupportsMicrosoftLatencyManagement** Indicates whether the Miracast receiver supports the Microsoft Latency Management Miracast extension. +- **SupportsMicrosoftRTCP** Indicates whether the Miracast receiver supports the Microsoft RTCP Miracast extension. +- **SupportsMicrosoftVideoFormats** Indicates whether the Miracast receiver supports Microsoft video format for 3:2 resolution. +- **SupportsWiDi** Indicates whether Miracast receiver supports Intel WiDi extensions. +- **TeardownErrorCode** The error code reason for teardown provided by the receiver, if applicable. +- **TeardownErrorReason** The text string reason for teardown provided by the receiver, if applicable. +- **UIBCEndState** Indicates whether UIBC was enabled when the connection ended. +- **UIBCEverEnabled** Indicates whether UIBC was ever enabled. +- **UIBCStatus** The result code reported by the UIBC setup process. +- **VideoBitrate** The starting bitrate for the video encoder. +- **VideoCodecLevel** The encoding level used for encoding, specific to the video subtype. +- **VideoHeight** The height of encoded video frames. +- **VideoSubtype** The unique subtype identifier of the video codec (encoding method) used for video encoding. +- **VideoWidth** The width of encoded video frames. +- **WFD2Supported** Indicates if the Miracast receiver supports WFD2 protocol. + + ## OneDrive events ### Microsoft.OneDrive.Sync.Setup.APIOperation @@ -4509,6 +4714,71 @@ The following fields are available: - **userRegionCode** The current user's region setting +### wilActivity + +This event provides a Windows Internal Library context used for Product and Service diagnostics. + +The following fields are available: + +- **callContext** The function where the failure occurred. +- **currentContextId** The ID of the current call context where the failure occurred. +- **currentContextMessage** The message of the current call context where the failure occurred. +- **currentContextName** The name of the current call context where the failure occurred. +- **failureCount** The number of failures for this failure ID. +- **failureId** The ID of the failure that occurred. +- **failureType** The type of the failure that occurred. +- **fileName** The file name where the failure occurred. +- **function** The function where the failure occurred. +- **hresult** The HResult of the overall activity. +- **lineNumber** The line number where the failure occurred. +- **message** The message of the failure that occurred. +- **module** The module where the failure occurred. +- **originatingContextId** The ID of the originating call context that resulted in the failure. +- **originatingContextMessage** The message of the originating call context that resulted in the failure. +- **originatingContextName** The name of the originating call context that resulted in the failure. +- **threadId** The ID of the thread on which the activity is executing. + + +## Sediment events + +### Microsoft.Windows.Sediment.Info.DetailedState + +This event is sent when detailed state information is needed from an update trial run. + +The following fields are available: + +- **Data** Data relevant to the state, such as what percent of disk space the directory takes up. +- **Id** Identifies the trial being run, such as a disk related trial. +- **ReleaseVer** The version of the component. +- **State** The state of the reporting data from the trial, such as the top-level directory analysis. +- **Time** The time the event was fired. + + +### Microsoft.Windows.Sediment.Info.Error + +This event indicates an error in the updater payload. This information assists in keeping Windows up to date. + +The following fields are available: + +- **FailureType** The type of error encountered. +- **FileName** The code file in which the error occurred. +- **HResult** The failure error code. +- **LineNumber** The line number in the code file at which the error occurred. +- **ReleaseVer** The version information for the component in which the error occurred. +- **Time** The system time at which the error occurred. + + +### Microsoft.Windows.Sediment.Info.PhaseChange + +The event indicates progress made by the updater. This information assists in keeping Windows up to date. + +The following fields are available: + +- **NewPhase** The phase of progress made. +- **ReleaseVer** The version information for the component in which the change occurred. +- **Time** The system time at which the phase chance occurred. + + ## Setup events ### SetupPlatformTel.SetupPlatformTelActivityEvent @@ -4548,15 +4818,6 @@ The following fields are available: - **Value** Retrieves the value associated with the corresponding event name (Field Name). For example: For time related events this will include the system time. -### SetupPlatformTel.SetupPlatfOrmTelEvent - -This service retrieves events generated by SetupPlatform, the engine that drives the various deployment scenarios. - -The following fields are available: - -- **GroupName** Retrieves the groupname the event belongs to. Example: Install Information, DU Information, Disk Space Information etc. - - ## Software update events ### SoftwareUpdateClientTelemetry.CheckForUpdates @@ -4660,6 +4921,7 @@ The following fields are available: - **BundleRevisionNumber** Identifies the revision number of the content bundle - **CallerApplicationName** Name provided by the caller who initiated API calls into the software distribution client - **ClientVersion** Version number of the software distribution client +- **DeploymentProviderMode** The mode of operation of the update deployment provider. - **DeviceModel** Device model as defined in the system bios - **EventInstanceID** A globally unique identifier for event instance - **EventScenario** Indicates the purpose of the event - whether because scan started, succeded, failed, etc. @@ -4667,7 +4929,7 @@ The following fields are available: - **FlightId** The specific id of the flight the device is getting - **HandlerType** Indicates the kind of content (app, driver, windows patch, etc.) - **RevisionNumber** Identifies the revision number of this specific piece of content -- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Microsoft Store, etc) +- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc) - **SystemBIOSMajorRelease** Major release version of the system bios - **SystemBIOSMinorRelease** Minor release version of the system bios - **UpdateId** Identifier associated with the specific piece of content @@ -4680,11 +4942,11 @@ Download process event for target update on Windows Update client. See the Event The following fields are available: -- **ActiveDownloadTime** Number of seconds the update was actively being downloaded. +- **ActiveDownloadTime** How long the download took, in seconds, excluding time where the update wasn't actively being downloaded. - **AppXBlockHashFailures** Indicates the number of blocks that failed hash validation during download of the app payload. - **AppXBlockHashValidationFailureCount** A count of the number of blocks that have failed validation after being downloaded. -- **AppXDownloadScope** Indicates the scope of the download for application content. For streaming install scenarios, AllContent - non-streaming download, RequiredOnly - streaming download requested content required for launch, AutomaticOnly - streaming download requested automatic streams for the app, and Unknown - for events sent before download scope is determined by the Windows Update client. -- **AppXScope** Indicates the scope of the app download. The values can be one of the following: "RequiredContentOnly" - only the content required to launch the app is being downloaded; "AutomaticContentOnly" - only the optional [automatic] content for the app (the ones that can downloaded after the app has been launched) is being downloaded; "AllContent" - all content for the app, including the optional [automatic] content, is being downloaded. +- **AppXDownloadScope** Indicates the scope of the download for application content. +- **AppXScope** Indicates the scope of the app download. - **BiosFamily** The family of the BIOS (Basic Input Output System). - **BiosName** The name of the device BIOS. - **BiosReleaseDate** The release date of the device BIOS. @@ -4692,28 +4954,28 @@ The following fields are available: - **BIOSVendor** The vendor of the BIOS. - **BiosVersion** The version of the BIOS. - **BundleBytesDownloaded** Number of bytes downloaded for the specific content bundle. -- **BundleId** Identifier associated with the specific content bundle; should not be all zeros if the bundleID was found. +- **BundleId** Identifier associated with the specific content bundle. - **BundleRepeatFailCount** Indicates whether this particular update bundle has previously failed. - **BundleRepeatFailFlag** Indicates whether this particular update bundle previously failed to download. - **BundleRevisionNumber** Identifies the revision number of the content bundle. - **BytesDownloaded** Number of bytes that were downloaded for an individual piece of content (not the entire bundle). -- **CachedEngineVersion** For self-initiated healing, the version of the SIH engine that is cached on the device. If the SIH engine does not exist, the value is null. -- **CallerApplicationName** The name provided by the caller who initiated API calls into the software distribution client. -- **CbsDownloadMethod** Indicates whether the download was a full-file download or a partial/delta download. -- **CbsMethod** The method used for downloading the update content related to the Component Based Servicing (CBS) technology. This value can be one of the following: (1) express download method was used for download; (2) SelfContained download method was used for download indicating the update had no express content; (3) SelfContained download method was used indicating that the update has an express payload, but the server is not hosting it; (4) SelfContained download method was used indicating that range requests are not supported; (5) SelfContained download method was used indicating that the system does not support express download (dpx.dll is not present); (6) SelfContained download method was used indicating that self-contained download method was selected previously; (7) SelfContained download method was used indicating a fall back to self-contained if the number of requests made by DPX exceeds a certain threshold. +- **CachedEngineVersion** The version of the “Self-Initiated Healing” (SIH) engine that is cached on the device, if applicable. +- **CallerApplicationName** The name provided by the application that initiated API calls into the software distribution client. +- **CbsDownloadMethod** Indicates whether the download was a full- or a partial-file download. +- **CbsMethod** The method used for downloading the update content related to the Component Based Servicing (CBS) technology. - **CDNCountryCode** Two letter country abbreviation for the Content Distribution Network (CDN) location. - **CDNId** ID which defines which CDN the software distribution client downloaded the content from. - **ClientVersion** The version number of the software distribution client. -- **CommonProps** A bitmask for future flags associated with the Windows Update client behavior. No value is currently reported in this field. Expected value for this field is 0. -- **ConnectTime** Indicates the cumulative sum (in seconds) of the time it took to establish the connection for all updates in an update bundle. +- **CommonProps** A bitmask for future flags associated with the Windows Update client behavior. +- **ConnectTime** Indicates the cumulative amount of time (in seconds) it took to establish the connection for all updates in an update bundle. - **CurrentMobileOperator** The mobile operator the device is currently connected to. -- **DeviceModel** What is the device model. +- **DeviceModel** The model of the device. - **DownloadPriority** Indicates whether a download happened at background, normal, or foreground priority. -- **DownloadProps** Indicates a bitmask for download operations indicating: (1) if an update was downloaded to a system volume (least significant bit i.e. bit 0); (2) if the update was from a channel other than the installed channel (bit 1); (3) if the update was for a product pinned by policy (bit 2); (4) if the deployment action for the update is uninstall (bit 3). -- **DownloadType** Differentiates the download type of SIH downloads between Metadata and Payload downloads. +- **DownloadProps** Information about the download operation. +- **DownloadType** Differentiates the download type of “Self-Initiated Healing” (SIH) downloads between Metadata and Payload downloads. - **EventInstanceID** A globally unique identifier for event instance. -- **EventScenario** Indicates the purpose of sending this event - whether because the software distribution just started downloading content, or whether it was cancelled, succeeded, or failed. -- **EventType** Possible values are Child, Bundle, or Driver. +- **EventScenario** Indicates the purpose for sending this event: whether because the software distribution just started downloading content; or whether it was cancelled, succeeded, or failed. +- **EventType** Identifies the type of the event (Child, Bundle, or Driver). - **ExtendedStatusCode** Secondary error code for certain scenarios where StatusCode wasn't specific enough. - **FeatureUpdatePause** Indicates whether feature OS updates are paused on the device. - **FlightBranch** The branch that a device is on if participating in flighting (pre-release builds). @@ -4728,38 +4990,38 @@ The following fields are available: - **IsDependentSet** Indicates whether a driver is a part of a larger System Hardware/Firmware Update - **IsWUfBDualScanEnabled** Indicates if Windows Update for Business dual scan is enabled on the device. - **IsWUfBEnabled** Indicates if Windows Update for Business is enabled on the device. -- **NetworkCost** A flag indicating the cost of the network used for downloading the update content. The values can be: 0x0 (Unkown); 0x1 (Network cost is unrestricted); 0x2 (Network cost is fixed); 0x4 (Network cost is variable); 0x10000 (Network cost over data limit); 0x20000 (Network cost congested); 0x40000 (Network cost roaming); 0x80000 (Network cost approaching data limit). +- **NetworkCost** A flag indicating the cost of the network (congested, fixed, variable, over data limit, roaming, etc.) used for downloading the update content. - **NetworkCostBitMask** Indicates what kind of network the device is connected to (roaming, metered, over data cap, etc.) - **NetworkRestrictionStatus** More general version of NetworkCostBitMask, specifying whether Windows considered the current network to be "metered." - **PackageFullName** The package name of the content. - **PhonePreviewEnabled** Indicates whether a phone was opted-in to getting preview builds, prior to flighting (pre-release builds) being introduced. -- **PostDnldTime** Time taken (in seconds) to signal download completion after the last job has completed downloading payload. -- **ProcessName** The process name of the caller who initiated API calls, in the event where CallerApplicationName was not provided. +- **PostDnldTime** Time (in seconds) taken to signal download completion after the last job completed downloading the payload. +- **ProcessName** The process name of the application that initiated API calls, in the event where CallerApplicationName was not provided. - **QualityUpdatePause** Indicates whether quality OS updates are paused on the device. - **Reason** A 32-bit integer representing the reason the update is blocked from being downloaded in the background. - **RegulationReason** The reason that the update is regulated - **RegulationResult** The result code (HResult) of the last attempt to contact the regulation web service for download regulation of update content. -- **RelatedCV** The previous Correlation Vector that was used before swapping with a new one. -- **RepeatFailCount** Indicates whether this specific piece of content has previously failed. -- **RepeatFailFlag** Indicates whether this specific piece of content had previously failed to download. -- **RevisionNumber** Identifies the revision number of this specific piece of content. -- **ServiceGuid** An ID that represents which service the software distribution client is installing content for (Windows Update, Microsoft Store, etc.). -- **Setup360Phase** If the download is for an operating system upgrade, this datapoint indicates which phase of the upgrade is underway. -- **ShippingMobileOperator** The mobile operator that a device shipped on. -- **SizeCalcTime** Time taken (in seconds) to calculate the total download size of the payload. +- **RelatedCV** The Correlation Vector that was used before the most recent change to a new Correlation Vector. +- **RepeatFailCount** Indicates whether this specific content has previously failed. +- **RepeatFailFlag** Indicates whether this specific content previously failed to download. +- **RevisionNumber** The revision number of the specified piece of content. +- **ServiceGuid** A unique identifier for the service that the software distribution client is installing content for (Windows Update, Windows Store, etc.). +- **Setup360Phase** Identifies the active phase of the upgrade download if the current download is for an Operating System upgrade. +- **ShippingMobileOperator** The mobile operator linked to the device when the device shipped. +- **SizeCalcTime** Time (in seconds) taken to calculate the total download size of the payload. - **StatusCode** Indicates the result of a Download event (success, cancellation, failure code HResult). - **SystemBIOSMajorRelease** Major version of the BIOS. - **SystemBIOSMinorRelease** Minor version of the BIOS. - **TargetGroupId** For drivers targeted to a specific device model, this ID indicates the distribution group of devices receiving that driver. - **TargetingVersion** For drivers targeted to a specific device model, this is the version number of the drivers being distributed to the device. -- **TargetMetadataVersion** For self-initiated healing, this is the target version of the SIH engine to download (if needed). If not, the value is null. +- **TargetMetadataVersion** The version of the currently downloading (or most recently downloaded) package. - **ThrottlingServiceHResult** Result code (success/failure) while contacting a web service to determine whether this device should download content yet. -- **TimeToEstablishConnection** Time (in ms) it took to establish the connection prior to beginning downloaded. -- **TotalExpectedBytes** The total count of bytes that the download is expected to be. +- **TimeToEstablishConnection** Time (in milliseconds) it took to establish the connection prior to beginning downloaded. +- **TotalExpectedBytes** The total size (in Bytes) expected to be downloaded. - **UpdateId** An identifier associated with the specific piece of content. - **UpdateID** An identifier associated with the specific piece of content. -- **UpdateImportance** Indicates whether a piece of content was marked as Important, Recommended, or Optional. -- **UsedDO** Whether the download used the delivery optimization service. +- **UpdateImportance** Indicates whether the content was marked as Important, Recommended, or Optional. +- **UsedDO** Indicates whether the download used the Delivery Optimization (DO) service. - **UsedSystemVolume** Indicates whether the content was downloaded to the device's main system storage drive, or an alternate storage drive. - **WUDeviceID** The unique identifier of a specific device, used to identify how many devices are encountering success or a particular issue. @@ -4838,6 +5100,7 @@ The following fields are available: - **CommonProps** A bitmask for future flags associated with the Windows Update client behavior. No value is currently reported in this field. Expected value for this field is 0. - **CSIErrorType** The stage of CBS installation where it failed. - **CurrentMobileOperator** The mobile operator to which the device is currently connected. +- **DeploymentProviderMode** The mode of operation of the update deployment provider. - **DeviceModel** The device model. - **DriverPingBack** Contains information about the previous driver and system state. - **DriverRecoveryIds** The list of identifiers that could be used for uninstalling the drivers if a recovery is required. @@ -4924,7 +5187,7 @@ The following fields are available: - **RelatedCV** The previous correlation vector that was used by the client before swapping with a new one. - **RepeatFailCount** Indicates whether this specific piece of content has previously failed. - **RevisionNumber** Identifies the revision number of this specific piece of content. -- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Microsoft Store, etc.). +- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.). - **StatusCode** Result code of the event (success, cancellation, failure code HResult). - **TargetGroupId** For drivers targeted to a specific device model, this ID indicates the distribution group of devices receiving that driver. - **TargetingVersion** For drivers targeted to a specific device model, this is the version number of the drivers being distributed to the device. @@ -4984,7 +5247,7 @@ The following fields are available: - **RelatedCV** The previous correlation vector that was used by the client before swapping with a new one. - **RepeatFailCount** Indicates whether this specific piece of content previously failed. - **RevisionNumber** Identifies the revision number of this specific piece of content. -- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Microsoft Store, etc.). +- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Windows Store, etc.). - **StatusCode** Result code of the event (success, cancellation, failure code HResult). - **TargetGroupId** For drivers targeted to a specific device model, this ID indicates the distribution group of devices receiving that driver. - **TargetingVersion** For drivers targeted to a specific device model, this is the version number of the drivers being distributed to the device. @@ -5016,28 +5279,28 @@ Ensures Windows Updates are secure and complete. Event helps to identify whether The following fields are available: - **CallerApplicationName** Name of application making the Windows Update request. Used to identify context of request. -- **EndpointUrl** URL of the endpoint where client obtains update metadata. Used to identify test vs staging vs production environments. -- **EventScenario** Indicates the purpose of the event - whether because scan started, succeded, failed, etc. -- **ExtendedStatusCode** Secondary status code for certain scenarios where StatusCode was not specific enough. -- **LeafCertId** Integral ID from the FragmentSigning data for certificate that failed. +- **EndpointUrl** The endpoint URL where the device obtains update metadata. This is used to distinguish between test, staging, and production environments. +- **EventScenario** The purpose of this event, such as scan started, scan succeeded, or scan failed. +- **ExtendedStatusCode** The secondary status code of the event. +- **LeafCertId** The integral ID from the FragmentSigning data for the certificate that failed. - **ListOfSHA256OfIntermediateCerData** A semicolon delimited list of base64 encoding of hashes for the Base64CerData in the FragmentSigning data of an intermediate certificate. -- **MetadataIntegrityMode** Mode of update transport metadata integrity check. 0-Unknown, 1-Ignoe, 2-Audit, 3-Enforce +- **MetadataIntegrityMode** The mode of the transport metadata integrity check. 0 = unknown; 1 = ignore; 2 = audit; 3 = enforce - **MetadataSignature** A base64-encoded string of the signature associated with the update metadata (specified by revision ID). -- **RawMode** Raw unparsed mode string from the SLS response. May be null if not applicable. +- **RawMode** The raw unparsed mode string from the SLS response. This field is null if not applicable. - **RawValidityWindowInDays** The raw unparsed validity window string in days of the timestamp token. This field is null if not applicable. - **RevisionId** The revision ID for a specific piece of content. - **RevisionNumber** The revision number for a specific piece of content. -- **ServiceGuid** Identifier for the service to which the software distribution client is connecting (Windows Update, Microsoft Store, etc) +- **ServiceGuid** Identifies the service to which the software distribution client is connected, Example: Windows Update or Microsoft Store - **SHA256OfLeafCerData** A base64 encoding of the hash for the Base64CerData in the FragmentSigning data of the leaf certificate. - **SHA256OfLeafCertPublicKey** A base64 encoding of the hash of the Base64CertData in the FragmentSigning data of the leaf certificate. -- **SHA256OfTimestampToken** Base64 string of hash of the timestamp token blob +- **SHA256OfTimestampToken** An encoded string of the timestamp token. - **SignatureAlgorithm** The hash algorithm for the metadata signature. -- **SLSPrograms** A test program a machine may be opted in. Examples include "Canary" and "Insider Fast". -- **StatusCode** Result code of the event (success, cancellation, failure code HResult) -- **TimestampTokenCertThumbprint** Thumbprint of the encoded timestamp token. -- **TimestampTokenId** Created time encoded in the timestamp blob. This will be zeroed if the token is itself malformed and decoding failed. +- **SLSPrograms** A test program to which a device may have opted in. Example: Insider Fast +- **StatusCode** The status code of the event. +- **TimestampTokenCertThumbprint** The thumbprint of the encoded timestamp token. +- **TimestampTokenId** The time this was created. It is encoded in a timestamp blob and will be zero if the token is malformed. - **UpdateId** The update ID for a specific piece of content. -- **ValidityWindowInDays** Validity window in effect when verifying the timestamp +- **ValidityWindowInDays** The validity window that's in effect when verifying the timestamp. ## System Resource Usage Monitor events @@ -5133,6 +5396,7 @@ The following fields are available: - **RangeRequestState** Indicates the range request type used. - **RelatedCV** Correlation vector value generated from the latest USO scan. - **Result** Outcome of the download request phase of update. +- **SandboxTaggedForReserves** The sandbox for reserves. - **ScenarioId** Indicates the update scenario. - **SessionId** Unique value for each attempt (same value for initialize, download, install commit phases). - **UpdateId** Unique ID for each update. @@ -5360,6 +5624,24 @@ The following fields are available: - **UserSession** Indicates whether install was invoked by user actions. +## Update notification events + +### Microsoft.Windows.UpdateNotificationPipeline.UNPCampaignManagerHeartbeat + +This event is sent at the start of the CampaignManager event and is intended to be used as a heartbeat. + +The following fields are available: + +- **CampaignConfigVersion** Configuration version for the current campaign. +- **CampaignID** Currently campaign that is running on Update Notification Pipeline (UNP). +- **ConfigCatalogVersion** Current catalog version of UNP. +- **ContentVersion** Content version for the current campaign on UNP. +- **CV** Correlation vector. +- **DetectorVersion** Most recently run detector version for the current campaign on UNP. +- **GlobalEventCounter** Client-side counter that indicates the event ordering sent by the user. +- **PackageVersion** Current UNP package version. + + ## Upgrade events ### FacilitatorTelemetry.DCATDownload @@ -5374,6 +5656,22 @@ The following fields are available: - **ResultCode** Result returned by the Facilitator DCAT call. - **Scenario** Dynamic update scenario (Image DU, or Setup DU). - **Type** Type of package that was downloaded. +- **UpdateId** The ID of the update that was downloaded. + + +### FacilitatorTelemetry.DUDownload + +This event returns data about the download of supplemental packages critical to upgrading a device to the next version of Windows. + +The following fields are available: + +- **DownloadRequestAttributes** The attributes sent for download. +- **PackageCategoriesFailed** Lists the categories of packages that failed to download. +- **PackageCategoriesSkipped** Lists the categories of package downloads that were skipped. +- **ResultCode** The result of the event execution. +- **Scenario** Identifies the active Download scenario. +- **Url** The URL the download request was sent to. +- **Version** Identifies the version of Facilitator used. ### FacilitatorTelemetry.InitializeDU @@ -5591,7 +5889,7 @@ The following fields are available: - **InstanceId** Retrieves a unique identifier for each instance of a setup session. - **Operation** Facilitator’s last known operation (scan, download, etc.). - **ReportId** ID for tying together events stream side. -- **ResultCode** Result returned by setup for the entire operation. +- **ResultCode** Result returned for the entire setup operation. - **Scenario** Dynamic Update scenario (Image DU, or Setup DU). - **ScenarioId** Identifies the update scenario. - **TargetBranch** Branch of the target OS. @@ -5693,6 +5991,7 @@ The following fields are available: - **detectionSummary** Result of each applicable detection that was run. - **featureAssessmentImpact** WaaS Assessment impact for feature updates. - **hrEngineResult** Error code from the engine operation. +- **insufficientSessions** Device not eligible for diagnostics. - **isInteractiveMode** The user started a run of WaaSMedic. - **isManaged** Device is managed for updates. - **isWUConnected** Device is connected to Windows Update. @@ -5754,7 +6053,7 @@ The following fields are available: - **PertProb** The probability the entry will be Perturbed if the algorithm chosen is “heavy-hitters”. -## Microsoft Store events +## Windows Store events ### Microsoft.Windows.Store.StoreActivating @@ -6033,7 +6332,9 @@ This event is sent at the beginning of an app install or update to help keep Win The following fields are available: - **CatalogId** The name of the product catalog from which this app was chosen. +- **FulfillmentPluginId** The ID of the plugin needed to install the package type of the product. - **PFN** The Package Family Name of the app that is being installed or updated. +- **PluginTelemetryData** Diagnostic information specific to the package-type plug-in. - **ProductId** The product ID of the app that is being updated or installed. @@ -6224,6 +6525,7 @@ The following fields are available: - **bytesFromCDN** The number of bytes received from a CDN source. - **bytesFromGroupPeers** The number of bytes received from a peer in the same domain group. - **bytesFromIntPeers** The number of bytes received from peers not in the same LAN or in the same domain group. +- **bytesFromLinkLocalPeers** The number of bytes received from local peers. - **bytesFromLocalCache** Bytes copied over from local (on disk) cache. - **bytesFromPeers** The number of bytes received from a peer in the same LAN. - **bytesRequested** The total number of bytes requested for download. @@ -6251,7 +6553,9 @@ The following fields are available: - **isVpn** Is the device connected to a Virtual Private Network? - **jobID** Identifier for the Windows Update job. - **lanConnectionCount** The total number of connections made to peers in the same LAN. +- **linkLocalConnectionCount** The number of connections made to peers in the same Link-local network. - **numPeers** The total number of peers used for this download. +- **numPeersLocal** The total number of local peers used for this download. - **predefinedCallerName** The name of the API Caller. - **restrictedUpload** Is the upload restricted? - **routeToCacheServer** The cache server setting, source, and value. @@ -6298,6 +6602,7 @@ The following fields are available: - **doClientVersion** The version of the Delivery Optimization client. - **doErrorCode** The Delivery Optimization error code that was returned. - **downloadMode** The download mode used for this file download session (CdnOnly = 0, Lan = 1, Group = 2, Internet = 3, Simple = 99, Bypass = 100). +- **downloadModeReason** Reason for the download. - **downloadModeSrc** Source of the DownloadMode setting (KvsProvider = 0, GeoProvider = 1, GeoVerProvider = 2, CpProvider = 3, DiscoveryProvider = 4, RegistryProvider = 5, GroupPolicyProvider = 6, MdmProvider = 7, SettingsProvider = 8, InvalidProviderType = 9). - **errorCode** The error code that was returned. - **experimentId** ID used to correlate client/services calls that are part of the same test during A/B testing. @@ -6363,21 +6668,21 @@ This event collects information regarding the state of devices and drivers on th The following fields are available: - **activated** Whether the entire device manifest update is considered activated and in use. -- **analysisErrorCount** How many driver packages that could not be analyzed because errors were hit during the analysis. +- **analysisErrorCount** The number of driver packages that could not be analyzed because errors occurred during analysis. - **flightId** Unique ID for each flight. -- **missingDriverCount** How many driver packages that were delivered by the device manifest that are missing from the system. -- **missingUpdateCount** How many updates that were part of the device manifest that are missing from the system. +- **missingDriverCount** The number of driver packages delivered by the device manifest that are missing from the system. +- **missingUpdateCount** The number of updates in the device manifest that are missing from the system. - **objectId** Unique value for each diagnostics session. -- **publishedCount** How many drivers packages that were delivered by the device manifest that are published and available to be used on devices. +- **publishedCount** The number of drivers packages delivered by the device manifest that are published and available to be used on devices. - **relatedCV** Correlation vector value generated from the latest USO scan. - **scenarioId** Indicates the update scenario. - **sessionId** Unique value for each update session. -- **summary** A summary string that contains some basic information about driver packages that are part of the device manifest and any devices on the system that those driver packages match on. +- **summary** A summary string that contains basic information about driver packages that are part of the device manifest and any devices on the system that those driver packages match. - **summaryAppendError** A Boolean indicating if there was an error appending more information to the summary string. -- **truncatedDeviceCount** How many devices are missing from the summary string due to there not being enough room in the string. -- **truncatedDriverCount** How many driver packages are missing from the summary string due to there not being enough room in the string. +- **truncatedDeviceCount** The number of devices missing from the summary string because there is not enough room in the string. +- **truncatedDriverCount** The number of driver packages missing from the summary string because there is not enough room in the string. - **unpublishedCount** How many drivers packages that were delivered by the device manifest that are still unpublished and unavailable to be used on devices. -- **updateId** Unique ID for each Update. +- **updateId** The unique ID for each update. ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentCommit @@ -6448,13 +6753,13 @@ This event collects information regarding the install phase of the new device ma The following fields are available: - **errorCode** The error code returned for the current install phase. -- **flightId** The unique identifier for each flight. +- **flightId** The unique identifier for each flight (pre-release builds). - **objectId** The unique identifier for each diagnostics session. -- **relatedCV** Correlation vector value generated from the latest USO scan. +- **relatedCV** Correlation vector value generated from the latest scan. - **result** Outcome of the install phase of the update. -- **scenarioId** The unique identifier for the update scenario. +- **scenarioId** The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate - **sessionId** The unique identifier for each update session. -- **updateId** The unique identifier for each update. +- **updateId** The unique identifier for each Update. ### Microsoft.Windows.Update.DeviceUpdateAgent.UpdateAgentModeStart @@ -6463,13 +6768,13 @@ This event sends data for the start of each mode during the process of updating The following fields are available: -- **flightId** The unique identifier for each flight. -- **mode** The mode that is starting. -- **objectId** The unique value for each diagnostics session. -- **relatedCV** Correlation vector value generated from the latest USO scan. +- **flightId** The unique identifier for each flight (pre-release builds). +- **mode** Indicates the active Update Agent mode. +- **objectId** Unique value for each diagnostics session. +- **relatedCV** Correlation vector value generated from the latest scan. - **scenarioId** The scenario ID. Example: MobileUpdate, DesktopLanguagePack, DesktopFeatureOnDemand, or DesktopDriverUpdate. -- **sessionId** Unique value for each Update Agent mode attempt. -- **updateId** Unique identifier for each update. +- **sessionId** The unique identifier for each update session. +- **updateId** The unique identifier for each Update. ### Microsoft.Windows.Update.NotificationUx.DialogNotificationToBeDisplayed @@ -6498,6 +6803,22 @@ The following fields are available: - **UtcTime** The time the dialog box notification will be displayed, in Coordinated Universal Time. +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootAcceptAutoDialog + +This event indicates that the Enhanced Engaged restart "accept automatically" dialog box was displayed. + +The following fields are available: + +- **DeviceLocalTime** The local time on the device sending the event. +- **ETag** OneSettings versioning value. +- **ExitCode** Indicates how users exited the dialog box. +- **RebootVersion** Version of DTE. +- **UpdateId** The ID of the update that is pending restart to finish installation. +- **UpdateRevision** The revision of the update that is pending restart to finish installation. +- **UserResponseString** The option that user chose on this dialog box. +- **UtcTime** The time that the dialog box was displayed, in Coordinated Universal Time. + + ### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootFirstReminderDialog This event indicates that the Enhanced Engaged restart "first reminder" dialog box was displayed.. @@ -6562,6 +6883,42 @@ The following fields are available: - **UtcTime** The time at which the reboot reminder dialog was shown (in UTC). +### Microsoft.Windows.Update.NotificationUx.EnhancedEngagedRebootReminderToast + +This event indicates that the Enhanced Engaged restart reminder pop-up banner was displayed. + +The following fields are available: + +- **DeviceLocalTime** The local time on the device sending the event. +- **ETag** OneSettings versioning value. +- **ExitCode** Indicates how users exited the pop-up banner. +- **RebootVersion** The version of the reboot logic. +- **UpdateId** The ID of the update that is pending restart to finish installation. +- **UpdateRevision** The revision of the update that is pending restart to finish installation. +- **UserResponseString** The option that the user chose in the pop-up banner. +- **UtcTime** The time that the pop-up banner was displayed, in Coordinated Universal Time. + + +### Microsoft.Windows.Update.NotificationUx.RebootScheduled + +Indicates when a reboot is scheduled by the system or a user for a security, quality, or feature update. + +The following fields are available: + +- **activeHoursApplicable** Indicates whether an Active Hours policy is present on the device. +- **IsEnhancedEngagedReboot** Indicates whether this is an Enhanced Engaged reboot. +- **rebootArgument** Argument for the reboot task. It also represents specific reboot related action. +- **rebootOutsideOfActiveHours** Indicates whether a restart is scheduled outside of active hours. +- **rebootScheduledByUser** Indicates whether the restart was scheduled by user (if not, it was scheduled automatically). +- **rebootState** The current state of the restart. +- **rebootUsingSmartScheduler** Indicates whether the reboot is scheduled by smart scheduler. +- **revisionNumber** Revision number of the update that is getting installed with this restart. +- **scheduledRebootTime** Time of the scheduled restart. +- **scheduledRebootTimeInUTC** Time of the scheduled restart in Coordinated Universal Time. +- **updateId** ID of the update that is getting installed with this restart. +- **wuDeviceid** Unique device ID used by Windows Update. + + ### Microsoft.Windows.Update.Orchestrator.ActivityRestrictedByActiveHoursPolicy This event indicates a policy is present that may restrict update activity to outside of active hours. @@ -6622,20 +6979,20 @@ This event indicates that a scan for a Windows Update occurred. The following fields are available: -- **deferReason** Reason why the device could not check for updates. -- **detectionBlockingPolicy** State of update action. -- **detectionBlockreason** Reason for detection not completing. +- **deferReason** The reason why the device could not check for updates. +- **detectionBlockingPolicy** The Policy that blocked detection. +- **detectionBlockreason** The reason detection did not complete. - **detectionRetryMode** Indicates whether we will try to scan again. -- **errorCode** The returned error code. +- **errorCode** The error code returned for the current process. - **eventScenario** End-to-end update session ID, or indicates the purpose of sending this event - whether because the software distribution just started installing content, or whether it was cancelled, succeeded, or failed. -- **flightID** The specific ID of the Windows Insider build the device is getting. -- **interactive** Indicates whether the session was user initiated. -- **networkStatus** Error info -- **revisionNumber** Update revision number. -- **scanTriggerSource** Source of the triggered scan. -- **updateId** Update ID. -- **updateScenarioType** Update Session type -- **wuDeviceid** Device ID +- **flightID** The unique identifier for the flight (Windows Insider pre-release build) should be delivered to the device, if applicable. +- **interactive** Indicates whether the user initiated the session. +- **networkStatus** Indicates if the device is connected to the internet. +- **revisionNumber** The Update revision number. +- **scanTriggerSource** The source of the triggered scan. +- **updateId** The unique identifier of the Update. +- **updateScenarioType** Identifies the type of update session being performed. +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Orchestrator.DisplayNeeded @@ -6700,6 +7057,23 @@ The following fields are available: - **wuDeviceid** Device ID used by Windows Update. +### Microsoft.Windows.Update.Orchestrator.EscalationRiskLevels + +This event is sent during update scan, download, or install, and indicates that the device is at risk of being out-of-date. + +The following fields are available: + +- **configVersion** The escalation configuration version on the device. +- **downloadElapsedTime** Indicates how long since the download is required on device. +- **downloadRiskLevel** At-risk level of download phase. +- **installElapsedTime** Indicates how long since the install is required on device. +- **installRiskLevel** The at-risk level of install phase. +- **isSediment** Assessment of whether is device is at risk. +- **scanElapsedTime** Indicates how long since the scan is required on device. +- **scanRiskLevel** At-risk level of the scan phase. +- **wuDeviceid** Device ID used by Windows Update. + + ### Microsoft.Windows.Update.Orchestrator.FailedToAddTimeTriggerToScanTask This event indicated that USO failed to add a trigger time to a task. @@ -6718,6 +7092,7 @@ The following fields are available: - **EventPublishedTime** Time when this event was generated. - **flightID** The specific ID of the Windows Insider build. +- **inapplicableReason** The reason why the update is inapplicable. - **revisionNumber** Update revision number. - **updateId** Unique Windows Update ID. - **updateScenarioType** Update session type. @@ -6739,7 +7114,7 @@ The following fields are available: - **revisionNumber** Revision number of the update. - **updateId** Update ID. - **updateScenarioType** The update session type. -- **uxRebootstate** Indicates the exact state of the user experience at the time the required reboot was initiated to ensure the correct update process and experience is provided to keep Windows up to date.Indicates the exact state of the user experience at the time the required reboot was initiated. +- **uxRebootstate** Indicates the exact state of the user experience at the time the required reboot was initiated. - **wuDeviceid** Unique device ID used by Windows Update. @@ -6753,7 +7128,7 @@ The following fields are available: - **deferReason** Reason for install not completing. - **errorCode** The error code reppresented by a hexadecimal value. - **eventScenario** End-to-end update session ID. -- **flightID** Unique update ID +- **flightID** The ID of the Windows Insider build the device is getting. - **flightUpdate** Indicates whether the update is a Windows Insider build. - **ForcedRebootReminderSet** A boolean value that indicates if a forced reboot will happen for updates. - **IgnoreReasonsForRestart** The reason(s) a Postpone Restart command was ignored. @@ -7028,7 +7403,7 @@ The following fields are available: - **scheduledRebootTime** Time scheduled for the reboot. - **scheduledRebootTimeInUTC** Time scheduled for the reboot, in UTC. - **updateId** Identifies which update is being scheduled. -- **wuDeviceid** Unique DeviceID +- **wuDeviceid** The unique device ID used by Windows Update. ### Microsoft.Windows.Update.Ux.MusNotification.UxBrokerScheduledTask @@ -7069,21 +7444,43 @@ This event sends data specific to the CleanupSafeOsImages mitigation used for OS The following fields are available: -- **ClientId** In the WU scenario, this will be the WU client ID that is passed to Setup. In Media setup, default value is Media360, but can be overwritten by the caller to a unique value. -- **FlightId** Unique identifier for each flight. -- **InstanceId** Unique GUID that identifies each instances of setuphost.exe. +- **ClientId** The client ID used by Windows Update. +- **FlightId** The ID of each Windows Insider build the device received. +- **InstanceId** A unique device ID that identifies each update instance. - **MitigationScenario** The update scenario in which the mitigation was executed. -- **MountedImageCount** Number of mounted images. -- **MountedImageMatches** Number of mounted images that were under %systemdrive%\$Windows.~BT. -- **MountedImagesFailed** Number of mounted images under %systemdrive%\$Windows.~BT that could not be removed. -- **MountedImagesRemoved** Number of mounted images under %systemdrive%\$Windows.~BT that were successfully removed. -- **MountedImagesSkipped** Number of mounted images that were not under %systemdrive%\$Windows.~BT. -- **RelatedCV** Correlation vector value generated from the latest USO scan. +- **MountedImageCount** The number of mounted images. +- **MountedImageMatches** The number of mounted image matches. +- **MountedImagesFailed** The number of mounted images that could not be removed. +- **MountedImagesRemoved** The number of mounted images that were successfully removed. +- **MountedImagesSkipped** The number of mounted images that were not found. +- **RelatedCV** The correlation vector value generated from the latest USO scan. - **Result** HResult of this operation. - **ScenarioId** ID indicating the mitigation scenario. - **ScenarioSupported** Indicates whether the scenario was supported. - **SessionId** Unique value for each update attempt. -- **UpdateId** Unique ID for each Update. +- **UpdateId** Unique ID for each Windows Update. +- **WuId** Unique ID for the Windows Update client. + + +### Mitigation360Telemetry.MitigationCustom.FixAppXReparsePoints + +This event sends data specific to the FixAppXReparsePoints mitigation used for OS updates. + +The following fields are available: + +- **ClientId** Unique identifier for each flight. +- **FlightId** Unique GUID that identifies each instances of setuphost.exe. +- **InstanceId** The update scenario in which the mitigation was executed. +- **MitigationScenario** Correlation vector value generated from the latest USO scan. +- **RelatedCV** Number of reparse points that are corrupted but we failed to fix them. +- **ReparsePointsFailed** Number of reparse points that were corrupted and were fixed by this mitigation. +- **ReparsePointsFixed** Number of reparse points that are not corrupted and no action is required. +- **ReparsePointsSkipped** HResult of this operation. +- **Result** ID indicating the mitigation scenario. +- **ScenarioId** Indicates whether the scenario was supported. +- **ScenarioSupported** Unique value for each update attempt. +- **SessionId** Unique ID for each Update. +- **UpdateId** Unique ID for the Windows Update client. - **WuId** Unique ID for the Windows Update client. @@ -7110,6 +7507,57 @@ The following fields are available: - **WuId** Unique ID for the Windows Update client. +## Windows Update Reserve Manager events + +### Microsoft.Windows.UpdateReserveManager.CommitPendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager commits a hard reserve adjustment that was pending. + +The following fields are available: + +- **FinalAdjustment** Final adjustment for the hard reserve following the addition or removal of optional content. +- **InitialAdjustment** Initial intended adjustment for the hard reserve following the addition/removal of optional content. + + +### Microsoft.Windows.UpdateReserveManager.FunctionReturnedError + +This event is sent when the Update Reserve Manager returns an error from one of its internal functions. + +The following fields are available: + +- **FailedExpression** The failed expression that was returned. +- **FailedFile** The binary file that contained the failed function. +- **FailedFunction** The name of the function that originated the failure. +- **FailedLine** The line number of the failure. +- **ReturnCode** The return code of the function. + + +### Microsoft.Windows.UpdateReserveManager.PrepareTIForReserveInitialization + +This event is sent when the Update Reserve Manager prepares the Trusted Installer to initialize reserves on the next boot. + +The following fields are available: + +- **Flags** The flags that are passed to the function to prepare the Trusted Installer for reserve initialization. + + +### Microsoft.Windows.UpdateReserveManager.RemovePendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager removes a pending hard reserve adjustment. + + + +### Microsoft.Windows.UpdateReserveManager.UpdatePendingHardReserveAdjustment + +This event is sent when the Update Reserve Manager needs to adjust the size of the hard reserve after the option content is installed. + +The following fields are available: + +- **ChangeSize** The change in the hard reserve size based on the addition or removal of optional content. +- **PendingHardReserveAdjustment** The final change to the hard reserve size. +- **UpdateType** Indicates whether the change is an increase or decrease in the size of the hard reserve. + + ## Winlogon events ### Microsoft.Windows.Security.Winlogon.SetupCompleteLogon diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 37a8b7a031..da571eeaf2 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -7,7 +7,12 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: high -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 04/04/2018 --- diff --git a/windows/privacy/diagnostic-data-viewer-overview.md b/windows/privacy/diagnostic-data-viewer-overview.md index c3e3209466..f739985f3d 100644 --- a/windows/privacy/diagnostic-data-viewer-overview.md +++ b/windows/privacy/diagnostic-data-viewer-overview.md @@ -7,8 +7,12 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: high -author: brianlic-msft -ms.author: brianlic +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 01/17/2018 --- diff --git a/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md b/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md index e1797ff113..f3f9bf6b3f 100644 --- a/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md +++ b/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md @@ -7,9 +7,13 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: high -ms.date: 11/9/2018 -author: danihalfin +audience: ITPro +author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article +ms.date: 11/9/2018 --- diff --git a/windows/privacy/gdpr-it-guidance.md b/windows/privacy/gdpr-it-guidance.md index 273464ae5a..3cc4c3a5d1 100644 --- a/windows/privacy/gdpr-it-guidance.md +++ b/windows/privacy/gdpr-it-guidance.md @@ -7,8 +7,12 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 05/11/2018 --- # Windows and the GDPR: Information for IT Administrators and Decision Makers diff --git a/windows/privacy/gdpr-win10-whitepaper.md b/windows/privacy/gdpr-win10-whitepaper.md index a8a0214f4a..62925e34b9 100644 --- a/windows/privacy/gdpr-win10-whitepaper.md +++ b/windows/privacy/gdpr-win10-whitepaper.md @@ -7,8 +7,12 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: high +audience: ITPro author: pwiglemsft ms.author: pwigle +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 09/25/2017 --- diff --git a/windows/privacy/index.yml b/windows/privacy/index.yml index c0af2a06c7..8d5740bc52 100644 --- a/windows/privacy/index.yml +++ b/windows/privacy/index.yml @@ -22,7 +22,13 @@ metadata: ms.date: 04/25/2018 - ms.topic: article + ms.topic: conceptual + + audience: ITPro + + manager: dansimp + + ms.collection: M365-security-compliance ms.devlang: na diff --git a/windows/privacy/license-terms-windows-diagnostic-data-for-powershell.md b/windows/privacy/license-terms-windows-diagnostic-data-for-powershell.md index ee8ecf4a8b..142906d55e 100644 --- a/windows/privacy/license-terms-windows-diagnostic-data-for-powershell.md +++ b/windows/privacy/license-terms-windows-diagnostic-data-for-powershell.md @@ -7,8 +7,12 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 11/16/2018 robots: noindex,nofollow --- diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 5c89da41a0..75f9a40255 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -7,8 +7,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: medium +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 06/05/2018 --- diff --git a/windows/privacy/manage-windows-1709-endpoints.md b/windows/privacy/manage-windows-1709-endpoints.md index 2e754c9ad3..a3e6817d6a 100644 --- a/windows/privacy/manage-windows-1709-endpoints.md +++ b/windows/privacy/manage-windows-1709-endpoints.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 6/26/2018 --- # Manage connection endpoints for Windows 10, version 1709 diff --git a/windows/privacy/manage-windows-1803-endpoints.md b/windows/privacy/manage-windows-1803-endpoints.md index f508978478..c23ac04672 100644 --- a/windows/privacy/manage-windows-1803-endpoints.md +++ b/windows/privacy/manage-windows-1803-endpoints.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 6/26/2018 --- # Manage connection endpoints for Windows 10, version 1803 diff --git a/windows/privacy/manage-windows-1809-endpoints.md b/windows/privacy/manage-windows-1809-endpoints.md index 7c645311a6..74fa377991 100644 --- a/windows/privacy/manage-windows-1809-endpoints.md +++ b/windows/privacy/manage-windows-1809-endpoints.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 6/26/2018 --- # Manage connection endpoints for Windows 10, version 1809 diff --git a/windows/privacy/windows-diagnostic-data-1703.md b/windows/privacy/windows-diagnostic-data-1703.md index 15ce44125d..de1f934651 100644 --- a/windows/privacy/windows-diagnostic-data-1703.md +++ b/windows/privacy/windows-diagnostic-data-1703.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high -author: eross-msft -ms.author: lizross +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 11/28/2017 --- diff --git a/windows/privacy/windows-diagnostic-data.md b/windows/privacy/windows-diagnostic-data.md index dd435f2d40..2b73716da2 100644 --- a/windows/privacy/windows-diagnostic-data.md +++ b/windows/privacy/windows-diagnostic-data.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high -author: brianlic-msft -ms.author: brianlic +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 03/13/2018 --- diff --git a/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md index 89c04ebc76..58b39b8a65 100644 --- a/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1709-non-enterprise-editions.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 6/26/2018 --- # Windows 10, version 1709, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md index 39343b19d9..833236d614 100644 --- a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 6/26/2018 --- # Windows 10, version 1803, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md index 222b37d0e2..370860330f 100644 --- a/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1809-non-enterprise-editions.md @@ -6,8 +6,12 @@ ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 6/26/2018 --- # Windows 10, version 1809, connection endpoints for non-Enterprise editions diff --git a/windows/privacy/windows-personal-data-services-configuration.md b/windows/privacy/windows-personal-data-services-configuration.md index e830022a97..bb0d5fa4f5 100644 --- a/windows/privacy/windows-personal-data-services-configuration.md +++ b/windows/privacy/windows-personal-data-services-configuration.md @@ -7,8 +7,12 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: high +audience: ITPro author: danihalfin ms.author: daniha +manager: dansimp +ms.collection: M365-security-compliance +ms.topic: article ms.date: 05/11/2018 --- # Windows 10 personal data services configuration diff --git a/windows/security/identity-protection/access-control/access-control.md b/windows/security/identity-protection/access-control/access-control.md index 5516d2dc33..4783ea80b2 100644 --- a/windows/security/identity-protection/access-control/access-control.md +++ b/windows/security/identity-protection/access-control/access-control.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 07/18/2017 --- diff --git a/windows/security/identity-protection/access-control/active-directory-accounts.md b/windows/security/identity-protection/access-control/active-directory-accounts.md index 18260aeb64..f1d45ad92f 100644 --- a/windows/security/identity-protection/access-control/active-directory-accounts.md +++ b/windows/security/identity-protection/access-control/active-directory-accounts.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/access-control/active-directory-security-groups.md b/windows/security/identity-protection/access-control/active-directory-security-groups.md index d0a9735761..b0fe4c8945 100644 --- a/windows/security/identity-protection/access-control/active-directory-security-groups.md +++ b/windows/security/identity-protection/access-control/active-directory-security-groups.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/access-control/dynamic-access-control.md b/windows/security/identity-protection/access-control/dynamic-access-control.md index 168780b269..3a780b65c8 100644 --- a/windows/security/identity-protection/access-control/dynamic-access-control.md +++ b/windows/security/identity-protection/access-control/dynamic-access-control.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/access-control/local-accounts.md b/windows/security/identity-protection/access-control/local-accounts.md index 53820f7491..548fb7d8a4 100644 --- a/windows/security/identity-protection/access-control/local-accounts.md +++ b/windows/security/identity-protection/access-control/local-accounts.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 12/10/2018 --- diff --git a/windows/security/identity-protection/access-control/microsoft-accounts.md b/windows/security/identity-protection/access-control/microsoft-accounts.md index f1071d55e7..27e5a67167 100644 --- a/windows/security/identity-protection/access-control/microsoft-accounts.md +++ b/windows/security/identity-protection/access-control/microsoft-accounts.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 10/13/2017 --- diff --git a/windows/security/identity-protection/access-control/security-identifiers.md b/windows/security/identity-protection/access-control/security-identifiers.md index 19f600c354..cf302f81cd 100644 --- a/windows/security/identity-protection/access-control/security-identifiers.md +++ b/windows/security/identity-protection/access-control/security-identifiers.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/access-control/security-principals.md b/windows/security/identity-protection/access-control/security-principals.md index 75137c70cb..c5845d5f63 100644 --- a/windows/security/identity-protection/access-control/security-principals.md +++ b/windows/security/identity-protection/access-control/security-principals.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/access-control/service-accounts.md b/windows/security/identity-protection/access-control/service-accounts.md index c210880baa..b26e3f92e0 100644 --- a/windows/security/identity-protection/access-control/service-accounts.md +++ b/windows/security/identity-protection/access-control/service-accounts.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/access-control/special-identities.md b/windows/security/identity-protection/access-control/special-identities.md index 4a7b685722..44dcfef806 100644 --- a/windows/security/identity-protection/access-control/special-identities.md +++ b/windows/security/identity-protection/access-control/special-identities.md @@ -5,6 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/change-history-for-access-protection.md b/windows/security/identity-protection/change-history-for-access-protection.md index ceecf5c712..c975a34e77 100644 --- a/windows/security/identity-protection/change-history-for-access-protection.md +++ b/windows/security/identity-protection/change-history-for-access-protection.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/11/2017 --- diff --git a/windows/security/identity-protection/configure-s-mime.md b/windows/security/identity-protection/configure-s-mime.md index e5086ff9c0..b6fa386ae3 100644 --- a/windows/security/identity-protection/configure-s-mime.md +++ b/windows/security/identity-protection/configure-s-mime.md @@ -7,7 +7,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: jdeckerms +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.localizationpriority: medium ms.date: 07/27/2017 --- diff --git a/windows/security/identity-protection/credential-guard/additional-mitigations.md b/windows/security/identity-protection/credential-guard/additional-mitigations.md index 2ce6157d51..39d4a423a8 100644 --- a/windows/security/identity-protection/credential-guard/additional-mitigations.md +++ b/windows/security/identity-protection/credential-guard/additional-mitigations.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/17/2017 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-considerations.md b/windows/security/identity-protection/credential-guard/credential-guard-considerations.md index 41b2e20eb2..b3c0ba0502 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-considerations.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-considerations.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/31/2017 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md b/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md index 5f0414102b..0e10a79093 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-how-it-works.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/17/2017 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md index 876bf45bbc..d999f556ba 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-known-issues.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/17/2017 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md index 66069f5d73..def101e7d1 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 09/04/2018 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md b/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md index f5edbab628..a83bbf8af8 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-not-protected-scenarios.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/17/2017 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md b/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md index b41c2815de..0277d8dcf5 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-protection-limits.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/17/2017 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md index 515338ce7e..68c7ae9ccb 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-requirements.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-requirements.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 01/12/2018 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard-scripts.md b/windows/security/identity-protection/credential-guard/credential-guard-scripts.md index 9ac7b4a335..f6c5fda88e 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-scripts.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-scripts.md @@ -6,7 +6,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/17/2017 --- diff --git a/windows/security/identity-protection/credential-guard/credential-guard.md b/windows/security/identity-protection/credential-guard/credential-guard.md index d541979fb9..54db450ede 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard.md +++ b/windows/security/identity-protection/credential-guard/credential-guard.md @@ -7,7 +7,12 @@ ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 08/17/2017 --- diff --git a/windows/security/identity-protection/enterprise-certificate-pinning.md b/windows/security/identity-protection/enterprise-certificate-pinning.md index 7732d4dcb7..aa7b5c3ba4 100644 --- a/windows/security/identity-protection/enterprise-certificate-pinning.md +++ b/windows/security/identity-protection/enterprise-certificate-pinning.md @@ -1,10 +1,14 @@ --- +title: Enterprise Certificate Pinning ms.mktglfcycl: manage ms.sitesec: library -ms.author: mstephens -author: MikeStephens-MS description: Enterprise certificate pinning is a Windows feature for remembering, or “pinning” a root, issuing certificate authority, or end entity certificate to a given domain name. -manager: alanth +audience: ITPro +author: MikeStephens-MS +ms.author: mstephens +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.prod: w10 ms.technology: windows ms.sitesec: library diff --git a/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md new file mode 100644 index 0000000000..768730bf01 --- /dev/null +++ b/windows/security/identity-protection/hello-for-business/WebAuthnAPIs.md @@ -0,0 +1,46 @@ +--- +title: WebAuthn APIs +description: Enabling password-less authentication for your sites and apps +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security, mobile +audience: ITPro +author: aabhathipsay +ms.author: aathipsa +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium +ms.date: 02/15/2019 +--- +# WebAuthn APIs for password-less authentication on Windows 10 + + +### Passwords leave your customers vulnerable. With the new WebAuthn APIs, your sites and apps can leverage password-less authentication. + +Microsoft has long been a proponent to do away with passwords. +While working towards that goal, we'd like to introduce you to the latest Windows 10 (version 1903) W3C/FIDO2 Win32 WebAuthn platform APIs! +These APIs allow Microsoft developer partners and the developer community to leverage Windows Hello and FIDO2 security keys +as a password-less authentication mechanism for their applications on Windows 10 devices. + +#### What does this mean? +This opens opportunities for developers or relying parties (RPs) to enable password-less authentication. +They can now leverage [Windows Hello](https://aka.ms/whfb) or [FIDO2 Security Keys](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key) +as a password-less multi-factor credential for authentication. +
    +Users of these sites can use any browser that supports WebAuthn Windows 10 APIs for password-less authentication + and will have a familiar and consistent experience on Windows 10, no matter which browser they use to get to the RPs site! +

    +The native Windows 10 WebAuthn APIs are currently supported by Microsoft Edge on Windows 10 1809 or later + and latest versions of other browsers. +

    +Developers of FIDO2 authentication keys should use the new Windows 10 APIs, to enable these scenarios in a consistent way for users. + Moreover, this enables the use of all the transports available per FIDO2 specifications - USB, NFC and BLE + without having to deal with the interaction and management overhead. +This also implies browsers or apps on Windows 10 will no longer have direct access to above transports for FIDO related messaging. + +#### Where can developers learn more? +The new Windows 10 APIs are documented on [GitHub](https://github.com/Microsoft/webauthn) + + diff --git a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md index 5bc351b6ed..1f39421330 100644 --- a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md +++ b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 03/20/2018 --- # Multifactor Unlock diff --git a/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md b/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md index 69c2f928e5..bd94c85aeb 100644 --- a/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md +++ b/windows/security/identity-protection/hello-for-business/hello-adequate-domain-controllers.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Planning an adequate number of Windows Server 2016 Domain Controllers for Windows Hello for Business deployments diff --git a/windows/security/identity-protection/hello-for-business/hello-and-password-changes.md b/windows/security/identity-protection/hello-for-business/hello-and-password-changes.md index 4602d7703e..fcbb4c85e7 100644 --- a/windows/security/identity-protection/hello-for-business/hello-and-password-changes.md +++ b/windows/security/identity-protection/hello-for-business/hello-and-password-changes.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: DaniHalfin -ms.localizationpriority: medium -ms.author: daniha +audience: ITPro +author: danihalfin +ms.author: danihalf +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 07/27/2017 --- # Windows Hello and password changes diff --git a/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md b/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md index aa575dd8a2..e4763d7e10 100644 --- a/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md +++ b/windows/security/identity-protection/hello-for-business/hello-biometrics-in-enterprise.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md index 4cf3f03202..2f9757d9d9 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Prepare and Deploy Windows Server 2016 Active Directory Federation Services diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-deploy-mfa.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-deploy-mfa.md index be690848aa..a763b76800 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-deploy-mfa.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-deploy-mfa.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure or Deploy Multifactor Authentication Services diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md index f33d7bbf02..1528aad8e3 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Configure Windows Hello for Business Policy settings @@ -126,7 +130,7 @@ Windows 10 provides eight PIN Complexity Group Policy settings that give you gra * Require special characters * Require uppercase letters -In the Windows 10, version 1703, the PIN complexity Group Policy settings have moved to remove misunderstanding that PIN complexity policy settings were exclusive to Windows Hello for Business. The new location of these Group Policy settings is under Administrative Templates\System\PIN Complexity under both the Computer and User Configuration nodes of the Group Policy editor. +In the Windows 10, version 1703, the PIN complexity Group Policy settings have moved to remove misunderstanding that PIN complexity policy settings were exclusive to Windows Hello for Business. The new location of these Group Policy settings is under Computer Configuration\Administrative Templates\System\PIN Complexity in the Group Policy editor. ## Review @@ -153,4 +157,4 @@ Users must receive the Windows Hello for Business group policy settings and have 2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md) 3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md) 4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-cert-trust-validate-deploy-mfa.md) -5. Configure Windows Hello for Business Policy settings (*You are here*) \ No newline at end of file +5. Configure Windows Hello for Business Policy settings (*You are here*) diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md index 9c64a37ec4..18164a1c75 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-ad-prereq.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Validate Active Directory prerequisites diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md index ea525b612e..ac2f4ba332 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-deploy-mfa.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Validate and Deploy Multifactor Authentication Services (MFA) diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md index 294064bd90..89d53fc368 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Validate and Configure Public Key Infrastructure diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md b/windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md index 0945e7436d..4aeeb5bb8b 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-cert-trust.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # On Premises Certificate Trust Deployment @@ -26,16 +30,4 @@ Below, you can find all the information you will need to deploy Windows Hello fo 2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md) 3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md) 4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-cert-trust-validate-deploy-mfa.md) -5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md) - - - - - - - - - - - - +5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md) \ No newline at end of file diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md index d2b2d4db85..36e3dad339 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/29/2018 --- # Windows Hello for Business Deployment Guide diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md b/windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md index 1c7fd1f995..0d99dddd85 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-key-trust.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # On Premises Key Trust Deployment diff --git a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md index f5b102d219..6714648b3d 100644 --- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md +++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: DaniHalfin -ms.localizationpriority: medium -ms.author: daniha +audience: ITPro +author: danihalfin +ms.author: danihalf +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: troubleshooting +localizationpriority: medium ms.date: 05/05/2018 --- diff --git a/windows/security/identity-protection/hello-for-business/hello-event-300.md b/windows/security/identity-protection/hello-for-business/hello-event-300.md index 2aac336bfc..931335aba0 100644 --- a/windows/security/identity-protection/hello-for-business/hello-event-300.md +++ b/windows/security/identity-protection/hello-for-business/hello-event-300.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: DaniHalfin -ms.localizationpriority: medium -ms.author: daniha +audience: ITPro +author: danihalfin +ms.author: danihalf +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 07/27/2017 --- diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index c34aaa4692..4cbd7ca983 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business Frequently Ask Questions diff --git a/windows/security/identity-protection/hello-for-business/hello-features.md b/windows/security/identity-protection/hello-for-business/hello-features.md index 09530fefa8..280135c5b3 100644 --- a/windows/security/identity-protection/hello-for-business/hello-features.md +++ b/windows/security/identity-protection/hello-for-business/hello-features.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 05/05/2018 --- # Windows Hello for Business Features diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md index a3d175023d..5a2a096de4 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-authentication.md @@ -5,9 +5,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business and Authentication diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-device-registration.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-device-registration.md index ce4c2db9b8..5bdfbc21f8 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-device-registration.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-device-registration.md @@ -5,9 +5,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business and Device Registration diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md index 9ccd6b2fb8..789395a1bf 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-provisioning.md @@ -5,9 +5,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business Provisioning diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-tech-deep-dive.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-tech-deep-dive.md index 7297f63ac7..e3304e2432 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-tech-deep-dive.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-tech-deep-dive.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Technical Deep Dive diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md index ab1a856a27..936c4a59e4 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works-technology.md @@ -5,9 +5,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 10/08/2018 --- # Technology and Terms diff --git a/windows/security/identity-protection/hello-for-business/hello-how-it-works.md b/windows/security/identity-protection/hello-for-business/hello-how-it-works.md index 8f2df655ab..d5904c2e0e 100644 --- a/windows/security/identity-protection/hello-for-business/hello-how-it-works.md +++ b/windows/security/identity-protection/hello-for-business/hello-how-it-works.md @@ -5,9 +5,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 05/05/2018 --- # How Windows Hello for Business works diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md index 42d6273775..4ddd3e27d4 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Azure AD joined devices for On-premises Single-Sign On using Windows Hello for Business diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md index dda2b53178..c7fd156e98 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Using Certificates for AADJ On-premises Single-sign On diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso.md index 063a6f0ffc..ed400300f7 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Azure AD Join Single Sign-on Deployment Guides diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-new-install.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-new-install.md index 376c0f16f1..4b487da424 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-new-install.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-new-install.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business Certificate Trust New Installation diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md index 74d04ce826..cfbf292815 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/18/2018 --- # Configure Device Registration for Hybrid Windows Hello for Business diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md index 92edeb0db7..71ad012ce7 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Hybrid Windows Hello for Business Prerequisites diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md index 2ee49c9aae..317a2481b3 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 09/08/2017 --- # Hybrid Azure AD joined Certificate Trust Deployment diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md index a0296bf8a4..461d86ca82 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Hybrid Windows Hello for Business Provisioning diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md index 4395d9c432..4f7dca8320 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-ad.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configuring Windows Hello for Business: Active Directory diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md index 25208af1bd..fb95263ea4 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Configure Windows Hello for Business: Active Directory Federation Services diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md index 7464c27892..559462a9db 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 10/23/2017 --- # Configure Hybrid Windows Hello for Business: Directory Synchronization diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md index f14eedf3af..56921a06b0 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md index 9728d0ac98..0ffc39e4d5 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-policy.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Hybrid Windows Hello for Business: Group Policy diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md index f3f298b684..49af90f1e4 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Windows Hello for Business diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md index ec4aa1375e..27ed68512f 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business Key Trust New Installation diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md index 496b9711d3..baf9a0401a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-devreg.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Device Registration for Hybrid key trust Windows Hello for Business diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md index ce2e65c934..3e829f4aa7 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Directory Synchronization for Hybrid key trust Windows Hello for Business diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index b6cbd28438..aebc17a2ae 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Hybrid Key trust Windows Hello for Business Prerequisites diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md index 5387747964..6759f1e112 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Hybrid Azure AD joined Key Trust Deployment diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md index 06a470b1ce..47f83cea11 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-provision.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Hybrid Windows Hello for Business Provisioning diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md index c2821a19f1..1e1d1effdc 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-ad.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Configuring Hybrid key trust Windows Hello for Business: Active Directory diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md index 70dd6093e7..4ef86bfee8 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Hybrid Windows Hello for Business: Directory Synchronization diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md index d21998d065..3382dcb530 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md index ef10959add..9f081c920a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -localizationpriority: high +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Configure Hybrid Windows Hello for Business: Group Policy diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md index c28c97dce0..448963dfbd 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Hybrid Windows Hello for Business key trust settings diff --git a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md index 9c0f5c3a35..672ad0f33f 100644 --- a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md +++ b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 05/05/2018 --- # Windows Hello for Business diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md index 0d2f3c602d..5cef71faf7 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-adfs.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Prepare and Deploy Windows Server 2016 Active Directory Federation Services diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-deploy-mfa.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-deploy-mfa.md index b8d18d2c76..1d92e64857 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-deploy-mfa.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-deploy-mfa.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure or Deploy Multifactor Authentication Services @@ -104,7 +108,7 @@ Sign in the domain controller with _domain administrator_ equivalent credentials ##### Add accounts to the Phonefactor Admins group 1. Open **Active Directory Users and Computers**. -2. In the navigation pane, expand the node with the organization’s Active Directory domain name. Select Users. In the content pane. Right-click the **Phonefactors Admin** security group and select **Properties**. +2. In the navigation pane, expand the node with the organization’s Active Directory domain name. Select Users. In the content pane. Right-click the **Phonefactor Admins** security group and select **Properties**. 3. Click the **Members** tab. 4. Click **Add**. Click **Object Types..** In the **Object Types** dialog box, select **Computers** and click **OK**. Enter the following user and/or computers accounts in the **Enter the object names to select** box and then click **OK**. * The computer account for the primary MFA Server @@ -224,7 +228,7 @@ See [Configure Azure Multi-Factor Authentication Server to work with AD FS in Wi Sign-in the federation server with _Domain Admin_ equivalent credentials and follow [To install and configure the Azure Multi-Factor Authentication server](https://docs.microsoft.com/azure/multi-factor-authentication/multi-factor-authentication-get-started-server#to-install-and-configure-the-azure-multi-factor-authentication-server) for an express setup with the configuration wizard. You can re-run the authentication wizard by selecting it from the Tools menu on the server. >[!IMPORTANT] ->Only follow the above mention article to install Azure MFA Server. Once it is intstalled, continue configuration using this article. +>Only follow the above mention article to install Azure MFA Server. Once it is installed, continue configuration using this article. ### Configuring Company Settings @@ -541,4 +545,4 @@ The Multi-Factor Authentication server communicates with the Azure MFA cloud ser 2. [Validate and Configure Public Key Infrastructure](hello-key-trust-validate-pki.md) 3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-key-trust-adfs.md) 4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-key-trust-validate-deploy-mfa.md) -5. [Configure Windows Hello for Business Policy settings](hello-key-trust-policy-settings.md) \ No newline at end of file +5. [Configure Windows Hello for Business Policy settings](hello-key-trust-policy-settings.md) diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md index f9c8f46088..e8cd8acaa1 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-policy-settings.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Configure Windows Hello for Business Policy settings diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md index 9c5067319d..4bd120cf26 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-ad-prereq.md @@ -7,9 +7,13 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile author: DaniHalfin -ms.localizationpriority: medium +audience: ITPro author: mikestephens-MS ms.author: mstephen +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Validate Active Directory prerequisites diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md index 5c80c9502b..11c3a1d90a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-deploy-mfa.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Validate and Deploy Multifactor Authentication Services (MFA) diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md index 7a7999914a..8c28287378 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Validate and Configure Public Key Infrastructure diff --git a/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md b/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md index f367ae301e..1558fe403a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md +++ b/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: DaniHalfin -ms.localizationpriority: medium -ms.author: daniha +audience: ITPro +author: danihalfin +ms.author: danihalf +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 10/18/2017 --- diff --git a/windows/security/identity-protection/hello-for-business/hello-overview.md b/windows/security/identity-protection/hello-for-business/hello-overview.md index 09dfdad4dc..773be29f77 100644 --- a/windows/security/identity-protection/hello-for-business/hello-overview.md +++ b/windows/security/identity-protection/hello-for-business/hello-overview.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: conceptual +localizationpriority: medium --- # Windows Hello for Business Overview diff --git a/windows/security/identity-protection/hello-for-business/hello-planning-guide.md b/windows/security/identity-protection/hello-for-business/hello-planning-guide.md index b762cb48f0..b95f3a6b88 100644 --- a/windows/security/identity-protection/hello-for-business/hello-planning-guide.md +++ b/windows/security/identity-protection/hello-for-business/hello-planning-guide.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: conceptual ms.date: 08/19/2018 --- # Planning a Windows Hello for Business Deployment diff --git a/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md b/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md index 363636202f..9f76cf67c8 100644 --- a/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md +++ b/windows/security/identity-protection/hello-for-business/hello-prepare-people-to-use.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security +audience: ITPro author: mikestephens-MS ms.author: mstephen -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- diff --git a/windows/security/identity-protection/hello-for-business/hello-videos.md b/windows/security/identity-protection/hello-for-business/hello-videos.md index 6c6251b3f1..cea13ff9d2 100644 --- a/windows/security/identity-protection/hello-for-business/hello-videos.md +++ b/windows/security/identity-protection/hello-for-business/hello-videos.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/19/2018 --- # Windows Hello for Business Videos diff --git a/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md b/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md index c7eae511cd..2d9ac5058a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md +++ b/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md @@ -7,9 +7,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: DaniHalfin -ms.localizationpriority: medium -ms.author: daniha +audience: ITPro +author: danihalfin +ms.author: danihalf +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 10/23/2017 --- diff --git a/windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md b/windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md index fb9afb773b..376a238c8e 100644 --- a/windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md +++ b/windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md @@ -1,14 +1,18 @@ --- title: Microsoft-compatible security key -description: Windows10 enables users to sign in to their device using a security key. How is a Microsoft-compatible security key different (and better) than any other FIDO2 security key +description: Windows 10 enables users to sign in to their device using a security key. How is a Microsoft-compatible security key different (and better) than any other FIDO2 security key keywords: FIDO2, security key, CTAP, Hello, WHFB ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: aabhathipsay ms.author: aathipsa -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 11/14/2018 --- # What is a Microsoft-compatible security key? diff --git a/windows/security/identity-protection/hello-for-business/passwordless-strategy.md b/windows/security/identity-protection/hello-for-business/passwordless-strategy.md index 0156ec9a78..5f1296e64e 100644 --- a/windows/security/identity-protection/hello-for-business/passwordless-strategy.md +++ b/windows/security/identity-protection/hello-for-business/passwordless-strategy.md @@ -6,9 +6,13 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: mikestephens-MS ms.author: mstephen -localizationpriority: high +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 08/20/2018 --- # Password-less Strategy diff --git a/windows/security/identity-protection/hello-for-business/reset-security-key.md b/windows/security/identity-protection/hello-for-business/reset-security-key.md index 43aca85f75..1ed55612fa 100644 --- a/windows/security/identity-protection/hello-for-business/reset-security-key.md +++ b/windows/security/identity-protection/hello-for-business/reset-security-key.md @@ -1,14 +1,18 @@ --- title: Reset-security-key -description: Windows10 enables users to sign in to their device using a security key. How to reset a security key +description: Windows�10 enables users to sign in to their device using a security key. How to reset a security key keywords: FIDO2, security key, CTAP, Microsoft-compatible security key ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, mobile +audience: ITPro author: aabhathipsay ms.author: aathipsa -ms.localizationpriority: medium +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article +localizationpriority: medium ms.date: 11/14/2018 --- # How to reset a Microsoft-compatible security key? diff --git a/windows/security/identity-protection/index.md b/windows/security/identity-protection/index.md index 1e0b600031..27324b9f2d 100644 --- a/windows/security/identity-protection/index.md +++ b/windows/security/identity-protection/index.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 02/05/2018 --- diff --git a/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md b/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md index 0c5455cd58..07bb80474c 100644 --- a/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md +++ b/windows/security/identity-protection/installing-digital-certificates-on-windows-10-mobile.md @@ -7,7 +7,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: jdeckerms +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.localizationpriority: medium ms.date: 07/27/2017 --- diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md index 3312502f59..6b8d985281 100644 --- a/windows/security/identity-protection/remote-credential-guard.md +++ b/windows/security/identity-protection/remote-credential-guard.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: explore ms.sitesec: library ms.pagetype: security -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 01/12/2018 --- # Protect Remote Desktop credentials with Windows Defender Remote Credential Guard diff --git a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md index 39707aa3da..5ad84f0acd 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md +++ b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-architecture.md b/windows/security/identity-protection/smart-cards/smart-card-architecture.md index e33b59d31c..b6089dbdf2 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-architecture.md +++ b/windows/security/identity-protection/smart-cards/smart-card-architecture.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md index 58d230fb04..1ee636098b 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md +++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md index 4354757189..4799d410d7 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md +++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md index 52c470aa92..18e18418b3 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md +++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-events.md b/windows/security/identity-protection/smart-cards/smart-card-events.md index 0c626949d6..5e7a95c1eb 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-events.md +++ b/windows/security/identity-protection/smart-cards/smart-card-events.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md index e30638b697..f29978c298 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md +++ b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md index f9df3d2d77..5094cef3e3 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md +++ b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md index 5d613942c1..eaf2095a74 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md +++ b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md index 196bb6e4ec..1085c2c96f 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md +++ b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md index 886bad7bf9..b2c80de568 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md +++ b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md index fa41a42f7d..2beebdb095 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md +++ b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md index 851edc7279..13e539022b 100644 --- a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md +++ b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md @@ -6,7 +6,12 @@ ms.prod: w10 ms.mktglfcycl: operate ms.sitesec: library ms.pagetype: security -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 11/16/2018 --- diff --git a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md index 0854da77c6..d59b92a77f 100644 --- a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md +++ b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/user-account-control/user-account-control-overview.md b/windows/security/identity-protection/user-account-control/user-account-control-overview.md index b208897c14..485cb1d9a4 100644 --- a/windows/security/identity-protection/user-account-control/user-account-control-overview.md +++ b/windows/security/identity-protection/user-account-control/user-account-control-overview.md @@ -7,7 +7,12 @@ ms.mktglfcycl: operate ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 07/27/2017 --- diff --git a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md index 00b9bc3573..74ed925ef4 100644 --- a/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md +++ b/windows/security/identity-protection/user-account-control/user-account-control-security-policy-settings.md @@ -6,7 +6,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md index 06c5e2b538..b98146f01b 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-deploy-virtual-smart-cards.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md index 32ad78341e..169c653f6f 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-evaluate-security.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md index 3565c5e1c6..fe4845066d 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-get-started.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md index b2e25477d9..4a6fad06dd 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-overview.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: conceptual ms.date: 10/13/2017 --- diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md index 6b41c05246..46404dc908 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-tpmvscmgr.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md index 60bc3ab032..3c46398424 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-understanding-and-evaluating.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md index 00d53274ff..00602a7e77 100644 --- a/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md +++ b/windows/security/identity-protection/virtual-smart-cards/virtual-smart-card-use-virtual-smart-cards.md @@ -5,7 +5,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: Justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 10/13/2017 --- diff --git a/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md b/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md index 9ad00797a5..981ed888d6 100644 --- a/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md +++ b/windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md @@ -6,7 +6,12 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: justinha +audience: ITPro +author: danihalfin +ms.author: daniha +manager: dansimp +ms.collection: M365-identity-device-management +ms.topic: article ms.date: 04/19/2017 --- diff --git a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md index 6fecccdc81..89aeaf1312 100644 --- a/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bcd-settings-and-bitlocker.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/21/2017 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md index d90cb76d42..ba3d34afe1 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/03/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index cf809e8fc8..592be01143 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md index d4ebe56664..2655d0474e 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md +++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/06/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md index adaf53c91e..28ec21a3bf 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/25/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md index e810ee9889..26f1385795 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md +++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/03/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md index 64800a4fe1..5107934ed4 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md +++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/03/2017 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md index 491f941bf8..e505fa5f8d 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md @@ -6,8 +6,12 @@ ms.prod: windows-server-threshold ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft -ms.date: 02/04/2019 +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +ms.date: 02/19/2019 --- # BitLocker: How to deploy on Windows Server 2012 and later @@ -41,12 +45,7 @@ Windows PowerShell offers administrators another option for BitLocker feature in   ### Using the servermanager module to install BitLocker -The `servermanager` Windows PowerShell module can use either the `Install-WindowsFeature` or `Add-WindowsFeature` to install the BitLocker feature. The `Add-WindowsFeature` cmdlet is merely a stub to the `Install-WindowsFeature`. This example uses the `Install-WindowsFeature` cmdlet. The feature name for BitLocker in the `servermanager` module is `BitLocker`. This can be determined using the `Get-WindowsFeature` cmdlet with a query such as: - -``` syntax -Get-WindowsFeature Bit -``` -The results of this command displays a table of all of the feature names beginning with “Bit” as their prefix. This allows you to confirm that the feature name is `BitLocker` for the BitLocker feature. +The `servermanager` Windows PowerShell module can use either the `Install-WindowsFeature` or `Add-WindowsFeature` to install the BitLocker feature. The `Add-WindowsFeature` cmdlet is merely a stub to the `Install-WindowsFeature`. This example uses the `Install-WindowsFeature` cmdlet. The feature name for BitLocker in the `servermanager` module is `BitLocker`. By default, installation of features in Windows PowerShell does not include optional sub-features or management tools as part of the install process. This can be seen using the `-WhatIf` option in Windows PowerShell. diff --git a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md index 4643595543..321a0ffe66 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md +++ b/windows/security/information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md @@ -7,7 +7,7 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: brianlic-msft -ms.date: 06/18/2018 +ms.date: 02/20/2019 --- # BitLocker: How to enable Network Unlock @@ -39,6 +39,7 @@ Network Unlock must meet mandatory hardware and software requirements before the - You must be running at least Windows 8 or Windows Server 2012. - Any supported operating system with UEFI DHCP drivers can be Network Unlock clients. +- Network Unlock clients must have a TPM chip and at least one TPM protector. - A server running the Windows Deployment Services (WDS) role on any supported server operating system. - BitLocker Network Unlock optional feature installed on any supported server operating system. - A DHCP server, separate from the WDS server. @@ -83,7 +84,7 @@ The server side configuration to enable Network Unlock also requires provisionin The following steps allow an administrator to configure Network Unlock in a domain where the Domain Functional Level is at least Windows Server 2012. -### Install the WDS Server role +### Install the WDS Server role The BitLocker Network Unlock feature will install the WDS role if it is not already installed. If you want to install it separately before you install BitLocker Network Unlock you can use Server Manager or Windows PowerShell. To install the role using Server Manager, select the **Windows Deployment Services** role in Server Manager. @@ -95,7 +96,7 @@ Install-WindowsFeature WDS-Deployment You must configure the WDS server so that it can communicate with DHCP (and optionally Active Directory Doman Services) and the client computer. You can do using the WDS management tool, wdsmgmt.msc, which starts the Windows Deployment Services Configuration Wizard. -### Confirm the WDS Service is running +### Confirm the WDS Service is running To confirm the WDS service is running, use the Services Management Console or Windows PowerShell. To confirm the service is running in Services Management Console, open the console using **services.msc** and check the status of the Windows Deployment Services service. @@ -104,7 +105,7 @@ To confirm the service is running using Windows PowerShell, use the following co ``` syntax Get-Service WDSServer ``` -### Install the Network Unlock feature +### Install the Network Unlock feature To install the Network Unlock feature, use Server Manager or Windows PowerShell. To install the feature using Server Manager, select the **BitLocker Network Unlock** feature in the Server Manager console. @@ -113,7 +114,7 @@ To install the feature using Windows PowerShell, use the following command: ``` syntax Install-WindowsFeature BitLocker-NetworkUnlock ``` -### Create the certificate template for Network Unlock +### Create the certificate template for Network Unlock A properly configured Active Directory Services Certification Authority can use this certificate template to create and issue Network Unlock certificates. @@ -143,7 +144,7 @@ To add the Network Unlock template to the Certification Authority, open the Cert After adding the Network Unlock template to the Certification Authority, this certificate can be used to configure BitLocker Network Unlock. -### Create the Network Unlock certificate +### Create the Network Unlock certificate Network Unlock can use imported certificates from an existing PKI infrastructure, or you can use a self-signed certificate. @@ -214,7 +215,7 @@ Certreq example: 5. Launch Certificates - Local Machine by running **certlm.msc**. 6. Create a .pfx file by opening the **Certificates – Local Computer\\Personal\\Certificates** path in the navigation pane, right-clicking the previously imported certificate, selecting **All Tasks**, then **Export**. Follow through the wizard to create the .pfx file. -### Deploy the private key and certificate to the WDS server +### Deploy the private key and certificate to the WDS server With the certificate and key created, deploy them to the infrastructure to properly unlock systems. To deploy the certificates, do the following: @@ -230,7 +231,7 @@ With certificate and key deployed to the WDS server for Network Unlock, the fina The following steps describe how to enable the Group Policy setting that is a requirement for configuring Network Unlock. 1. Open Group Policy Management Console (gpmc.msc). -2. Enable the policy **Require additional authentication at startup** and select the **Require startup PIN with TPM** option. +2. Enable the policy **Require additional authentication at startup** and select the **Require startup PIN with TPM** or **Allow startup PIN with TPM** option. 3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers. The following steps describe how to deploy the required Group Policy setting: @@ -247,15 +248,10 @@ The following steps describe how to deploy the required Group Policy setting: 3. Follow the wizard steps and import the .cer file that was copied earlier. >**Note:**  Only one network unlock certificate can be available at a time. If a new certificate is required, delete the current certificate before deploying a new one. The Network Unlock certificate is located in the **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\SystemCertificates\\FVE\_NKP** key on the client computer. + +5. Reboot the clients after deploying the group policy. +>**Note:** The **Network (Certificate Based)** protector will be added only after a reboot with the policy enabled and a valid certificate present in the FVE_NKP store.   -### Require TPM+PIN protectors at startup - -An additional step is for enterprises to use TPM+PIN protectors for an extra level of security. To require TPM+PIN protectors in an environment, do the following: - -1. Open Group Policy Management Console (gpmc.msc). -2. Enable the policy **Require additional authentication at startup** and select the **Require startup PIN with TPM** option. -3. Turn on BitLocker with TPM+PIN protectors on all domain-joined computers. - ### Subnet policy configuration files on WDS Server (Optional) By default, all clients with the correct Network Unlock Certificate and valid Network Unlock protectors that have wired access to a Network Unlock-enabled WDS server via DHCP are unlocked by the server. A subnet policy configuration file on the WDS server can be created to limit which subnet(s) Network Unlock clients can use to unlock. @@ -285,13 +281,13 @@ The subnet policy configuration file must use a “\[SUBNETS\]” section to ide To disallow the use of a certificate altogether, its subnet list may contain the line “DISABLED". -## Turning off Network Unlock +## Turning off Network Unlock To turn off the unlock server, the PXE provider can be unregistered from the WDS server or uninstalled altogether. However, to stop clients from creating Network Unlock protectors the **Allow Network Unlock at startup** Group Policy setting should be disabled. When this policy setting is updated to disabled on client computers any Network Unlock key protectors on the computer will be deleted. Alternatively, the BitLocker Network Unlock certificate policy can be deleted on the domain controller to accomplish the same task for an entire domain. ->**Note:**  Removing the FVENKP certificate store that contains the Network Unlock certificate and key on the WDS server will also effectively disable the server’s ability to respond to unlock requests for that certificate. However, this is seen as an error condition and is not a supported or recommended method for turning off the Network Unlock server. +>**Note:**  Removing the FVE_NKP certificate store that contains the Network Unlock certificate and key on the WDS server will also effectively disable the server’s ability to respond to unlock requests for that certificate. However, this is seen as an error condition and is not a supported or recommended method for turning off the Network Unlock server.   -## Update Network Unlock certificates +## Update Network Unlock certificates To update the certificates used by Network Unlock, administrators need to import or generate the new certificate for the server and then update the Network Unlock certificate Group Policy setting on the domain controller. @@ -302,12 +298,13 @@ Troubleshooting Network Unlock issues begins by verifying the environment. Many - Verify client hardware is UEFI-based and is on firmware version is 2.3.1 and that the UEFI firmware is in native mode without a Compatibility Support Module (CSM) for BIOS mode enabled. Do this by checking that the firmware does not have an option enabled such as "Legacy mode" or "Compatibility mode" or that the firmware does not appear to be in a BIOS-like mode. - All required roles and services are installed and started - Public and private certificates have been published and are in the proper certificate containers. The presence of the Network Unlock certificate can be verified in the Microsoft Management Console (MMC.exe) on the WDS server with the certificate snap-ins for the local computer enabled. The client certificate can be verified by checking the registry key **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\SystemCertificates\\FVE\_NKP** on the client computer. -- Group policy for Network Unlock is enabled and linked to the appropriate domains +- Group policy for Network Unlock is enabled and linked to the appropriate domains. - Verify group policy is reaching the clients properly. This can be done using the GPRESULT.exe or RSOP.msc utilities. +- Verify the clients were rebooted after applying the policy. - Verify the **Network (Certificate Based)** protector is listed on the client. This can be done using either manage-bde or Windows PowerShell cmdlets. For example the following command will list the key protectors currently configured on the C: drive of the lcoal computer: ``` syntax - Manage-bde –protectors –get C: + manage-bde –protectors –get C: ``` >**Note:**  Use the output of manage-bde along with the WDS debug log to determine if the proper certificate thumbprint is being used for Network Unlock   @@ -343,14 +340,14 @@ Network Unlock and the accompanying Group Policy settings were introduced in Win The following steps can be used to configure Network Unlock on these older systems. -1. [Step One: Install the WDS Server role](#bkmk-stepone) -2. [Step Two: Confirm the WDS Service is running](#bkmk-steptwo) -3. [Step Three: Install the Network Unlock feature](#bkmk-stepthree) -4. [Step Four: Create the Network Unlock certificate](#bkmk-stepfour) -5. [Step Five: Deploy the private key and certificate to the WDS server](#bkmk-stepfive) -6. [Step Six: Configure registry settings for Network Unlock](#bkmk-stepsix) +1. [Install the WDS Server role](#bkmk-installwdsrole) +2. [Confirm the WDS Service is running](#bkmk-confirmwdsrunning) +3. [Install the Network Unlock feature](#bkmk-installnufeature) +4. [Create the Network Unlock certificate](#bkmk-createcert) +5. [Deploy the private key and certificate to the WDS server](#bkmk-deploycert) +6. Configure registry settings for Network Unlock: - Apply the registry settings by running the following certutil script on each computer running any of the client operating systems designated in the **Applies To** list at the beginning of this topic. + Apply the registry settings by running the following certutil script (assuming your network unlock certificate file is called **BitLocker-NetworkUnlock.cer**) on each computer running any of the client operating systems designated in the **Applies To** list at the beginning of this topic. certutil -f -grouppolicy -addstore FVE_NKP BitLocker-NetworkUnlock.cer reg add "HKLM\SOFTWARE\Policies\Microsoft\FVE" /v OSManageNKP /t REG_DWORD /d 1 /f @@ -361,10 +358,8 @@ The following steps can be used to configure Network Unlock on these older syste reg add "HKLM\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMKey /t REG_DWORD /d 2 /f reg add "HKLM\SOFTWARE\Policies\Microsoft\FVE" /v UseTPMKeyPIN /t REG_DWORD /d 2 /f -7. [Create the Network Unlock certificate](#bkmk-stepfour) -8. [Deploy the private key and certificate to the WDS server](#bkmk-stepfive) -9. [Create the certificate template for Network Unlock](#bkmk-createcerttmpl) -10. [Require TPM+PIN protectors at startup](#bkmk-stepseven) +7. Set up a TPM protector on the clients +8. Reboot the clients to add the Network (Certificate Based) protector ## See also diff --git a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md index dcf559c46d..686e594e1e 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-key-management-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/03/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md index 3a6301c3fc..38e4da5877 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md +++ b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 01/26/2019 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md index 78325f1ee2..fbdf7d7e41 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-network-unlock-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/03/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md index 0623101946..ca512b92d3 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.md @@ -7,8 +7,12 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft -ms.date: 05/03/2018 +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +ms.date: 02/21/2019 --- # BitLocker Overview and Requirements FAQ @@ -43,7 +47,7 @@ Two partitions are required to run BitLocker because pre-startup authentication ## Which Trusted Platform Modules (TPMs) does BitLocker support? -BitLocker supports TPM version 1.2 or higher. +BitLocker supports TPM version 1.2 or higher. BitLocker support for TPM 2.0 requires Unified Extensible Firmware Interface (UEFI) for the device. ## How can I tell if a TPM is on my computer? diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md index 8431b2341b..42574c9514 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-overview.md +++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 01/26/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md index 9e78e1465a..2c7235ba57 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual --- # BitLocker recovery guide diff --git a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md index 8ef7812544..0b345c1349 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-security-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-security-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/12/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md index 66780914d3..eb1afcd6a5 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 07/10/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md index 69e24624d0..1b10ce9876 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/03/2018 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md index d3ec59e360..d65bc1e6ed 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/25/2017 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md index d835ee97f5..84411a03ec 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md index 1edcded5ee..fb49f2d779 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 07/10/2018 --- diff --git a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md index efa0edfef4..658600d2ea 100644 --- a/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md +++ b/windows/security/information-protection/bitlocker/prepare-your-organization-for-bitlocker-planning-and-policies.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/04/2018 --- diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md index b7fb12a822..228b3241e9 100644 --- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md +++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/19/2017 --- diff --git a/windows/security/information-protection/encrypted-hard-drive.md b/windows/security/information-protection/encrypted-hard-drive.md index 68675bb3d6..97d7c8d5e6 100644 --- a/windows/security/information-protection/encrypted-hard-drive.md +++ b/windows/security/information-protection/encrypted-hard-drive.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- @@ -62,7 +66,7 @@ For Encrypted Hard Drives used as **startup drives**:   ## Technical overview -Rapid encryption in BitLocker directly addresses the security needs of enterprises while offering significantly improved performance. In versions of Windows earlier than Windows Server 2012, BitLocker required a two-step process to complete read/write requests. In Windows Server 2012, Windows 8, or later, Encrypted Hard Drives offload the cryptographic operations to the drive controller for much greater efficiency. When the operating system an Encrypted Hard Drive, it activates the security mode. This activation lets the drive controller generate a media key for every volume that the host computer creates. This media key, which is never exposed outside the disk, is used to rapidly encrypt or decrypt every byte of data that is sent or received from the disk. +Rapid encryption in BitLocker directly addresses the security needs of enterprises while offering significantly improved performance. In versions of Windows earlier than Windows Server 2012, BitLocker required a two-step process to complete read/write requests. In Windows Server 2012, Windows 8, or later, Encrypted Hard Drives offload the cryptographic operations to the drive controller for much greater efficiency. When the operating system identifies an Encrypted Hard Drive, it activates the security mode. This activation lets the drive controller generate a media key for every volume that the host computer creates. This media key, which is never exposed outside the disk, is used to rapidly encrypt or decrypt every byte of data that is sent or received from the disk. ## Configuring Encrypted Hard Drives as Startup drives diff --git a/windows/security/information-protection/index.md b/windows/security/information-protection/index.md index 8d7bde1868..e17bd5c51b 100644 --- a/windows/security/information-protection/index.md +++ b/windows/security/information-protection/index.md @@ -5,7 +5,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/10/2018 --- diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md index cb56f52198..37232dee00 100644 --- a/windows/security/information-protection/secure-the-windows-10-boot-process.md +++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md @@ -7,7 +7,11 @@ ms.mktglfcycl: Explore ms.pagetype: security ms.sitesec: library ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/16/2018 --- diff --git a/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md b/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md index ad48ae604e..2ad21a5ff0 100644 --- a/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md +++ b/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md index df37e941b5..5f8805bb4e 100644 --- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md +++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md index 1cc72bd01d..6800a86d9a 100644 --- a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md +++ b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md @@ -8,7 +8,11 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/27/2017 --- diff --git a/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md b/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md index 37d77fa8e0..5296588ad5 100644 --- a/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md +++ b/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/11/2018 --- diff --git a/windows/security/information-protection/tpm/manage-tpm-commands.md b/windows/security/information-protection/tpm/manage-tpm-commands.md index 201fa3eafd..ce4f195e2f 100644 --- a/windows/security/information-protection/tpm/manage-tpm-commands.md +++ b/windows/security/information-protection/tpm/manage-tpm-commands.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/30/2017 --- diff --git a/windows/security/information-protection/tpm/manage-tpm-lockout.md b/windows/security/information-protection/tpm/manage-tpm-lockout.md index 6f31a72d96..57322cf856 100644 --- a/windows/security/information-protection/tpm/manage-tpm-lockout.md +++ b/windows/security/information-protection/tpm/manage-tpm-lockout.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/02/2017 --- # Manage TPM lockout diff --git a/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md b/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md index 164658f0a0..eacf850aab 100644 --- a/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md +++ b/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/information-protection/tpm/tpm-fundamentals.md b/windows/security/information-protection/tpm/tpm-fundamentals.md index 09faeded0c..e826eb601c 100644 --- a/windows/security/information-protection/tpm/tpm-fundamentals.md +++ b/windows/security/information-protection/tpm/tpm-fundamentals.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/16/2017 --- diff --git a/windows/security/information-protection/tpm/tpm-recommendations.md b/windows/security/information-protection/tpm/tpm-recommendations.md index 36ab2dd427..c7ef09ffc6 100644 --- a/windows/security/information-protection/tpm/tpm-recommendations.md +++ b/windows/security/information-protection/tpm/tpm-recommendations.md @@ -8,7 +8,11 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/29/2018 --- diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md index 3d34861247..3f858bbcb9 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md @@ -8,7 +8,11 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: andreabichsel -ms-author: v-anbic +ms-author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/29/2018 --- diff --git a/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md b/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md index 0b2740ff70..6b661fde27 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-services-group-policy-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/02/2018 --- diff --git a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md index f66b65f12b..91a5e57e1f 100644 --- a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md +++ b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md @@ -7,7 +7,11 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: andreabichsel -ms.author: v-anbic +ms.author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/11/2018 --- diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md index f9a028c36e..842cb0b7bb 100644 --- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md +++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md b/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md index 80aac0ab42..6935b85eb1 100644 --- a/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md +++ b/windows/security/threat-protection/auditing/advanced-security-auditing-faq.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/advanced-security-auditing.md b/windows/security/threat-protection/auditing/advanced-security-auditing.md index 95b7643f60..4d960b6b9a 100644 --- a/windows/security/threat-protection/auditing/advanced-security-auditing.md +++ b/windows/security/threat-protection/auditing/advanced-security-auditing.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md index 8b1f8421eb..6622f7fc55 100644 --- a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md +++ b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 07/25/2018 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md index 8b87a565cb..7f78b5f46d 100644 --- a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md +++ b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-account-management.md b/windows/security/threat-protection/auditing/basic-audit-account-management.md index 5ae03bbe81..ac22b4c4fe 100644 --- a/windows/security/threat-protection/auditing/basic-audit-account-management.md +++ b/windows/security/threat-protection/auditing/basic-audit-account-management.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md index aea8e2c6a8..0de79e98e7 100644 --- a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md +++ b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md index 5ac16f81ca..2bcf48cc8b 100644 --- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md +++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-object-access.md b/windows/security/threat-protection/auditing/basic-audit-object-access.md index 564f09756f..ec41b532a0 100644 --- a/windows/security/threat-protection/auditing/basic-audit-object-access.md +++ b/windows/security/threat-protection/auditing/basic-audit-object-access.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-policy-change.md b/windows/security/threat-protection/auditing/basic-audit-policy-change.md index d6fa0d9840..129ea370a0 100644 --- a/windows/security/threat-protection/auditing/basic-audit-policy-change.md +++ b/windows/security/threat-protection/auditing/basic-audit-policy-change.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md index 12b823cf4e..7980a4d633 100644 --- a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md +++ b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md index ada9f8ba66..6c5869c87d 100644 --- a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md +++ b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-audit-system-events.md b/windows/security/threat-protection/auditing/basic-audit-system-events.md index 1c30f0f216..efc11bd08e 100644 --- a/windows/security/threat-protection/auditing/basic-audit-system-events.md +++ b/windows/security/threat-protection/auditing/basic-audit-system-events.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policies.md b/windows/security/threat-protection/auditing/basic-security-audit-policies.md index 87389a5d60..9a3ba69bf5 100644 --- a/windows/security/threat-protection/auditing/basic-security-audit-policies.md +++ b/windows/security/threat-protection/auditing/basic-security-audit-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md index 814491f237..2a98ef92e3 100644 --- a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md +++ b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md index 71a8cdfc2c..b3ca1eb32d 100644 --- a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md +++ b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: none -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md index 7964ac323a..f056c5bcbf 100644 --- a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md +++ b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md index 439c9c1b3f..8ac19f8a63 100644 --- a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md +++ b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-claim-types.md b/windows/security/threat-protection/auditing/monitor-claim-types.md index 7aeb903d71..05c48b5b7f 100644 --- a/windows/security/threat-protection/auditing/monitor-claim-types.md +++ b/windows/security/threat-protection/auditing/monitor-claim-types.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md index c99548b8fd..caebb3f391 100644 --- a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md +++ b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md index a6c28921e2..a2936e96f6 100644 --- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md +++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md index 51df126e27..d53ec727de 100644 --- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md +++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md index 94d8efbfe0..d7f19b5369 100644 --- a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md +++ b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md index 27794f5009..bf24f2af21 100644 --- a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md +++ b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md index 3f49698848..e47b57c140 100644 --- a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md +++ b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md index 8dee2ff70e..6413ce76ea 100644 --- a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md +++ b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md index ae9bb6e67a..358f59cf57 100644 --- a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md +++ b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/security-auditing-overview.md b/windows/security/threat-protection/auditing/security-auditing-overview.md index 8c5ba869ef..43965518d5 100644 --- a/windows/security/threat-protection/auditing/security-auditing-overview.md +++ b/windows/security/threat-protection/auditing/security-auditing-overview.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md index f71f318cd8..2440624637 100644 --- a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md +++ b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/view-the-security-event-log.md b/windows/security/threat-protection/auditing/view-the-security-event-log.md index 5669c302b9..7ba1c6a70e 100644 --- a/windows/security/threat-protection/auditing/view-the-security-event-log.md +++ b/windows/security/threat-protection/auditing/view-the-security-event-log.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md index 8b97c1b72b..20f786b03b 100644 --- a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md +++ b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/change-history-for-threat-protection.md b/windows/security/threat-protection/change-history-for-threat-protection.md index c318406475..6261639989 100644 --- a/windows/security/threat-protection/change-history-for-threat-protection.md +++ b/windows/security/threat-protection/change-history-for-threat-protection.md @@ -5,7 +5,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/11/2018 ms.localizationpriority: medium --- diff --git a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md index d61268d81f..dafdfb910f 100644 --- a/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md +++ b/windows/security/threat-protection/device-control/control-usb-devices-using-intune.md @@ -8,14 +8,14 @@ ms.pagetype: security ms.localizationpriority: medium ms.author: justinha author: justinha -ms.date: 02/06/2019 +ms.date: 02/21/2019 --- # How to control USB devices and other removable media using Windows Defender ATP **Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) -Windows Defender ATP provides multiple monitoring and control features for USB peripherals to help prevent threats in unauthorized peripherals from compromising your devices: +Microsoft recommends [a layered approach to securing removable media](https://aka.ms/devicecontrolblog), and Windows Defender ATP provides multiple monitoring and control features to help prevent threats in unauthorized peripherals from compromising your devices: 1. [Prevent threats from removable storage](#prevent-threats-from-removable-storage) introduced by removable storage devices by enabling: - [Windows Defender Antivirus real-time protection (RTP)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus) to scan removable storage for malware. @@ -29,10 +29,9 @@ Windows Defender ATP provides multiple monitoring and control features for USB p - Granular configuration to deny write access to removable disks and approve or deny devices by USB vendor code, product code, device IDs, or a combination. - Flexible policy assignment of device installation settings based on an individual or group of Azure Active Directory (Azure AD) users and devices. ->[!NOTE] ->These threat reduction measures help prevent malware from coming into your environment. To protect enterprise data from leaving your environment, you can also configure data loss prevention measures. For example, on Windows 10 devices you can configure [BitLocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview) and [Windows Information Protection](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure), which will encrypt company data even if it is stored on a personal device, or use the [Storage/RemovableDiskDenyWriteAccess CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-removablediskdenywriteaccess) to deny write access to removable disks. -For more information about controlling USB devices, see the [Microsoft Secure blog "WDATP has protections for USB and removable devices"](https://aka.ms/devicecontrolblog). +These threat reduction measures help prevent malware from coming into your environment. To protect enterprise data from leaving your environment, you can also configure data loss prevention measures. For example, on Windows 10 devices you can configure [BitLocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview) and [Windows Information Protection](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure), which will encrypt company data even if it is stored on a personal device, or use the [Storage/RemovableDiskDenyWriteAccess CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-storage#storage-removablediskdenywriteaccess) to deny write access to removable disks. Additionally, you can [classify and protect files on Windows devices](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview) (including their mounted USB devices) by using Windows Defender ATP and Azure Information Protection. + ## Prevent threats from removable storage @@ -167,11 +166,11 @@ Allowing installation of specific devices requires also enabling [DeviceInstalla ### Prevent installation of specifically prohibited peripherals -Windows Defender ATP also blocks installation and usage of prohibited peripherals either by using **Administrative Templates** or [Device Installation CSP settings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation) with a custom profile in Intune. +Windows Defender ATP blocks installation and usage of prohibited peripherals by using either of these options: -For more information about using **Administrative Templates**, see [Windows 10 templates to configure Group Policy settings in Microsoft Intune](https://docs.microsoft.com/intune/administrative-templates-windows). +- [Administrative Templates](https://docs.microsoft.com/intune/administrative-templates-windows) +- [Device Installation CSP settings](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation) with a custom profile in Intune. You can [prevent installation of specific device IDs](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventinstallationofmatchingdeviceids) or [prevent specific device classes](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventinstallationofmatchingdevicesetupclasses). -For a SyncML example that prevents installation of specific device IDs, see [DeviceInstallation/PreventInstallationOfMatchingDeviceIDs CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventinstallationofmatchingdeviceids). To prevent specific device classes, see [DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventinstallationofmatchingdevicesetupclasses). ## Related topics diff --git a/windows/security/threat-protection/get-support-for-security-baselines.md b/windows/security/threat-protection/get-support-for-security-baselines.md index 497d8b23b9..bdbc4a1115 100644 --- a/windows/security/threat-protection/get-support-for-security-baselines.md +++ b/windows/security/threat-protection/get-support-for-security-baselines.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium ms.author: sagaudre -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/25/2018 --- diff --git a/windows/security/threat-protection/intelligence/safety-scanner-download.md b/windows/security/threat-protection/intelligence/safety-scanner-download.md index b122b4f14c..4ae4b880f3 100644 --- a/windows/security/threat-protection/intelligence/safety-scanner-download.md +++ b/windows/security/threat-protection/intelligence/safety-scanner-download.md @@ -28,12 +28,14 @@ Safety Scanner only scans when manually triggered and is available for use 10 da > **NOTE:** Safety scanner is a portable executable and does not appear in the Windows Start menu or as an icon on the desktop. Note where you saved this download. ## System requirements + Safety Scanner helps remove malicious software from computers running Windows 10, Windows 10 Tech Preview, Windows 8.1, Windows 8, Windows 7, Windows Server 2016, Windows Server Tech Preview, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, or Windows Server 2008. Please refer to the [Microsoft Lifecycle Policy](https://support.microsoft.com/lifecycle). ## How to run a scan + 1. Download this tool and open it. 2. Select the type of scan you want run and start the scan. -3. Review the scan results displayed on screen. The tool lists all identified malware. +3. Review the scan results displayed on screen. For detailed detection results, view the log at **%SYSTEMROOT%\debug\msert.log**. To remove this tool, delete the executable file (msert.exe by default). diff --git a/windows/security/threat-protection/security-compliance-toolkit-10.md b/windows/security/threat-protection/security-compliance-toolkit-10.md index 5afa6d82b1..fe229e350d 100644 --- a/windows/security/threat-protection/security-compliance-toolkit-10.md +++ b/windows/security/threat-protection/security-compliance-toolkit-10.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium ms.author: sagaudre -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/26/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md index c8c5edd48a..cd1c0bac72 100644 --- a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md +++ b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md index 00f750f49c..86f071831a 100644 --- a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md +++ b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md index c86030f41b..3d60b94195 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md index 1478eafa69..c4a3b395cd 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/11/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md index 40febeceab..f0f80eb379 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/02/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/account-policies.md b/windows/security/threat-protection/security-policy-settings/account-policies.md index 6108d6b607..f31fff3aac 100644 --- a/windows/security/threat-protection/security-policy-settings/account-policies.md +++ b/windows/security/threat-protection/security-policy-settings/account-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md index 69c08ad276..995825ed46 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/01/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md index 8a72fe5f92..03df52c356 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/10/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md index 7f99611e70..a310706d67 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md index be82562767..ae6a3113bf 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md index ddb53a6141..aa48dfc049 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md index a40ed288a9..8c18930e7e 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md index 13a891b6a7..386bcc365e 100644 --- a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md +++ b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md b/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md index 723fd057b5..3c82864572 100644 --- a/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md +++ b/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md index b84c11a4b2..fc4ae2cbbd 100644 --- a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md +++ b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md index ef91abb02b..c4cebac730 100644 --- a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md index 6b377b9dfa..2bbf8a7ffb 100644 --- a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md +++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md index f2aff6558e..50dd09fe05 100644 --- a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md +++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md index 63c0113000..51fdd036ee 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md +++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md index 32b6e39da1..0b3a95e875 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md +++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md index 321a577f5e..b16c89073c 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md +++ b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/audit-policy.md b/windows/security/threat-protection/security-policy-settings/audit-policy.md index e0330e6edf..0e01e604f9 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-policy.md +++ b/windows/security/threat-protection/security-policy-settings/audit-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md index d5b8c58676..dbc3a2bb29 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md +++ b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md index 5c444a35f5..c5bc517902 100644 --- a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md +++ b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md index 142040f18f..c2bee9f43a 100644 --- a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md +++ b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md index 4536e9d634..f571b43214 100644 --- a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md +++ b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md index c9d0ba95b7..32a2c28240 100644 --- a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md +++ b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md index f1bfda3737..ef9dbd6b30 100644 --- a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md +++ b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md index f19009955d..22cdb449f1 100644 --- a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md +++ b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/create-global-objects.md b/windows/security/threat-protection/security-policy-settings/create-global-objects.md index f89ff1f37f..d6d7af1bda 100644 --- a/windows/security/threat-protection/security-policy-settings/create-global-objects.md +++ b/windows/security/threat-protection/security-policy-settings/create-global-objects.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md index 4cff161fe5..911cc1d64e 100644 --- a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md +++ b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md index 73ae7b6fc0..cdf9d19225 100644 --- a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md +++ b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md index f8daf37229..a51e8d02d5 100644 --- a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md +++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md index e88c9397bb..7b0a29c928 100644 --- a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md +++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/debug-programs.md b/windows/security/threat-protection/security-policy-settings/debug-programs.md index 5bd7b3951b..b0904015a9 100644 --- a/windows/security/threat-protection/security-policy-settings/debug-programs.md +++ b/windows/security/threat-protection/security-policy-settings/debug-programs.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md index 659f95a2b8..d2b1a1c8aa 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md +++ b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md index 8d227032ee..001bea56e7 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md index 156963e0e5..e73986c146 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md index 8db35c7d85..4c6d1b40b2 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md index 092ab076ff..dc88264bc9 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md index 88275821af..9a447f2f54 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md index 4994799f27..cf13902765 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md +++ b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md index e41c0c5067..0fb2492610 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md +++ b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md index b15160364d..ca5a130d39 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md +++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md index 2a3bb79a6f..fc36372e94 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md +++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md b/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md index 66bdcc3368..9fe3ae0c2a 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md index f138f45684..550f00e172 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md index f6e9ee94a1..a01776886d 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md index 4f45c4dc2d..50d4dfd8d0 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md index 70d087e8d7..a57a307767 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md index 4ca8bd53b8..8de74ad471 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md index e54ec081e3..d2a0399346 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md index 78d2942171..77ae6bd49d 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/31/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md index a07c07bfbc..f17f211aa0 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md index 8f0fbcb870..2ae2ec604e 100644 --- a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md +++ b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md index 085a3a3c54..96757ef0d8 100644 --- a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md +++ b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md index 5b79cc17d6..6ee04d6194 100644 --- a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md +++ b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md index 07d249dcd0..a9efdd4e25 100644 --- a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md +++ b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md index b74521a317..fca71ed15b 100644 --- a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md +++ b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md index 7653e023d7..7b200b914e 100644 --- a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md @@ -8,7 +8,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- # Configure security policy settings diff --git a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md index e07c18c86d..c17e842ab7 100644 --- a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md +++ b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md index 7ce527ad66..4d818afd08 100644 --- a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md +++ b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md index 83b3cbd192..7cd6b91162 100644 --- a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md +++ b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 07/13/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md index 897e2f2549..4a01026f88 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md index e3afc8ee01..43ec5dfd6b 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md @@ -6,7 +6,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md index e39fec421b..902d890229 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- # Interactive logon: Do not require CTRL+ALT+DEL diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md index dd30bc56ba..efa5515b00 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md index babebadd11..42ea616840 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md index fa9637e81f..14740a3224 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/18/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md index fb7ddb1250..8dafc863b6 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md index e98f13cc83..d166f3b2f4 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md index 403f7249a8..181503ce0e 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/27/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md index da69589771..ca42d4cb23 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md index b7dd20ed15..b929da7132 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md index 42081cd402..5dc5977d44 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md index 636bd2ec6f..8f86ac3be9 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md index ac070c7702..059286de93 100644 --- a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md +++ b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md index 75fb5939bd..0eee265187 100644 --- a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md +++ b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md index 4e94af24de..21e6e17ff8 100644 --- a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md +++ b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md index 1636ce5414..98d5d3ada0 100644 --- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md +++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md index 57568063b4..b77a87acd8 100644 --- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md +++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md index b49be1c41c..80ce5dbaf1 100644 --- a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md +++ b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md index 84ae8e5274..49593e2448 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md index f1397bc889..9a9f60a91e 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md index 412af6ec04..7996b7f057 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md index 0cd52584a2..108f77300e 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md index cf13ab2714..737e1dcf31 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md index 7427a0898e..93975f58d7 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md index 72ceae633e..c2973e510b 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md index ac82806b49..eddf44a9f6 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md index cd24f66c87..8fee2b49b6 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/21/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md index f966580dff..1aeba0b58d 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md index e5b6a658ce..4e1e178681 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md index 9a65820d67..24c588bb20 100644 --- a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md +++ b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md index da8d2ab5cf..333b50ebea 100644 --- a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md +++ b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md index f4abcd62e5..c0218670c7 100644 --- a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md +++ b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md index f18bfcb85a..47871bfe64 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md index ed0c582609..bc5a7f8a53 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md index dba5ef3e9d..7198962e7d 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md index 6ca86aeb84..e28b603e1e 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md index d767ea7088..a34782b5b5 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md index d99e3aded9..687704f45a 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md index eafe932536..da148dfff6 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md index 0207f7e66b..83772af89c 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md index fce80319bb..eb56502a43 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md index aa5c1ab5dd..5d10afc106 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md index a6a303f5bf..3679a5ee7a 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md index e5215a392c..7e9dcec21a 100644 --- a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md +++ b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md index 27d191495c..590ae28aa9 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md index 21de9aeec4..d4ef57f497 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md index be635dcfef..3b3c62092a 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md index 3874bf7655..1fd68c4416 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md index 42f411a872..5bd5cfb2b1 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md index 3b064f6908..e4240f62c8 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md index 1b73389dbb..195c5fb787 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md index 428b113fe1..26035ed5e3 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md index 94cd2f2a3b..68568fd416 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 07/27/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md index 2b4aa59ac0..4671d87e7a 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md index b3724d05f6..63a5d4ea86 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md index e3a706d5e9..fd9f4c3bc2 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md index 9007808fc8..af8d5872c5 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md index 588e68efbb..a32acc3f68 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md index 1fdac0f27c..3170d4c5b3 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md index 6751800e93..bd1fa82e5d 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md index c5a14b24b3..0bf8bbf8f7 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md index bfdf5f299a..a083c308a5 100644 --- a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/08/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/password-policy.md b/windows/security/threat-protection/security-policy-settings/password-policy.md index 49e90f010b..1a6c6aa40c 100644 --- a/windows/security/threat-protection/security-policy-settings/password-policy.md +++ b/windows/security/threat-protection/security-policy-settings/password-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md index 2eee65e68b..3fc6624999 100644 --- a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md +++ b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/profile-single-process.md b/windows/security/threat-protection/security-policy-settings/profile-single-process.md index 90776ad589..c9a40b1d3d 100644 --- a/windows/security/threat-protection/security-policy-settings/profile-single-process.md +++ b/windows/security/threat-protection/security-policy-settings/profile-single-process.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md index 9b538889f1..a7425d8dc2 100644 --- a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md +++ b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md index ad5a2f6f14..a23f71b36f 100644 --- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md +++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md index a513560166..48d79a1a00 100644 --- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md +++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md index 43278adbbf..ad02d882fd 100644 --- a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md +++ b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md index afebd10193..8cb6622bda 100644 --- a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md +++ b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md index 2d007bb365..1a05c103ef 100644 --- a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md +++ b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/02/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md index 3b09600257..efc8bf3548 100644 --- a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md +++ b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md index ef50b18745..93421b1ded 100644 --- a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md index 051808cb85..473273bb0e 100644 --- a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md +++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md index 6711b70593..e91d7f083b 100644 --- a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md index ef46b8301e..b1c54ad5fe 100644 --- a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md +++ b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md index b74494656b..b22ed33980 100644 --- a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md index 12b6755312..2fead96341 100644 --- a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md +++ b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/01/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md index 78a93d1dc7..6576490671 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 01/04/2019 --- diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md index 74f1f7f04d..83b0cfd447 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 01/04/2019 --- # SMBv1 Microsoft network client: Digitally sign communications (if server agrees) diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md index 9661827e2a..0547bc976c 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 01/04/2019 --- diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md index 7443f0f9de..516a244ec3 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 01/04/2019 --- diff --git a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md index d7c75a3d4f..e62f0051cb 100644 --- a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md +++ b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md index 16c68a6929..a9970571eb 100644 --- a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md +++ b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md index 0398bbbc89..0bc082cc25 100644 --- a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md +++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md index ae91d8d14b..95a4438497 100644 --- a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md +++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/16/2018 --- diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md index 7e0ca59069..b14941a7d9 100644 --- a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md +++ b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md index c5de4856e1..57d94a5462 100644 --- a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md +++ b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md index c81039c024..3ee47c7421 100644 --- a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md +++ b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md index 63c46fc928..86d8763a80 100644 --- a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md +++ b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md index ffa2941137..9d2d8d239f 100644 --- a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md +++ b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md index 05f928f9a6..0c5959a1d1 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/08/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md index 64449e0bec..0ed0d17d2b 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md index ac6a9b786d..2e70f620db 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/08/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md index b8620f41a5..16f331a605 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md index de3df48df1..f99bd12f18 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md index 54ad96d58f..3a3cee321a 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md index 80a4e5f969..eec9833f99 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md index 0e931e969d..db74e8e286 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md index 40cce0498e..1480e9dae0 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md index d6ba8a9479..0c9ff24464 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md index 931d388344..a8748ce942 100644 --- a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md +++ b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md index d4182f5a74..06b879559b 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md @@ -24,6 +24,10 @@ In addition to standard on-premises or hardware configurations, you can also use Boot storms can be a problem in large-scale VDIs; this guide will help reduce the overall network bandwidth and performance impact on your hardware. +>[!NOTE] +>We've recently introduced a new feature that helps reduce the network and CPU overhead ov VMs when obtaining security intelligence updates. If you'd like to test this feature before it's released generally, [download the PDF guide for VDI performance improvement testing](https://demo.wd.microsoft.com/Content/wdav-testing-vdi-ssu.pdf). + + We recommend setting the following when deploying Windows Defender Antivirus in a VDI environment: Location | Setting | Suggested configuration diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md b/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md index f876e2a21b..36a71fa984 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm.md b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm.md index 19441d1b3a..af56b3544c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 03/01/2018 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md index d85ed0d63b..ac2242bb9f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md index 8b526e85fa..4ba13f8b1e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md index e1d9bba88b..06715de66b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md index d48aa2c008..758f313aac 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/16/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md index c939e91051..fd7f7cfe69 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md index b6c2c868d6..71f08e91e5 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md index 36e0ac5981..b56b4d4a85 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md index c4b962b01a..33e5620624 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md index ee4c5fe937..24cdcb9c69 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md index 054ee9ef62..edbe6eb6ac 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md index 44b08ac93f..f644b21ed5 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/08/2018 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md index 953ead6f1e..9f6c893a55 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md index dbc018a25b..812492d020 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md index f5511d3cc8..b7ce15ef26 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md index c756426699..bcd9cb9112 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md @@ -7,7 +7,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/02/2018 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md index a97aa2c7cd..1120cc9526 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md index b21e2e2528..43af6ad592 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md index ec420bcac6..59e7c13e44 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md index 9eec93864f..edf05d2183 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md index 76e4917930..6622ef7891 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md index 7f38968703..7791c5c029 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md index 1848f8085f..4bef661ac5 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md index 1e07df2d5b..b4be8e695e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md b/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md index 7c12e10af2..c7eb47499b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/02/2018 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md index 3457f579f9..2309668f9e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md index c3be5b8cd7..d45405393e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md index 6acc47d3c4..d4599e1d65 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md index e81f42d528..70728d4e87 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md index bca3d32254..b05be7369f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md b/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md index 393294a921..17e51bf270 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md @@ -7,7 +7,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md index cea7ab6ca2..86b55052a9 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md index 01f5f91d5d..d48fe25d9b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.pagetype: security ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md index 7b6244b2eb..55df155aaa 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md index 8f9183d2d5..bd96fb0487 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md index c03fb9d05e..c1cde0a5f2 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md index b620e305a4..79a93ebed6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md b/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md index a915311c12..045b259154 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md index 6ef53ce437..4195b8d95c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md index 1ac1c9ce81..34a87eba3b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md index 000441d121..a06cd80b04 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md index 71956ee4d9..df296dbc5b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md b/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md index 536d75e6ad..70a0cb391f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md index b880da4f7e..d28968fd6b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md index 0785d8c4b0..05c36921ed 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md index dfb5a0b633..fa2c8449ab 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md index 6f54125e98..312c00c2bb 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md index 5de1967090..1fdcdbd719 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md index d77a10fb74..ea87808e0d 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md index d7dec8dac9..d1a7055787 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md b/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md index cda020c5b7..e972a285a0 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md index 8911d1bf9e..619aa19efd 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/13/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md index f4d78c2168..6500f75fea 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md index 5eb4f002d8..c0a1f26152 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md index df08c99d15..dd6ba10e90 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md index d816c2e3df..97d032f8b6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md b/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md index 174b721e32..0e48a6f472 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md index 6fab819f0e..1649917882 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md index a6b7813076..9d73f8afef 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md index 6d3979d91f..fc03b4f081 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md index 453ab0eb53..5ffb4d98b5 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md index 27c90949d6..ccbc705657 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md index b78412c268..ac08014ac6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md index 5e696490b6..e5fb93d221 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md index 66ac0616c3..5ad969d5f9 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/13/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md index c85924b254..578986beac 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md index 35b9675e4c..4b1ec580e1 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md index b8dff87c25..3b54878e4f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md index fdba7959a0..725d456a08 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md index a7077bd6b7..40b6d2c8ea 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md index cf5e0d7301..194a713b23 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md index 93e36b568f..35682f8954 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md index 56ef43a232..92a2179fce 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md index bf60367a08..72cf62e127 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md index 46a0ba3967..154d463930 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md index 612e3824d2..99c3ebe52a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md index 45529acef2..709e3beb0d 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md @@ -8,7 +8,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md index e5cd39f92c..fdc15a6ef8 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md index 686d4be09d..a9409118af 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md index 36b1d0017d..f675e2f425 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md index 6d7fb0b8d9..5a4bf9af3c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md index 292c50818f..b77b1ee1c8 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md index 47b6d2df84..1e37f0531c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md index 9926340d47..cf2294e550 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/create-your-windows-defender-application-control-planning-document.md b/windows/security/threat-protection/windows-defender-application-control/create-your-windows-defender-application-control-planning-document.md index e49dcb1440..f204088397 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-your-windows-defender-application-control-planning-document.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-your-windows-defender-application-control-planning-document.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md b/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md index 68bc862fd3..a414320068 100644 --- a/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md +++ b/windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 09/21/2017 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md index 8c0a834285..2edd777efc 100644 --- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md @@ -5,7 +5,11 @@ keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 03/01/2018 --- diff --git a/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md b/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md index 1423972366..d50f975bc2 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md @@ -8,7 +8,7 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: jsuther1974 -ms.date: 02/28/2018 +ms.date: 02/19/2019 --- # Optional: Use the Device Guard Signing Portal in the Microsoft Store for Business @@ -16,4 +16,25 @@ ms.date: 02/28/2018 **Applies to:** - Windows 10 -- Windows Server 2016 \ No newline at end of file +- Windows Server 2019 +- Windows Server 2016 + +You can sign code integrity policies with the Device Guard signing portal to prevent them from being tampered with after they're deployed. + +## Sign your code integrity policy +Before you get started, be sure to review these best practices: + +**Best practices** + +- Test your code integrity policies on a pilot group of devices before deploying them to production. +- Use rule options 9 and 10 during testing. For more information, see the section Code integrity policy rules in the [Deploy Windows Defender Application Control policy rules and file rules](hhttps://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create). + +**To sign a code integrity policy** + +1. Sign in to the [Microsoft Store for Business](http://businessstore.microsoft.com) or [Microsoft Store for Education](https://educationstore.microsoft.com). +2. Click **Manage**, click **Store settings**, and then click **Device Guard**. +3. Click **Upload** to upload your code integrity policy. +4. After the files are uploaded, click **Sign** to sign the code integrity policy. +5. Click **Download** to download the signed code integrity policy. + + When you sign a code integrity policy with the Device Guard signing portal, the signing certificate is added to the policy. This means you can't modify this policy. If you need to make changes, make them to an unsigned version of the policy, and then sign the policy again. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md index 35710141ab..7fa8248d7c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md @@ -5,7 +5,11 @@ keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 02/20/2018 --- diff --git a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md index 1ec89ed28f..0d185ae9bd 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md +++ b/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md @@ -8,7 +8,7 @@ ms.pagetype: security ms.localizationpriority: medium author: justinha ms.author: justinha -ms.date: 02/07/2019 +ms.date: 02/19/2019 --- # Prepare to install Windows Defender Application Guard @@ -58,7 +58,7 @@ Employees can use hardware-isolated browsing sessions without any administrator Applies to: - Windows 10 Enterprise edition, version 1709 or higher -You and your security department can define your corporate boundaries by explicitly adding trusted domains and by customizing the Application Guard experience to meet and enforce your needs on employee devices. Enterprise-managed mode also automatically redirects any browser requests tooad non-enterprise domain(s) in the container. +You and your security department can define your corporate boundaries by explicitly adding trusted domains and by customizing the Application Guard experience to meet and enforce your needs on employee devices. Enterprise-managed mode also automatically redirects any browser requests to add non-enterprise domain(s) in the container. The following diagram shows the flow between the host PC and the isolated container. ![Flowchart for movement between Microsoft Edge and Application Guard](images/application-guard-container-v-host.png) diff --git a/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md index 70e3d006fa..0db8c85384 100644 --- a/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 04/24/2018 --- # Enable conditional access to better protect users, devices, and data @@ -57,7 +56,7 @@ There are three ways to address a risk: 2. Resolve active alerts on the machine. This will remove the risk from the machine. 3. You can remove the machine from the active policies and consequently, conditional access will not be applied on the machine. -Manual remediation requires a secops admin to investigate an alert and address the risk seen on the device. The automated remediation is configured through configuration settings provided in the following section, [Configure conditional access](#configure-conditional-access). +Manual remediation requires a secops admin to investigate an alert and address the risk seen on the device. The automated remediation is configured through configuration settings provided in the following section, [Configure conditional access](configure-conditional-access-windows-defender-advanced-threat-protection.md). When the risk is removed either through manual or automated remediation, the device returns to a compliant state and access to applications is granted. diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md index e4df4b05b7..14a13f7b3a 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md @@ -12,10 +12,9 @@ ms.author: macapara author: mjcaparas ms.localizationpriority: medium manager: dansimp -audience: ITProarticle +audience: ITPro ms.collection: M365-security-compliance -ms.topic: -ms.date: 04/24/2018 +ms.topic: article --- # Onboard Windows 10 machines using a local script diff --git a/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction.md b/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction.md index f69f7f9a83..c23a4512ad 100644 --- a/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction.md +++ b/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction.md @@ -15,7 +15,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 07/01/2018 +ms.date: 02/21/2019 --- # Overview of attack surface reduction @@ -27,7 +27,7 @@ Attack surface reduction capabilities in Windows Defender ATP helps protect the | Capability | Description | |------------|-------------| -| [Hardware-based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) | Protects and maintains the integrity of the system as it starts and while it's running, and validates system integrity through local and remote attestation. In addition, container isolation for Microsoft Edge helps protect host operating system from malicious wbsites. | +| [Hardware-based isolation](../windows-defender-application-guard/wd-app-guard-overview.md) | Protects and maintains the integrity of the system as it starts and while it's running, and validates system integrity through local and remote attestation. In addition, container isolation for Microsoft Edge helps protect host operating system from malicious websites. | | [Application control](../windows-defender-application-control/windows-defender-application-control.md) | Moves away from the traditional application trust model where all applications are assumed trustworthy by default to one where applications must earn trust in order to run. | | [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md) | Applies exploit mitigation techniques to apps your organization uses, both individually and to all apps. Works with third-party antivirus solutions and Windows Defender Antivirus (Windows Defender AV) | | [Network protection](../windows-defender-exploit-guard/network-protection-exploit-guard.md) | Extends the malware and social engineering protection offered by Windows Defender SmartScreen in Microsoft Edge to cover network traffic and connectivity on your organization's devices. Requires Windows Defender AV. | diff --git a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md index c60119b6e2..b20c0b27fa 100644 --- a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md @@ -26,11 +26,15 @@ ms.topic: conceptual The Windows Defender ATP service is constantly being updated to include new feature enhancements and capabilities. ->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-preview-abovefoldlink) +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-preview-abovefoldlink) -Learn about new features in the Windows Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience. +Learn about new features in the Windows Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience. +For more information on capabilities that are generally available or in preview, see [What's new in Windows Defender](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/whats-new-in-windows-defender-atp). +) + +## Turn on preview features You'll have access to upcoming features which you can provide feedback on to help improve the overall experience before features are generally available. Turn on the preview experience setting to be among the first to try upcoming features. @@ -39,22 +43,6 @@ Turn on the preview experience setting to be among the first to try upcoming fea 2. Toggle the setting between **On** and **Off** and select **Save preferences**. -## Preview features -The following features are included in the preview release: - -- [Information protection](information-protection-in-windows-overview.md)
    -Windows Defender ATP is seamlessly integrated in Microsoft Threat Protection to provide a complete and comprehensive data loss prevention (DLP) solution for Windows devices. This solution is delivered and managed as part of the unified Microsoft 365 information protection suite. - -- [Integration with Microsoft Cloud App Security](microsoft-cloud-app-security-integration.md)
    -Microsoft Cloud App Security leverages Windows Defender ATP endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Windows Defender ATP monitored machines. - - -- [Onboard Windows Server 2019](configure-server-endpoints-windows-defender-advanced-threat-protection.md#windows-server-version-1803-and-windows-server-2019)
    -Windows Defender ATP now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client machines. - -- [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
    -Windows Defender ATP makes it easy to create a Power BI dashboard by providing an option straight from the portal. - >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-preview-belowfoldlink) diff --git a/windows/security/threat-protection/windows-defender-atp/whats-new-in-windows-defender-atp.md b/windows/security/threat-protection/windows-defender-atp/whats-new-in-windows-defender-atp.md index 17510d55c1..38ca10ad59 100644 --- a/windows/security/threat-protection/windows-defender-atp/whats-new-in-windows-defender-atp.md +++ b/windows/security/threat-protection/windows-defender-atp/whats-new-in-windows-defender-atp.md @@ -5,88 +5,119 @@ keywords: what's new in windows defender atp search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 -ms.mktglfcycl: deploy +ms.mktglfcycl: secure ms.sitesec: library ms.pagetype: security -ms.author: dansimp -author: dansimp +ms.author: macapara +author: mjcaparas ms.localizationpriority: medium manager: dansimp audience: ITPro ms.collection: M365-security-compliance -ms.topic: article +ms.topic: conceptual --- # What's new in Windows Defender ATP **Applies to:** - Windows Defender Advanced Threat Protection (Windows Defender ATP) -Here are the new features in the latest release of Windows Defender ATP. +Here are the new features in the latest release of Windows Defender ATP as well as security features in Windows 10 and Windows Server. -## Windows Defender ATP 1809 -- [Incidents](incidents-queue.md)
    -Windows Defender ATP applies correlation analytics and aggregates all related alerts and investigations into an incident. Doing so helps narrate a broader story of an attack, thus providing you with the right visuals (upgraded incident graph) and data representations to understand and deal with complex cross-entity threats to your organization's network. +## February 2019 +The following capabilities are generally available (GA). +- [Incidents](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/incidents-queue)
    Incident is a new entity in Windows Defender ATP that brings together all relevant alerts and related entities to narrate the broader attack story, giving analysts better perspective on the purview of complex threats. -- [Support for iOS and Android devices](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection#turn-on-third-party-integration)
    Support for iOS and Android devices are now supported. - -- [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard)
    -Controlled folder access is now supported on Windows Server 2019. - -- [Attack surface reduction rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)
    -All Attack surface reduction rules are now supported on Windows Server 2019. -For Windows 10, version 1809 there are two new attack surface reduction rules: - - Block Adobe Reader from creating child processes - - Block Office communication application from creating child processes. - -- [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) - - Antimalware Scan Interface (AMSI) was extended to cover Office VBA macros as well. [Office VBA + AMSI: Parting the veil on malicious macros](https://cloudblogs.microsoft.com/microsoftsecure/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/). - - Windows Defender Antivirus can now [run within a sandbox](https://cloudblogs.microsoft.com/microsoftsecure/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/) (preview), increasing its security. - - [Configure CPU priority settings](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus) for Windows Defender Antivirus scans. - +- [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection)
    Onboard supported versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor. -- [Threat analytics](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-analytics)
    +## October 2018 +The following capabilities are generally available (GA). + +- [Attack surface reduction rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)
    All Attack surface reduction rules are now supported on Windows Server 2019. + +- [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard)
    Controlled folder access is now supported on Windows Server 2019. + +- [Custom detection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/overview-custom-detections)
    With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious or emerging threats. This can be done by leveraging the power of Advanced hunting through the creation of custom detection rules. + +- [Integration with Azure Security Center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#integration-with-azure-security-center)
    Windows Defender ATP integrates with Azure Security Center to provide a comprehensive server protection solution. With this integration Azure Security Center can leverage the power of Windows Defender ATP to provide improved threat detection for Windows Servers. + +- [Managed security service provider (MSSP) support](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection)
    Windows Defender ATP adds support for this scenario by providing MSSP integration. The integration will allow MSSPs to take the following actions: Get access to MSSP customer's Windows Defender Security Center portal, fetch email notifications, and fetch alerts through security information and event management (SIEM) tools. + +- [Removable device control](https://cloudblogs.microsoft.com/microsoftsecure/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices/)
    Windows Defender ATP provides multiple monitoring and control features to help prevent threats from removable devices, including new settings to allow or block specific hardware IDs. + +- [Support for iOS and Android devices](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection#turn-on-third-party-integration)
    iOS and Android devices are now supported and can be onboarded to the service. + +- [Threat analytics](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-analytics)
    Threat Analytics is a set of interactive reports published by the Windows Defender ATP research team as soon as emerging threats and outbreaks are identified. The reports help security operations teams assess impact on their environment and provides recommended actions to contain, increase organizational resilience, and prevent specific threats. -- [Custom detection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/overview-custom-detections)
    -With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious or emerging threats. This can be done by leveraging the power of Advanced hunting through the creation of custom detection rules. - -- [Managed security service provider (MSSP) support](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection)
    -Windows Defender ATP adds support for this scenario by providing MSSP integration. The integration will allow MSSPs to take the following actions: Get access to MSSP customer's Windows Defender Security Center portal, fetch email notifications, and fetch alerts through security information and event management (SIEM) tools. +- New in Windows 10 version 1809, there are two new attack surface reduction rules: + - Block Adobe Reader from creating child processes + - Block Office communication application from creating child processes. + +- [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) + - Antimalware Scan Interface (AMSI) was extended to cover Office VBA macros as well. [Office VBA + AMSI: Parting the veil on malicious macros](https://cloudblogs.microsoft.com/microsoftsecure/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/). + - Windows Defender Antivirus, new in Windows 10 version 1809, can now [run within a sandbox](https://cloudblogs.microsoft.com/microsoftsecure/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/) (preview), increasing its security. + - [Configure CPU priority settings](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus) for Windows Defender Antivirus scans. -- [Integration with Azure Security Center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#integration-with-azure-security-center)
    -Windows Defender ATP integrates with Azure Security Center to provide a comprehensive server protection solution. With this integration Azure Security Center can leverage the power of Windows Defender ATP to provide improved threat detection for Windows Servers. -- [Integration with Microsoft Cloud App Security](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/microsoft-cloud-app-security-integration)
    -Microsoft Cloud App Security leverages Windows Defender ATP endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Windows Defender ATP monitored machines. +### In preview +The following capabilities are included in the October 2018 preview release. -- [Onboard Windows Server 2019](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#windows-server-version-1803-and-windows-server-2019)
    -Windows Defender ATP now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client machines. +For more information on how to turn on preview features, see [Preview features](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection). -- [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection)
    -Onboard supported versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor. +- [Information protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/information-protection-in-windows-overview)
    +Information protection is an integral part of Microsoft 365 Enterprise suite, providing intelligent protection to keep sensitive data secure while enabling productivity in the workplace. +Windows Defender ATP is seamlessly integrated in Microsoft Threat Protection to provide a complete and comprehensive data loss prevention (DLP) solution for Windows devices. + + >[!NOTE] + >Partially available from Windows 10, version 1809. -- [Removable device control](https://cloudblogs.microsoft.com/microsoftsecure/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices/)
    -Windows Defender ATP provides multiple monitoring and control features to help prevent threats from removable devices, including new settings to allow or block specific hardware IDs. +- [Integration with Microsoft Cloud App Security](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/microsoft-cloud-app-security-integration)
    Microsoft Cloud App Security leverages Windows Defender ATP endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Windows Defender ATP monitored machines. -## Windows Defender ATP 1803 -- [Attack surface reduction rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard) -New attack surface reduction rules: + >[!NOTE] + >Available from Windows 10, version 1809 or later. + +- [Onboard Windows Server 2019](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#windows-server-version-1803-and-windows-server-2019)
    Windows Defender ATP now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client machines. + +- [Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
    +Windows Defender ATP makes it easy to create a Power BI dashboard by providing an option straight from the portal. + + +## March 2018 +- [Advanced Hunting](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)
    +Query data using Advanced hunting in Windows Defender ATP. + +- [Attack surface reduction rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)
    + New attack surface reduction rules: - Use advanced protection against ransomware - Block credential stealing from the Windows local security authority subsystem (lsass.exe) - Block process creations originating from PSExec and WMI commands - Block untrusted and unsigned processes that run from USB - Block executable content from email client and webmail +- [Automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection)
    Use Automated investigations to investigate and remediate threats. -- [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard)
    + >[!NOTE] + >Available from Windows 10, version 1803 or later. + +- [Conditional access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection)
    Enable conditional access to better protect users, devices, and data. + +- [Windows Defender ATP Community center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection)
    + The Windows Defender ATP Community Center is a place where community members can learn, collaborate, and share experiences about the product. + +- [Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard)
    You can now block untrusted processes from writing to disk sectors using Controlled Folder Access. -- [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)
    -Windows Defender Antivirus now shares detection status between M365 services and interoperates with Windows Defender ATP. For more information, see [Use next-gen technologies in Windows Defender Antivirus through cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus). Block at first sight can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files. For more information, see [Enable block at first sight](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus). -- [Advanced Hunting](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)
    Query data using Advanced hunting in Windows Defender ATP +- [Onboard non-Windows machines](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection)
    + Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network. -- [Automated investigation](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection)
    Use Automated investigations to investigate and remediate threats +- [Role-based access control (RBAC)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection)
    + Using role-based access control (RBAC), you can create roles and groups within your security operations team to grant appropriate access to the portal. + + +- [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)
    +Windows Defender Antivirus now shares detection status between M365 services and interoperates with Windows Defender ATP. For more information, see [Use next-gen technologies in Windows Defender Antivirus through cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus). + + Block at first sight can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files. For more information, see [Enable block at first sight](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus). -- [Conditional access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection)
    Enable conditional access to better protect users, devices, and data diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md index 325b6119b3..7328140fee 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -5,7 +5,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium ms.author: justinha -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 11/15/2018 --- diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md index 640fe4cc29..c803573a3f 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md @@ -5,7 +5,11 @@ keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/20/2017 --- diff --git a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md index 7531187507..03fbaffd0c 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md +++ b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md @@ -37,7 +37,7 @@ As there are thousands of PC vendors that produce numerous models with different Two techniques exist to establish trust here—either maintain a list of known 'bad' SRTM measurements (also known as a blacklist), or a list of known 'good' SRTM measurements (also known as a whitelist). Each option has a drawback: -- A list of known 'bad' SRTM measurements allows a hacker to change just 1 bit in a component to create an entirely new SRTM hash that needs to be listed. +- A list of known 'bad' SRTM measurements allows a hacker to change just 1 bit in a component to create an entirely new SRTM hash that needs to be listed. This means that the SRTM flow is inherently brittle - a minor change can invalidate the entire chain of trust. - A list of known 'good' SRTM measurements requires each new BIOS/PC combination measurement to be carefully added, which is slow. In addition, a bug fix for UEFI code can take a long time to design, build, retest, validate, and redeploy. @@ -56,7 +56,7 @@ Secure Launch simplifies management of SRTM measurements because the launch code System Management Mode (SMM) is a special-purpose CPU mode in x86 microcontrollers that handles power management, hardware configuration, thermal monitoring, and anything else the manufacturer deems useful. Whenever one of these system operations is requested, a non-maskable interrupt (SMI) is invoked at runtime, which executes SMM code installed by the BIOS. -SMM code executes in the highest privilege level and is invisible to the OS, which makes it an attractive target for malicious activity. Even if DRTM is used to late launch, SMM code can potentially access hypervisor memory and change the hypervisor. +SMM code executes in the highest privilege level and is invisible to the OS, which makes it an attractive target for malicious activity. Even if System Guard Secure Launch is used to late launch, SMM code can potentially access hypervisor memory and change the hypervisor. To defend against this, two techniques are used: 1. Paging protection to prevent inappropriate access to code and data @@ -74,7 +74,7 @@ In the future, Windows 10 will also measure this SMI Handler’s behavior and at While Windows Defender System Guard provides advanced protection that will help protect and maintain the integrity of the platform during boot and at run time, the reality is that we must apply an "assume breach" mentality to even our most sophisticated security technologies. We should be able to trust that the technologies are successfully doing their jobs, but we also need the ability to verify that they were successful in achieving their goals. When it comes to platform integrity, we can’t just trust the platform, which potentially could be compromised, to self-attest to its security state. So Windows Defender System Guard includes a series of technologies that enable remote analysis of the device’s integrity. -As Windows 10 boots, a series of integrity measurements are taken by Windows Defender System Guard using the device’s Trusted Platform Module 2.0 (TPM 2.0). This process and data are hardware-isolated away from Windows to help ensure that the measurement data is not subject to the type of tampering that could happen if the platform was compromised. From here, the measurements can be used to determine the integrity of the device’s firmware, hardware configuration state, and Windows boot-related components, just to name a few. +As Windows 10 boots, a series of integrity measurements are taken by Windows Defender System Guard using the device’s Trusted Platform Module 2.0 (TPM 2.0). System Guard Secure Launch will not support earlier TPM versions, such as TPM 1.2. This process and data are hardware-isolated away from Windows to help ensure that the measurement data is not subject to the type of tampering that could happen if the platform was compromised. From here, the measurements can be used to determine the integrity of the device’s firmware, hardware configuration state, and Windows boot-related components, just to name a few. ![Boot time integrity](images/windows-defender-system-guard-boot-time-integrity.png) diff --git a/windows/security/threat-protection/windows-defender-system-guard/images/system-guard-secure-launch.png b/windows/security/threat-protection/windows-defender-system-guard/images/system-guard-secure-launch.png index 8707d0fba4..b8167afbdc 100644 Binary files a/windows/security/threat-protection/windows-defender-system-guard/images/system-guard-secure-launch.png and b/windows/security/threat-protection/windows-defender-system-guard/images/system-guard-secure-launch.png differ diff --git a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md index 6b0f8c4ebd..f261ef363b 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md +++ b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md @@ -13,7 +13,7 @@ ms.date: 02/14/2019 # System Guard Secure Launch and SMM protection -This topic explains how to configure System Guard Secure Launch and System Management Mode (SMM) protection to improve the startup security of Windows 10 devices. +This topic explains how to configure System Guard Secure Launch and System Management Mode (SMM) protection to improve the startup security of Windows 10 devices. The information below is presented from a client perspective. ## How to enable System Guard Secure Launch @@ -21,7 +21,7 @@ You can enable System Guard Secure Launch by using any of these options: - [Mobile Device Management (MDM)](#mobile-device-management) - [Group Policy](#group-policy) -- [Windows Security app](#windows-security-app) +- [Windows Security Center](#windows-security-center) - [Registry](#registry) ### Mobile Device Management @@ -35,11 +35,11 @@ System Guard Secure Launch can be configured for Mobile Device Management (MDM) ![Secure Launch Group Policy](images/secure-launch-group-policy.png) -### Windows Security app +### Windows Security Center Click **Start** > **Settings** > **Update & Security** > **Windows Security** > **Open Windows Security** > **Device security** > **Core isolation** > **Firmware protection**. -![Secure Launch Security App](images/secure-launch-security-app.png) +![Windows Security Center](images/secure-launch-security-app.png) ### Registry @@ -55,12 +55,31 @@ Click **Start** > **Settings** > **Update & Security** > **Windows Security** > To verify that Secure Launch is running, use System Information (MSInfo32). Click **Start**, search for **System Information**, and look under **Virtualization-based Security Services Running** and **Virtualization-based Security Services Configured**. -![Secure Launch Security App](images/secure-launch-msinfo.png) - - - - +![Windows Security Center](images/secure-launch-msinfo.png) +>[!NOTE] +>To enable System Guard Secure launch, the platform must meet all the baseline requirements for [Device Guard](https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control), [Credential Guard](https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard-requirements), and [Virtualization Based Security](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity). +## Requirements +Your environment needs the following hardware to run System Guard Secure Launch. +|For Intel® vPro™ processors starting with Intel® Coffeelake, Whiskeylake, or later silicon requirements|Description| +|--------|-----------| +|64-bit CPU|A 64-bit computer with minimum 4 cores (logical processors) is required for hypervisor and virtualization-based security (VBS). For more info about Hyper-V, see [Hyper-V on Windows Server 2016](https://docs.microsoft.com/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/virtualization/hyper-v-on-windows/about/). For more info about hypervisor, see [Hypervisor Specifications](https://docs.microsoft.com/virtualization/hyper-v-on-windows/reference/tlfs).| +|Trusted Platform Module (TPM) 2.0|Platforms must support a discrete TPM 2.0. Integrated/firmware TPMs are not supported.| +|Windows DMA Protection|Platforms must meet the Windows DMA Protection Specification (all external DMA ports must be off by default until the OS explicitly powers them).| +|SMM communication buffers| All SMM communication buffers must be implemented in EfiRuntimeServicesData ,EfiRuntimeServicesCode , EfiACPIMemoryNVS, or EfiReservedMemoryType memory types. | +|SMM Page Tables| Must NOT contain any mappings to EfiConventionalMemory (e.g. no OS/VMM owned memory).
    Must NOT contain any mappings to code sections within EfiRuntimeServicesCode.
    Must NOT have execute and write permissions for the same page
    Must allow ONLY that TSEG pages can be marked executable and the memory map must report TSEG EfiReservedMemoryType.
    BIOS SMI handler must be implemented such that SMM page tables are locked on every SMM entry. | +|Modern/Connected Standby|Platforms must support Modern/Connected Standby.| +|TPM AUX Index|Platform must set up a AUX index with index, attributes, and policy that exactly corresponds to the AUX index specified in the TXT DG with a data size of exactly 104 bytes (for SHA256 AUX data). (NameAlg = SHA256)
    Platforms must set up a PS (Platform Supplier) index with:
    • Exactly the "TXT PS2" style Attributes on creation as follows:
      • AuthWrite
      • PolicyDelete
      • WriteLocked
      • WriteDefine
      • AuthRead
      • WriteDefine
      • NoDa
      • Written
      • PlatformCreate
    • A policy of exactly PolicyCommandCode(CC = TPM2_CC_UndefineSpaceSpecial) (SHA256 NameAlg and Policy)
    • Size of exactly 70 bytes
    • NameAlg = SHA256
    • In addition, it must have been initialized and locked (TPMA_NV_WRITTEN = 1, TPMA_NV_WRITELOCKED = 1) at time of OS launch.
    PS index data DataRevocationCounters, SINITMinVersion, and PolicyControl must all be 0x00 | +|AUX Policy|The required AUX policy must be as follows:
    • A = TPM2_PolicyLocality (Locality 3 & Locality 4)
    • B = TPM2_PolicyCommandCode (TPM_CC_NV_UndefineSpecial)
    • authPolicy = {A} OR {{A} AND {B}}
    • authPolicy digest = 0xef, 0x9a, 0x26, 0xfc, 0x22, 0xd1, 0xae, 0x8c, 0xec, 0xff, 0x59, 0xe9, 0x48, 0x1a, 0xc1, 0xec, 0x53, 0x3d, 0xbe, 0x22, 0x8b, 0xec, 0x6d, 0x17, 0x93, 0x0f, 0x4c, 0xb2, 0xcc, 0x5b, 0x97, 0x24
    | +|Platform firmware|Platform firmware must carry all code required to execute an Intel® Trusted Execution Technology secure launch:
    • Intel® SINIT ACM must be carried in the OEM BIOS
    • Platforms must ship with a production ACM signed by the correct production Intel® ACM signer for the platform
    | +|Platform firmware update|System firmware is recommended to be updated via UpdateCapsule in Windows Update. | +|For Qualcomm® processors with SD850 or later chipsets|Description| +|--------|-----------| +|Monitor Mode Communication|All Monitor Mode communication buffers must be implemented in either EfiRuntimeServicesData (recommended), data sections of EfiRuntimeServicesCode as described by the Memory Attributes Table, EfiACPIMemoryNVS, or EfiReservedMemoryType memory types| +|Monitor Mode Page Tables|All Monitor Mode page tables must:
    • NOT contain any mappings to EfiConventionalMemory (e.g. no OS/VMM owned memory)
    • They must NOT have execute and write permissions for the same page
    • Platforms must only allow Monitor Mode pages marked as executable
    • The memory map must report Monitor Mode as EfiReservedMemoryType
    • Platforms must provide mechanism to protect the Monitor Mode page tables from modification
    | +|Modern/Connected Standby|Platforms must support Modern/Connected Standby.| +|Platform firmware|Platform firmware must carry all code required to perform a launch.| +|Platform firmware update|System firmware is recommended to be updated via UpdateCapsule in Windows Update. | diff --git a/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md b/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md index 98a41989a0..e0eb8aa2f0 100644 --- a/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md +++ b/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md b/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md index 01300466cb..48b1825121 100644 --- a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md +++ b/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md b/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md index 80be70956a..bfcf709295 100644 --- a/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md +++ b/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md index ca09cb0b1b..9847ec13b0 100644 --- a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md b/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md index 52a0ff1746..6a7263f0ca 100644 --- a/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md b/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md index c6efd1da85..5959bbfda1 100644 --- a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md +++ b/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone.md b/windows/security/threat-protection/windows-firewall/boundary-zone.md index 4b8a3f82d9..db6b6132c2 100644 --- a/windows/security/threat-protection/windows-firewall/boundary-zone.md +++ b/windows/security/threat-protection/windows-firewall/boundary-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md index a3077b6d8b..011ebb5486 100644 --- a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md index 5703ac0670..4e737e809f 100644 --- a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md b/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md index 62420de298..f2e2887ade 100644 --- a/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md +++ b/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md index 0494cf7b90..547555a30a 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md index cc95a9fe0e..b9fa4a2a08 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md index 36a838b94a..e0d1dfffb0 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md index c0097b7a82..d34f75d4fe 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md index 59459f5637..e940d4f34e 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md index 12aff1bf77..002a46e88e 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md b/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md index b42bfc69b3..c7f2c55c5c 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md b/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md index 7b6bd39b54..7542c518e3 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md b/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md index 559291765a..3d514a68af 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md index 9a7e901ac8..a22fc67423 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md index d58d940b08..f160d1828b 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md index e482d00b69..018d2e9b31 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md index 18e9197b4e..ff503c5cbb 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md index dcf7575556..995d06b05f 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md b/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md index b23f0c7d01..61cd9ed219 100644 --- a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md +++ b/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md b/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md index 05db2ff779..04385257bc 100644 --- a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md +++ b/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md b/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md index 63802f55e1..a7a53b7459 100644 --- a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md +++ b/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md index 4ec20e462c..c9d55885a2 100644 --- a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md +++ b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md b/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md index b9cb9944ae..4db16a7911 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md index ba32647e26..c4b832463c 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md b/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md index b0f250ecfb..2da66c7b37 100644 --- a/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md +++ b/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md b/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md index 1895dc3017..07f9ccdc3f 100644 --- a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md +++ b/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: securit ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md b/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md index af70080d9b..d0edca9291 100644 --- a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md +++ b/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md b/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md index 9aefd85144..cae0e8377d 100644 --- a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md +++ b/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md index dd292b0bea..71d09a7ac9 100644 --- a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md +++ b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md b/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md index f9d1765c2f..6811e14cb9 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md b/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md index efde773a84..e5a012b51d 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md index a4ecccf7e2..03f453bff7 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md index d20966c5d7..14a83fb6d4 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md index 36d61e5346..8eabd8aac7 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md index 4f3a998eee..d364255db1 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md b/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md index f0d4c6761c..67f89c2496 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md index aec0ec391f..235a0c8da8 100644 --- a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md +++ b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md index 7744378add..47e73387a1 100644 --- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 05/25/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md index 48712e94eb..a667cc8b9e 100644 --- a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md +++ b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md index 5023cacc9c..5358628f72 100644 --- a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md +++ b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md index ee0a546b86..e2c215097f 100644 --- a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md +++ b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md index cb91e6f3ab..4948d77abd 100644 --- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md index db21ce0ac9..4b4d4f339d 100644 --- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md b/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md index 825edaca3a..7dddf66e82 100644 --- a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md +++ b/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md index df3c7329ae..7f97202ce9 100644 --- a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md +++ b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md index 6ed1c4c636..3a3de91310 100644 --- a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md +++ b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone.md b/windows/security/threat-protection/windows-firewall/encryption-zone.md index 35aa4212f1..d4f2cd21b8 100644 --- a/windows/security/threat-protection/windows-firewall/encryption-zone.md +++ b/windows/security/threat-protection/windows-firewall/encryption-zone.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md b/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md index 720c7272ac..85800c7ac0 100644 --- a/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md +++ b/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md index 4cf8c409e1..f2e032d611 100644 --- a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md +++ b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/exemption-list.md b/windows/security/threat-protection/windows-firewall/exemption-list.md index 21a3e2c957..54e493f96b 100644 --- a/windows/security/threat-protection/windows-firewall/exemption-list.md +++ b/windows/security/threat-protection/windows-firewall/exemption-list.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/firewall-gpos.md b/windows/security/threat-protection/windows-firewall/firewall-gpos.md index ad1d17f139..128c004e23 100644 --- a/windows/security/threat-protection/windows-firewall/firewall-gpos.md +++ b/windows/security/threat-protection/windows-firewall/firewall-gpos.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md index 07ca7e7c61..18505427fb 100644 --- a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md index 4c2a252889..1bccaae7f0 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md index c3a22d6df6..5ba2d31a7e 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md index 8c1b016757..68dd3b06a3 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md index 2ecc649ffb..8e2fc69d81 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md +++ b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md index b2c85e5dd0..c5219ae6b0 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md +++ b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md index 38018ab8e2..6d8dc47e86 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md index 99ff5ffcf6..c777247232 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md @@ -2,7 +2,11 @@ title: GPO\_DOMISO\_Encryption\_WS2008 (Windows 10) description: GPO\_DOMISO\_Encryption\_WS2008 ms.assetid: 84375480-af6a-4c79-aafe-0a37115a7446 -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md index bed2d46cda..1ea46fff03 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md index 1f645f91c2..9332c21b2f 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md index f13c70d1c7..10a3fb7190 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md index 30a391a025..a19331420d 100644 --- a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md +++ b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md b/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md index e40d8d7a2e..2e40134147 100644 --- a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md +++ b/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md index d32fbbad7b..6a095cdd8b 100644 --- a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md +++ b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain.md b/windows/security/threat-protection/windows-firewall/isolated-domain.md index 32a9043172..fe4dcddb97 100644 --- a/windows/security/threat-protection/windows-firewall/isolated-domain.md +++ b/windows/security/threat-protection/windows-firewall/isolated-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md index ca4b001e6a..dbeb159610 100644 --- a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md +++ b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md @@ -6,7 +6,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/13/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md index 746570ffbd..2dde088e64 100644 --- a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md +++ b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md b/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md index 7eefeac0b2..20fedfde68 100644 --- a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md +++ b/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md index d45ed57dfc..9cfe8cea6a 100644 --- a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md +++ b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md index 2894154e47..2c6b03a173 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md index f4e67423c5..6200a12ab9 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md index 485b4917f9..f637339ccf 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/02/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md index a49296f5d8..63089dc239 100644 --- a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md index 75bbce24b9..1162388c82 100644 --- a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md +++ b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md index 9ec2562b8a..7a2216d02b 100644 --- a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md b/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md index 6222a6da9c..bcdf78631e 100644 --- a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md +++ b/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md index d43c0a263c..ace81c47a8 100644 --- a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md index 38d6aa0b45..7125762949 100644 --- a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md b/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md index 2a53064efd..f720623fc4 100644 --- a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md +++ b/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md index 0dc7dc181b..9a42f48cf7 100644 --- a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md b/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md index 73a2f757c7..d8c6149e88 100644 --- a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md +++ b/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md b/windows/security/threat-protection/windows-firewall/planning-the-gpos.md index f3db2bbad9..6ede27467b 100644 --- a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md +++ b/windows/security/threat-protection/windows-firewall/planning-the-gpos.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md index 9a39c0de1d..0077d5fb03 100644 --- a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md b/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md index a2f19872e7..9c44ddea0e 100644 --- a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md +++ b/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md b/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md index d3ae509319..fbef5e28cb 100644 --- a/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md +++ b/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md index 2ab0ca6442..40ea379c43 100644 --- a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md +++ b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md b/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md index b9a8de9993..b1ef08f124 100644 --- a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md +++ b/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md index 05a97f9e40..df49a18a2f 100644 --- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md +++ b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md index 4ff811eafc..f512c77601 100644 --- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md +++ b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md b/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md index 565a73b576..79268f40a7 100644 --- a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md +++ b/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md b/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md index 6bac7d1d1f..083d71d53f 100644 --- a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md +++ b/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md @@ -6,7 +6,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md b/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md index 5d7aec4d89..ec31b17097 100644 --- a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md +++ b/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md index a0bac113cf..acf3998fbf 100644 --- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 04/19/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md index 016568e7c7..3ebb85def1 100644 --- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md b/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md index 1dae92ce6c..fd7f843e54 100644 --- a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md +++ b/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md index 5be8b4b176..845d5216c4 100644 --- a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md +++ b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md @@ -6,7 +6,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md index a41e88727a..4ddc739f6f 100644 --- a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md +++ b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md index 64ec16e1ac..76a58a391e 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md @@ -6,7 +6,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md index b89e03159e..b999a2197b 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 08/17/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md index 17bc826d98..3b8e40b263 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md @@ -7,7 +7,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/05/2017 --- diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md index 9b266aec88..fae8f19951 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md @@ -6,7 +6,11 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 10/13/2017 --- diff --git a/windows/security/threat-protection/windows-security-baselines.md b/windows/security/threat-protection/windows-security-baselines.md index efe30a1df5..2766b15d05 100644 --- a/windows/security/threat-protection/windows-security-baselines.md +++ b/windows/security/threat-protection/windows-security-baselines.md @@ -6,7 +6,11 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium ms.author: sagaudre -author: brianlic-msft +author: justinha +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual ms.date: 06/25/2018 ---