mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 13:27:23 +00:00
Merge branch 'main' into updpate-meta
This commit is contained in:
Meghan Stewart
GitHub
commit
eaec10ba48
@ -25,7 +25,7 @@ ms.topic: conceptual
|
||||
- Surface Hub
|
||||
- Hololens
|
||||
|
||||
This topic describes the types of Windows diagnostic data sent back to Microsoft and the ways you can manage it within your organization. Microsoft uses the data to quickly identify and address issues affecting its customers.
|
||||
This article describes the types of Windows diagnostic data sent back to Microsoft and the ways you can manage it within your organization. Microsoft uses the data to quickly identify and address issues affecting its customers.
|
||||
|
||||
## Overview
|
||||
|
||||
@ -301,32 +301,72 @@ Use [Policy Configuration Service Provider (CSP)](/windows/client-management/mdm
|
||||
|
||||
## Enable Windows diagnostic data processor configuration
|
||||
|
||||
> [!IMPORTANT]
|
||||
> There are some significant changes planned for diagnostic data processor configuration. To learn more, [review this information](changes-to-windows-diagnostic-data-collection.md#significant-changes-coming-to-the-windows-diagnostic-data-processor-configuration).
|
||||
|
||||
The Windows diagnostic data processor configuration enables you to be the controller, as defined by the European Union General Data Protection Regulation (GDPR), for the Windows diagnostic data collected from your Windows devices that meet the configuration requirements.
|
||||
|
||||
### Prerequisites
|
||||
|
||||
- Use a supported version of Windows 10 or Windows 11
|
||||
- The following editions are supported:
|
||||
- The following editions are supported:
|
||||
- Enterprise
|
||||
- Professional
|
||||
- Education
|
||||
- The device must be joined to Azure Active Directory (can be a hybrid Azure AD join).
|
||||
|
||||
For the best experience, use the most current build of any operating system specified above. Configuration functionality and availability may vary on older systems. See [Lifecycle Policy](/lifecycle/products/windows-10-enterprise-and-education)
|
||||
> [!NOTE]
|
||||
> In all cases, enrollment in the Windows diagnostic data processor configuration requires a device to be joined to an Azure AD tenant. If a device isn't properly enrolled, Microsoft will act as the controller for Windows diagnostic data in accordance with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) and the [Data Protection Addendum](https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA) terms won't apply.
|
||||
|
||||
For the best experience, use the most current build of any operating system specified above. Configuration functionality and availability may vary on older systems. For release information, see [Windows 10 Enterprise and Education](/lifecycle/products/windows-10-enterprise-and-education) and [Windows 11 Enterprise and Education](/lifecycle/products/windows-11-enterprise-and-education) on the Microsoft Lifecycle Policy site.
|
||||
|
||||
The diagnostic data setting on the device should be set to Required diagnostic data or higher, and the following endpoints need to be reachable:
|
||||
|
||||
- v10c.events.data.microsoft.com
|
||||
- umwatsonc.events.data.microsoft.com
|
||||
- kmwatsonc.events.data.microsoft.com
|
||||
- us-v10c.events.data.microsoft.com (eu-v10c.events.data.microsoft.com for tenants with billing address in the [EU Data Boundary](/privacy/eudb/eu-data-boundary-learn#eu-data-boundary-countries-and-datacenter-locations))
|
||||
- umwatsonc.events.data.microsoft.com (eu-watsonc.events.data.microsoft.com for tenants with billing address in the [EU Data Boundary](/privacy/eudb/eu-data-boundary-learn#eu-data-boundary-countries-and-datacenter-locations))
|
||||
- settings-win.data.microsoft.com
|
||||
- *.blob.core.windows.net
|
||||
|
||||
>[!Note]
|
||||
> - Windows diagnostic data collected from a device before it was enabled with Windows diagnostic data processor configuration will be deleted when this configuration is enabled.
|
||||
> - When you enable devices with the Windows diagnostic data processor configuration, users may continue to submit feedback through various channels such as Windows feedback hub or Edge feedback. However, the feedback data is not subject to the terms of the Windows diagnostic data processor configuration. If this is not desired, we recommend that you disable feedback using the available policies or application management solutions.
|
||||
|
||||
### Enabling Windows diagnostic data processor configuration
|
||||
|
||||
> [!NOTE]
|
||||
> The information in this section applies to the following versions of Windows:
|
||||
> - Windows 10, versions 20H2, 21H2, 22H2, and newer
|
||||
> - Windows 11, versions 21H2, 22H2, and newer
|
||||
|
||||
Starting with the January 2023 preview cumulative update, how you enable the processor configuration option depends on the billing address of the Azure AD tenant to which your devices are joined.
|
||||
|
||||
#### Devices in Azure AD tenants with a billing address in the European Union (EU) or European Free Trade Association (EFTA)
|
||||
|
||||
For Windows devices with diagnostic data turned on and that are joined to an [Azure AD tenant with billing address](/azure/cost-management-billing/manage/change-azure-account-profile) in the EU or EFTA, the Windows diagnostic data for that device will be automatically configured for the processor option. The Windows diagnostic data for those devices will be processed in Europe.
|
||||
|
||||
> [!NOTE]
|
||||
> The Windows diagnostic data processor configuration has components for which work is in progress to be included in the EU Data Boundary, but completion of this work is delayed beyond January 1, 2023. These components will be included in the EU Data Boundary in the coming months. In the meantime, Microsoft will temporarily transfer data out of the EU Data Boundary as part of service operations to ensure uninterrupted operation of the services customers signed up for.
|
||||
|
||||
From a compliance standpoint, this change means that Microsoft will be the processor and the organization will be the controller of the Windows diagnostic data. IT admins for those organizations will become responsible for responding to their users’ [data subject requests](/compliance/regulatory/gdpr-dsr-windows).
|
||||
|
||||
#### Devices in Azure AD tenants with a billing address outside of the EU and EFTA
|
||||
|
||||
For Windows devices with diagnostic data turned on and that are joined to an [Azure AD tenant with billing address](/azure/cost-management-billing/manage/change-azure-account-profile) outside of the EU and EFTA, to enable the processor configuration option, the organization must sign up for any of the following enterprise services, which rely on diagnostic data:
|
||||
|
||||
- [Update Compliance](/windows/deployment/update/update-compliance-monitor)
|
||||
- [Windows Update for Business reports](/windows/deployment/update/wufb-reports-overview)
|
||||
- [Windows Update for Business deployment service](/windows/deployment/update/deployment-service-overview)
|
||||
- [Microsoft Managed Desktop](/managed-desktop/intro/)
|
||||
- [Endpoint analytics (in Microsoft Intune)](/mem/analytics/overview)
|
||||
|
||||
*(Additional licensing requirements may apply to use these services.)*
|
||||
|
||||
If you don’t sign up for any of these enterprise services, Microsoft will act as controller for the diagnostic data.
|
||||
|
||||
### Enabling Windows diagnostic data processor configuration on older versions of Windows
|
||||
|
||||
> [!NOTE]
|
||||
> The information in this section applies to the following versions of Windows:
|
||||
> - Windows 10, versions 1809, 1903, 1909, and 2004.
|
||||
> - Newer versions of Windows 10 and Windows 11 that have not updated yet to at least the January 2023 preview cumulative update.
|
||||
|
||||
Use the instructions below to enable Windows diagnostic data processor configuration using a single setting, through Group Policy, or an MDM solution.
|
||||
|
||||
In Group Policy, to enable Windows diagnostic data processor configuration, go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** and switch the **Allow commercial data pipeline** setting to **enabled**.
|
||||
@ -343,38 +383,6 @@ Under **Value**, use **1** to enable the service.
|
||||
|
||||
If you wish to disable, at any time, switch the same setting to **0**. The default value is **0**.
|
||||
|
||||
>[!Note]
|
||||
> - If you have any additional policies that also enable you to be a controller of Windows diagnostic data, such as the services listed below, you will need to turn off all the applicable policies in order to stop being a controller for Windows diagnostic data.
|
||||
> - Windows diagnostic data collected from a device before it was enabled with Windows diagnostic data processor configuration will be deleted when this configuration is enabled.
|
||||
> - When you enable devices with the Windows diagnostic data processor configuration, users may continue to submit feedback through various channels such as Windows feedback hub or Edge feedback. However, the feedback data is not subject to the terms of the Windows diagnostic data processor configuration. If this is not desired, we recommend that you disable feedback using the available policies or application management solutions.
|
||||
|
||||
You can also enable the Windows diagnostic data processor configuration by enrolling in services that use Windows diagnostic data. These services currently include Desktop Analytics, Update Compliance, Microsoft Managed Desktop, and Windows Update for Business.
|
||||
|
||||
For information on these services and how to configure the group policies, refer to the following documentation:
|
||||
|
||||
Desktop Analytics:
|
||||
|
||||
- [Enable data sharing for Desktop Analytics](/mem/configmgr/desktop-analytics/enable-data-sharing)
|
||||
- [Desktop Analytics data privacy](/mem/configmgr/desktop-analytics/privacy)
|
||||
- [Group policy settings for Desktop Analytics](/mem/configmgr/desktop-analytics/group-policy-settings)
|
||||
|
||||
Update Compliance:
|
||||
|
||||
- [Privacy in Update Compliance](/windows/deployment/update/update-compliance-privacy)
|
||||
- [Manually configuring devices for Update Compliance](/windows/deployment/update/update-compliance-configuration-manual#required-policies)
|
||||
|
||||
Microsoft Managed Desktop:
|
||||
|
||||
- [Privacy and personal data](/microsoft-365/managed-desktop/service-description/privacy-personal-data)
|
||||
|
||||
Windows Update for Business:
|
||||
|
||||
- [How to enable deployment protections](/windows/deployment/update/deployment-service-overview#how-to-enable-deployment-protections)
|
||||
|
||||
## Limit optional diagnostic data for Desktop Analytics
|
||||
|
||||
For more information about how to limit the diagnostic data to the minimum required by Desktop Analytics, see [Enable data sharing for Desktop Analytics](/mem/configmgr/desktop-analytics/enable-data-sharing).
|
||||
|
||||
## Change privacy settings on a single server
|
||||
|
||||
You can also change the privacy settings on a server running either the Azure Stack HCI operating system or Windows Server. For more information, see [Change privacy settings on individual servers](/azure-stack/hci/manage/change-privacy-settings).
|
||||
|
||||
@ -18,8 +18,8 @@ ms.topic: reference
|
||||
- Windows 10, version 1709 and newer
|
||||
|
||||
> [!IMPORTANT]
|
||||
> The Upgrade Readiness and Device Health solutions of Windows Analytics are being retired on January 31, 2020. [Update Compliance](/windows/deployment/update/update-compliance-get-started) will continue to be supported.
|
||||
> For more information, see [Windows Analytics retirement on January 31, 2020](/lifecycle/announcements/windows-analytics-retirement).
|
||||
> - The Upgrade Readiness and Device Health solutions of Windows Analytics were retired on January 31, 2020.
|
||||
> - Desktop Analytics is deprecated and was retired on November 30, 2022.
|
||||
|
||||
Desktop Analytics reports are powered by diagnostic data not included in the Basic level.
|
||||
|
||||
|
||||
@ -164,7 +164,7 @@ We recommend that IT administrators who have enabled the Windows diagnostic data
|
||||
>[!Note]
|
||||
>Tenant account closure will lead to the deletion of all data associated with that tenant.
|
||||
|
||||
Specific services that depend on Windows diagnostic data will also result in the enterprise becoming controllers of their Windows diagnostic data. These services include Update Compliance, Desktop Analytics, Windows Update for Business, and Microsoft Managed Desktop. For more information, see [Related Windows product considerations](#5-related-windows-product-considerations).
|
||||
Specific services that depend on Windows diagnostic data will also result in the enterprise becoming controllers of their Windows diagnostic data. These services include Update Compliance, Windows Update for Business reports, Windows Update for Business, and Microsoft Managed Desktop. For more information, see [Related Windows product considerations](#5-related-windows-product-considerations).
|
||||
|
||||
For more information on how Microsoft can help you honor rights and fulfill obligations under the GDPR when using Windows diagnostic data processor configurations, see [General Data Protection Regulation Summary](/compliance/regulatory/gdpr).
|
||||
|
||||
@ -229,18 +229,19 @@ An administrator can configure privacy-related settings, such as choosing to onl
|
||||
>[!Note]
|
||||
>The Windows diagnostic data processor configuration is not available for Surface Hub.
|
||||
|
||||
### 5.3 Desktop Analytics
|
||||
|
||||
[Desktop Analytics](/mem/configmgr/desktop-analytics/overview) is a set of solutions for Azure portal that provide you with extensive data about the state of devices in your deployment. Desktop Analytics is a separate offering from Windows and is dependent on enabling a minimum set of data collection on the device to function.
|
||||
|
||||
### 5.4 Microsoft Managed Desktop
|
||||
### 5.3 Microsoft Managed Desktop
|
||||
|
||||
[Microsoft Managed Desktop (MMD)](/microsoft-365/managed-desktop/service-description/) is a service that provides your users with a secure modern experience and always keeps devices up to date with the latest versions of Windows Enterprise edition, Office 365 ProPlus, and Microsoft security services.
|
||||
|
||||
### 5.5 Update Compliance
|
||||
### 5.4 Update Compliance
|
||||
|
||||
[Update Compliance](/windows/deployment/update/update-compliance-monitor) is a service that enables organizations to monitor security, quality and feature updates for Windows Professional, Education, and Enterprise editions, and view a report of device and update issues related to compliance that need attention. Update Compliance uses Windows diagnostic data for all its reporting.
|
||||
|
||||
### 5.5 Windows Update for Business reports
|
||||
|
||||
[Windows Update for Business reports](/windows/deployment/update/wufb-reports-overview) is a cloud-based solution that provides information about an organization’s Azure Active Directory-joined devices' compliance with Windows updates. Windows Update for Business reports uses Windows diagnostic data for all its reporting.
|
||||
|
||||
|
||||
## Additional Resources
|
||||
|
||||
* [Microsoft Trust Center: GDPR Overview](https://www.microsoft.com/trust-center/privacy/gdpr-overview)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user