From 93a34f80f4fb7727ae94f957dca4581aa87f7e0d Mon Sep 17 00:00:00 2001 From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com> Date: Fri, 4 Oct 2019 19:47:30 +0100 Subject: [PATCH 001/338] GPO Names and Behaviour Has Changed "Enable automatic MDM enrollment using default Azure AD credentials" is the GPO name and it has two sub options. Not sure if Device Certificate is working at the moment, but the pictures are wrong, but User Certificate is working and so the docs should at least say to use that for now --- ...-device-automatically-using-group-policy.md | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index ad48fe1e75..d0f4e9527f 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -106,7 +106,7 @@ Requirements: ![MDM policies](images/autoenrollment-mdm-policies.png) -4. Double-click **Auto MDM Enrollment with AAD Token**. +4. Double-click **Enable automatic MDM enrollment using default Azure AD credentials** (previously called **Auto MDM Enrollment with AAD Token** in version 1709 of Windows 10). For ADMX files from version 1903 and later select **User Credential** (support for Device Credential is coming) as the Selected Credential Type to Use. User Credential enrolls Windows 10 1709 and later once an Intune licenced user logs into the device. Device Credential will enroll the device and then assign a user later once support for this is available. ![MDM autoenrollment policy](images/autoenrollment-policy.png) @@ -153,18 +153,16 @@ Requirements: - Enterprise AD must be integrated with Azure AD. - Ensure that PCs belong to same computer group. -> [!IMPORTANT] -> If you do not see the policy, it may be because you don’t have the ADMX installed for Windows 10, version 1803 or version 1809. To fix the issue, follow these steps: +>[!IMPORTANT] +>If you do not see the policy, it may be because you don’t have the ADMX installed for Windows 10, version 1803 or version 1809. To fix the issue, follow these steps: > 1. Download: > 1803 -->[Administrative Templates (.admx) for Windows 10 April 2018 Update (1803)](https://www.microsoft.com/download/details.aspx?id=56880) or -> 1809 --> [Administrative Templates for Windows 10 October 2018 Update (1809)](https://www.microsoft.com/download/details.aspx?id=57576) or -> 1903 --> [Administrative Templates for Windows 10 May 2019 Update (1903)](https://www.microsoft.com/download/details.aspx?id=58495) +> 1809 --> [Administrative Templates for Windows 10 October 2018 Update (1809)](https://www.microsoft.com/download/details.aspx?id=57576). > 2. Install the package on the Primary Domain Controller (PDC). > 3. Navigate, depending on the version to the folder: -> 1803 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803) v2**, or -> 1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2** or -> 1903 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2019 Update (1903) v3** -> 4. Copy policy definitions folder to **C:\Windows\SYSVOL\domain\Policies** . +> 1803 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803) v2**, or +> 1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2** +> 4. Copy policy definitions folder to **C:\Windows\SYSVOL\domain\Policies**. > 5. Restart the Primary Domain Controller for the policy to be available. > This procedure will work for any future version as well. @@ -175,7 +173,6 @@ Requirements: 5. Enforce a GPO link. ## Troubleshoot auto-enrollment of devices - Investigate the log file if you have issues even after performing all the mandatory verification steps. The first log file to investigate is the event log on the target Windows 10 device. To collect Event Viewer logs: @@ -232,6 +229,5 @@ To collect Event Viewer logs: ### Useful Links -- [Windows 10 Administrative Templates for Windows 10 May 2019 Update 1903](https://www.microsoft.com/download/details.aspx?id=58495) - [Windows 10 Administrative Templates for Windows 10 October 2018 Update 1809](https://www.microsoft.com/download/details.aspx?id=57576) - [Windows 10 Administrative Templates for Windows 10 April 2018 Update 1803](https://www.microsoft.com/download/details.aspx?id=56880) From 22fe43ded8c3b4d28e229db518de30e8e9d8aaef Mon Sep 17 00:00:00 2001 From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com> Date: Mon, 7 Oct 2019 09:28:02 +0100 Subject: [PATCH 002/338] Update windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index d0f4e9527f..55a221ebed 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -106,7 +106,7 @@ Requirements: ![MDM policies](images/autoenrollment-mdm-policies.png) -4. Double-click **Enable automatic MDM enrollment using default Azure AD credentials** (previously called **Auto MDM Enrollment with AAD Token** in version 1709 of Windows 10). For ADMX files from version 1903 and later select **User Credential** (support for Device Credential is coming) as the Selected Credential Type to Use. User Credential enrolls Windows 10 1709 and later once an Intune licenced user logs into the device. Device Credential will enroll the device and then assign a user later once support for this is available. +4. Double-click **Enable automatic MDM enrollment using default Azure AD credentials** (previously called **Auto MDM Enrollment with AAD Token** in version 1709 of Windows 10). For ADMX files from version 1903 and later, select **User Credential** (support for Device Credential is coming) as the Selected Credential Type to use. User Credential enrolls Windows 10 1709 and later, once an Intune licensed user logs into the device. Device Credential will enroll the device and then assign a user later, once support for this is available. ![MDM autoenrollment policy](images/autoenrollment-policy.png) From 62190b32ae0029e68f5f4430a6cf102ede3c589e Mon Sep 17 00:00:00 2001 From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com> Date: Mon, 7 Oct 2019 09:45:19 +0100 Subject: [PATCH 003/338] Updated GPO names to match the current version of Windows Updated GPO name and links to files. Edited instructions to include new options in GPO and removed hyperlinks to older version of ADMX files (1803) and added links to newest version (1903) --- ...10-device-automatically-using-group-policy.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index 55a221ebed..9160c8b88e 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -153,17 +153,16 @@ Requirements: - Enterprise AD must be integrated with Azure AD. - Ensure that PCs belong to same computer group. ->[!IMPORTANT] ->If you do not see the policy, it may be because you don’t have the ADMX installed for Windows 10, version 1803 or version 1809. To fix the issue, follow these steps: +> [!IMPORTANT] +> If you do not see the policy, it may be because you don’t have the ADMX installed for Windows 10, version 1903 or version 1809. To fix the issue, follow these steps: > 1. Download: -> 1803 -->[Administrative Templates (.admx) for Windows 10 April 2018 Update (1803)](https://www.microsoft.com/download/details.aspx?id=56880) or +> 1903 -->[Administrative Templates for Windows 10 May 2019 Update (1903)](https://www.microsoft.com/download/details.aspx?id=58495) or > 1809 --> [Administrative Templates for Windows 10 October 2018 Update (1809)](https://www.microsoft.com/download/details.aspx?id=57576). -> 2. Install the package on the Primary Domain Controller (PDC). +> 2. Install the package. > 3. Navigate, depending on the version to the folder: -> 1803 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803) v2**, or +> 1903 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2019 Update (1903) v3**, or > 1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2** -> 4. Copy policy definitions folder to **C:\Windows\SYSVOL\domain\Policies**. -> 5. Restart the Primary Domain Controller for the policy to be available. +> 4. Copy policy definitions folder to **C:\Windows\SYSVOL\domain\Policies** or **%windir%\sysvol\domain_name\policies\PolicyDefinitions** if an Group Policy Central Store exists. > This procedure will work for any future version as well. 1. Create a Group Policy Object (GPO) and enable the Group Policy **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **MDM** > **Enable automatic MDM enrollment using default Azure AD credentials**. @@ -226,8 +225,9 @@ To collect Event Viewer logs: - [Link a Group Policy Object](https://technet.microsoft.com/library/cc732979(v=ws.11).aspx) - [Filter Using Security Groups](https://technet.microsoft.com/library/cc752992(v=ws.11).aspx) - [Enforce a Group Policy Object Link](https://technet.microsoft.com/library/cc753909(v=ws.11).aspx) +- [Group Policy Central Store](https://support.microsoft.com/en-gb/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) ### Useful Links -- [Windows 10 Administrative Templates for Windows 10 October 2018 Update 1809](https://www.microsoft.com/download/details.aspx?id=57576) +- [Windows 10 Administrative Templates for Windows 10 May 2019 Update 1903](https://www.microsoft.com/download/details.aspx?id=58495) - [Windows 10 Administrative Templates for Windows 10 April 2018 Update 1803](https://www.microsoft.com/download/details.aspx?id=56880) From 909f55ab308f20690191e21d81a95c7f4ffd85e9 Mon Sep 17 00:00:00 2001 From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com> Date: Mon, 7 Oct 2019 09:48:14 +0100 Subject: [PATCH 004/338] 1709 or later References to 1709 updated (apart from one) to "1709 or later" to be correct --- ...-a-windows-10-device-automatically-using-group-policy.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index 9160c8b88e..4c9e0ec81a 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -37,7 +37,7 @@ The auto-enrollment relies on the presence of an MDM service and the Azure Activ When the auto-enrollment Group Policy is enabled, a task is created in the background that initiates the MDM enrollment. The task will use the existing MDM service configuration from the Azure Active Directory information of the user. If multi-factor authentication is required, the user will get a prompt to complete the authentication. Once the enrollment is configured, the user can check the status in the Settings page. -In Windows 10, version 1709, when the same policy is configured in GP and MDM, the GP policy wins (GP policy takes precedence over MDM). Since Windows 10, version 1803, a new setting allows you to change the policy conflict winner to MDM. For additional information, see [Windows 10 Group Policy vs. Intune MDM Policy who wins?](https://blogs.technet.microsoft.com/cbernier/2018/04/02/windows-10-group-policy-vs-intune-mdm-policy-who-wins/). +In Windows 10, version 1709 or later, when the same policy is configured in GP and MDM, the GP policy wins (GP policy takes precedence over MDM). Since Windows 10, version 1803, a new setting allows you to change the policy conflict winner to MDM. For additional information, see [Windows 10 Group Policy vs. Intune MDM Policy who wins?](https://blogs.technet.microsoft.com/cbernier/2018/04/02/windows-10-group-policy-vs-intune-mdm-policy-who-wins/). For this policy to work, you must verify that the MDM service provider allows the GP triggered MDM enrollment for domain joined devices. @@ -90,7 +90,7 @@ You may contact your domain administrators to verify if the group policy has bee This procedure is only for illustration purposes to show how the new auto-enrollment policy works. It is not recommended for the production environment in the enterprise. For bulk deployment, you should use the [Group Policy Management Console process](#configure-the-auto-enrollment-for-a-group-of-devices). Requirements: -- AD-joined PC running Windows 10, version 1709 +- AD-joined PC running Windows 10, version 1709 or later - Enterprise has MDM service already configured - Enterprise AD must be registered with Azure AD @@ -148,7 +148,7 @@ Requirements: ## Configure the auto-enrollment for a group of devices Requirements: -- AD-joined PC running Windows 10, version 1709 +- AD-joined PC running Windows 10, version 1709 or later - Enterprise has MDM service already configured (with Intune or a third party service provider) - Enterprise AD must be integrated with Azure AD. - Ensure that PCs belong to same computer group. From 79e500a3914918ce871172270791440086cef4f9 Mon Sep 17 00:00:00 2001 From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com> Date: Mon, 7 Oct 2019 17:43:56 +0100 Subject: [PATCH 005/338] Update enroll-a-windows-10-device-automatically-using-group-policy.md --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index 4c9e0ec81a..ee37cbf744 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -230,4 +230,4 @@ To collect Event Viewer logs: ### Useful Links - [Windows 10 Administrative Templates for Windows 10 May 2019 Update 1903](https://www.microsoft.com/download/details.aspx?id=58495) -- [Windows 10 Administrative Templates for Windows 10 April 2018 Update 1803](https://www.microsoft.com/download/details.aspx?id=56880) +- [Windows 10 Administrative Templates for Windows 10 October 2018 Update 1809](https://www.microsoft.com/download/details.aspx?id=57576) From 764463f940765e76f604eb330456bd8d4f01700b Mon Sep 17 00:00:00 2001 From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com> Date: Mon, 7 Oct 2019 18:01:50 +0100 Subject: [PATCH 006/338] Update windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index ee37cbf744..7459beee1f 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -162,7 +162,7 @@ Requirements: > 3. Navigate, depending on the version to the folder: > 1903 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2019 Update (1903) v3**, or > 1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2** -> 4. Copy policy definitions folder to **C:\Windows\SYSVOL\domain\Policies** or **%windir%\sysvol\domain_name\policies\PolicyDefinitions** if an Group Policy Central Store exists. +> 4. Copy the policy definitions folder to **C:\Windows\SYSVOL\domain\Policies** or **%windir%\sysvol\domain_name\policies\PolicyDefinitions** if a Group Policy Central Store exists. > This procedure will work for any future version as well. 1. Create a Group Policy Object (GPO) and enable the Group Policy **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **MDM** > **Enable automatic MDM enrollment using default Azure AD credentials**. From 229b88c69e457baca35468ae5bb4c55aee87ed50 Mon Sep 17 00:00:00 2001 From: brianreidc7 <31985319+brianreidc7@users.noreply.github.com> Date: Tue, 22 Oct 2019 09:02:28 +0100 Subject: [PATCH 007/338] Update windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index 30f5348c1a..e7ceb4f502 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -235,7 +235,7 @@ To collect Event Viewer logs: - [Link a Group Policy Object](https://technet.microsoft.com/library/cc732979(v=ws.11).aspx) - [Filter Using Security Groups](https://technet.microsoft.com/library/cc752992(v=ws.11).aspx) - [Enforce a Group Policy Object Link](https://technet.microsoft.com/library/cc753909(v=ws.11).aspx) -- [Group Policy Central Store](https://support.microsoft.com/en-gb/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) +- [Group Policy Central Store](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) ### Useful Links From 70582898fb5bfae15799a98d6a4042dff384b45a Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Sun, 15 Dec 2019 17:49:59 +0530 Subject: [PATCH 008/338] added new policy changes in 1903 added the group policy settings changes from 1809 to may 1903 , under system and windows components --- .../new-policies-for-windows-10.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md index da5cc3e5c8..12fc040cdd 100644 --- a/windows/client-management/new-policies-for-windows-10.md +++ b/windows/client-management/new-policies-for-windows-10.md @@ -25,6 +25,33 @@ ms.topic: reference Windows 10 includes the following new policies for management. [Download the complete set of Administrative Template (.admx) files for Windows 10](https://www.microsoft.com/download/100591). +## New Group Policy settings in Windows 10, version 1903 + +The following Group Policy settings were added in Windows 10, version 1903: + +**System** + +- System\Service Control Manager Access\Security Securty\Enable svchost.exe migitation options +- System\Storage Sense\Allow Storage Sense +- System\Storage Sense\Allow Storage Sense Temporary Files cleanup +- System\Storage Sense\Configure Storage Sense +- System\Storage Sense\Configure Storage Sense Cloud content dehydration threshold +- System\Storage Sense\Configure Storage Sense Recycle Bin cleanup threshold +- System\Storage Sense\Configure Storage Sense Downloads cleanup threshold +- System\Troubleshooting and Diagnostics\Microsoft Support Diagnostic Tool\Troubleshooting:Allow users to access recommended troubleshooting for known problems + + +**Windows Components** + +- Windows Components\App Privacy\Let Windows apps activate with voice +- Windows Components\App Privacy\Let Windows apps activate with voice while the system is locked +- Windows Components\Data Collection and Preview Builds\Allow commercial data pipeline +- Windows Components\Data Collection and Preview Builds\Configure collection of browsing data for Desktop Analytics +- Windows Components\Data Collection and Preview Builds\Configure diagnostic data upload endpoint for Desktop Analytics +- Windows Components\Delivery Optimization\Delay background download Cache Server fallback (in seconds) +- Windows Components\Delivery Optimization\Delay Foreground download Cache Server fallback (in seconds) +- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Use WDDM graphics display driver for Remote Desktop Connections +- Windows Components\Windows Logon Options\Configure the mode of automatically signing in and locking last interactive user after a restart or cold boot ## New Group Policy settings in Windows 10, version 1809 From fe0b76895cd40694645086ccd32fe733d8aeb027 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Mon, 16 Dec 2019 07:37:29 +0530 Subject: [PATCH 009/338] Update windows/client-management/new-policies-for-windows-10.md accepted Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- windows/client-management/new-policies-for-windows-10.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md index 12fc040cdd..8b4d14515d 100644 --- a/windows/client-management/new-policies-for-windows-10.md +++ b/windows/client-management/new-policies-for-windows-10.md @@ -31,7 +31,7 @@ The following Group Policy settings were added in Windows 10, version 1903: **System** -- System\Service Control Manager Access\Security Securty\Enable svchost.exe migitation options +- System\Service Control Manager Settings\Security Settings\Enable svchost.exe mitigation options - System\Storage Sense\Allow Storage Sense - System\Storage Sense\Allow Storage Sense Temporary Files cleanup - System\Storage Sense\Configure Storage Sense @@ -523,4 +523,3 @@ No new [Exchange ActiveSync policies](https://go.microsoft.com/fwlink/p/?LinkId= - From c61d125833622c011b3e83a73eced39c0a841e7b Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Sat, 11 Jan 2020 20:05:06 +0530 Subject: [PATCH 010/338] added two titles with corresponding links and location of tools i added the following tools **Recovery Drive with website link*& **Registry Editor with website link** added the sentences **Below tools are located under C:\Windows\Sytem32\** --- .../client-management/administrative-tools-in-windows-10.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/client-management/administrative-tools-in-windows-10.md b/windows/client-management/administrative-tools-in-windows-10.md index 35c0f225b0..883afe3b41 100644 --- a/windows/client-management/administrative-tools-in-windows-10.md +++ b/windows/client-management/administrative-tools-in-windows-10.md @@ -29,7 +29,7 @@ The tools in the folder might vary depending on which edition of Windows you are ![Screenshot of folder of admin tools](images/admin-tools-folder.png) -These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list links to documentation for each tool. +These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list links to documentation for each tool.Below tools are located under C:\Windows\Sytem32\ @@ -43,6 +43,8 @@ These tools were included in previous versions of Windows and the associated doc - [ODBC Data Sources]( https://go.microsoft.com/fwlink/p/?LinkId=708494) - [Performance Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708495) - [Print Management](https://go.microsoft.com/fwlink/p/?LinkId=708496) +- [Recovery Drive](https://support.microsoft.com/en-us/help/4026852/windows-create-a-recovery-drive) +- [Registry Editor](https://docs.microsoft.com/en-us/windows/win32/sysinfo/registry) - [Resource Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708497) - [Services](https://go.microsoft.com/fwlink/p/?LinkId=708498) - [System Configuration](https://go.microsoft.com/fwlink/p/?LinkId=708499) From 8eab7420a97e7a8e5bedd0cd15f8da5a89b6c3b8 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Sat, 11 Jan 2020 22:39:27 +0530 Subject: [PATCH 011/338] Update windows/client-management/administrative-tools-in-windows-10.md Thanks sir . I accepted Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../client-management/administrative-tools-in-windows-10.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/client-management/administrative-tools-in-windows-10.md b/windows/client-management/administrative-tools-in-windows-10.md index 883afe3b41..d4caf190cb 100644 --- a/windows/client-management/administrative-tools-in-windows-10.md +++ b/windows/client-management/administrative-tools-in-windows-10.md @@ -29,7 +29,7 @@ The tools in the folder might vary depending on which edition of Windows you are ![Screenshot of folder of admin tools](images/admin-tools-folder.png) -These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list links to documentation for each tool.Below tools are located under C:\Windows\Sytem32\ +These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list links to documentation for each tool. The tools are located within the folder C:\Windows\System32\ or its subfolders. @@ -65,4 +65,3 @@ These tools were included in previous versions of Windows and the associated doc - From 391ff06cfa8ccc1896220078377d566f6c44cf7b Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Sun, 12 Jan 2020 15:17:01 +0530 Subject: [PATCH 012/338] Update windows/client-management/administrative-tools-in-windows-10.md ok accepted Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../client-management/administrative-tools-in-windows-10.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/client-management/administrative-tools-in-windows-10.md b/windows/client-management/administrative-tools-in-windows-10.md index d4caf190cb..0ecc65a84f 100644 --- a/windows/client-management/administrative-tools-in-windows-10.md +++ b/windows/client-management/administrative-tools-in-windows-10.md @@ -44,7 +44,7 @@ These tools were included in previous versions of Windows and the associated doc - [Performance Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708495) - [Print Management](https://go.microsoft.com/fwlink/p/?LinkId=708496) - [Recovery Drive](https://support.microsoft.com/en-us/help/4026852/windows-create-a-recovery-drive) -- [Registry Editor](https://docs.microsoft.com/en-us/windows/win32/sysinfo/registry) +- [Registry Editor](https://docs.microsoft.com/windows/win32/sysinfo/registry) - [Resource Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708497) - [Services](https://go.microsoft.com/fwlink/p/?LinkId=708498) - [System Configuration](https://go.microsoft.com/fwlink/p/?LinkId=708499) @@ -64,4 +64,3 @@ These tools were included in previous versions of Windows and the associated doc - From 90252b31f7ac8b1654b056bd4d8d27213ea10b06 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Sun, 12 Jan 2020 15:18:15 +0530 Subject: [PATCH 013/338] Update windows/client-management/administrative-tools-in-windows-10.md I tested on my laptop. so the files are under system32 , not in sub folder Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../client-management/administrative-tools-in-windows-10.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/client-management/administrative-tools-in-windows-10.md b/windows/client-management/administrative-tools-in-windows-10.md index 0ecc65a84f..6320e35cdf 100644 --- a/windows/client-management/administrative-tools-in-windows-10.md +++ b/windows/client-management/administrative-tools-in-windows-10.md @@ -29,7 +29,7 @@ The tools in the folder might vary depending on which edition of Windows you are ![Screenshot of folder of admin tools](images/admin-tools-folder.png) -These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list links to documentation for each tool. The tools are located within the folder C:\Windows\System32\ or its subfolders. +These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list provides links to documentation for each tool. The tools are located within the folder C:\Windows\System32\ or its subfolders. @@ -63,4 +63,3 @@ These tools were included in previous versions of Windows and the associated doc - From a2a9672a248a3a8a2b53ad04aa97d5c53a0858d8 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Mon, 13 Jan 2020 01:20:03 +0530 Subject: [PATCH 014/338] Update windows/client-management/administrative-tools-in-windows-10.md accepted Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../client-management/administrative-tools-in-windows-10.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/client-management/administrative-tools-in-windows-10.md b/windows/client-management/administrative-tools-in-windows-10.md index 6320e35cdf..91bc510d5f 100644 --- a/windows/client-management/administrative-tools-in-windows-10.md +++ b/windows/client-management/administrative-tools-in-windows-10.md @@ -43,7 +43,7 @@ These tools were included in previous versions of Windows and the associated doc - [ODBC Data Sources]( https://go.microsoft.com/fwlink/p/?LinkId=708494) - [Performance Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708495) - [Print Management](https://go.microsoft.com/fwlink/p/?LinkId=708496) -- [Recovery Drive](https://support.microsoft.com/en-us/help/4026852/windows-create-a-recovery-drive) +- [Recovery Drive](https://support.microsoft.com/help/4026852/windows-create-a-recovery-drive) - [Registry Editor](https://docs.microsoft.com/windows/win32/sysinfo/registry) - [Resource Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708497) - [Services](https://go.microsoft.com/fwlink/p/?LinkId=708498) @@ -62,4 +62,3 @@ These tools were included in previous versions of Windows and the associated doc - From 3bcacc95afa83a3dc958710d720e0c6816882843 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Sat, 25 Jan 2020 21:57:26 +0500 Subject: [PATCH 015/338] Update hello-hybrid-aadj-sso-base.md --- .../hello-for-business/hello-hybrid-aadj-sso-base.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md index 54e4021adc..e9b63900ff 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md @@ -290,6 +290,8 @@ A **Trusted Certificate** device configuration profile is how you deploy trusted 5. In the **Enterprise Root Certificate** blade, click **Assignments**. In the **Include** tab, select **All Devices** from the **Assign to** list. Click **Save**. ![Intune Profile assignment](images/aadj/intune-device-config-enterprise-root-assignment.png) 6. Sign out of the Microsoft Azure Portal. +> [!NOTE] +> After the creation, the **supported platform** parameter of the profile will have value "Windows 8.1 and later", as the certificate configuration for Windows 8.1 and Windows 10 is the same. ## Configure Windows Hello for Business Device Enrollment From e03af423faf9b650141e6d2692881766db8354de Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 27 Jan 2020 11:14:20 +0500 Subject: [PATCH 016/338] Update windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../hello-for-business/hello-hybrid-aadj-sso-base.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md index e9b63900ff..7c5404142f 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md @@ -291,7 +291,7 @@ A **Trusted Certificate** device configuration profile is how you deploy trusted ![Intune Profile assignment](images/aadj/intune-device-config-enterprise-root-assignment.png) 6. Sign out of the Microsoft Azure Portal. > [!NOTE] -> After the creation, the **supported platform** parameter of the profile will have value "Windows 8.1 and later", as the certificate configuration for Windows 8.1 and Windows 10 is the same. +> After the creation, the **supported platform** parameter of the profile will contain the value "Windows 8.1 and later", as the certificate configuration for Windows 8.1 and Windows 10 is the same. ## Configure Windows Hello for Business Device Enrollment From e8bf7e55c1069226b575a1320cb9764ced0950d4 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 3 Feb 2020 12:40:35 -0800 Subject: [PATCH 017/338] testing new toc --- windows/deployment/TOC.md | 288 ++++---------------------------------- 1 file changed, 31 insertions(+), 257 deletions(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index ef3757e12b..57164b2217 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -1,47 +1,42 @@ # [Deploy and update Windows 10](https://docs.microsoft.com/windows/deployment) -## [Deployment process posters](windows-10-deployment-posters.md) -## [Deploy Windows 10 with Microsoft 365](deploy-m365.md) ## [What's new in Windows 10 deployment](deploy-whats-new.md) -## [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) -## [Windows Autopilot](windows-autopilot/windows-autopilot.md) +## [Windows as a service](update/windows-as-a-service.md) -## Subscription Activation -### [Windows 10 Subscription Activation](windows-10-subscription-activation.md) -### [Windows 10 Enterprise E3 in CSP](windows-10-enterprise-e3-overview.md) -### [Configure VDA for Subscription Activation](vda-subscription-activation.md) -### [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md) +## Get started +### [Deployment process posters](windows-10-deployment-posters.md) +### [Deploy Windows 10 with Microsoft 365](deploy-m365.md) -## Resolve upgrade errors -### [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) -### [Quick fixes](upgrade\quick-fixes.md) -### [SetupDiag](upgrade/setupdiag.md) -### [Troubleshooting upgrade errors](upgrade/troubleshoot-upgrade-errors.md) -### [Windows error reporting](upgrade/windows-error-reporting.md) -### [Upgrade error codes](upgrade/upgrade-error-codes.md) -### [Log files](upgrade/log-files.md) -### [Resolution procedures](upgrade/resolution-procedures.md) -### [Submit Windows 10 upgrade errors](upgrade/submit-errors.md) +## Plan for deployment +### [Windows 10 Enterprise FAQ for IT Pros](planning/windows-10-enterprise-faq-itpro.md) +### [Windows 10 deployment considerations](planning/windows-10-deployment-considerations.md) +### [Windows 10 compatibility](planning/windows-10-compatibility.md) +### [Windows 10 infrastructure requirements](planning/windows-10-infrastructure-requirements.md) ## Deploy Windows 10 -### [Deploying Windows 10](deploy.md) - ### [Windows Autopilot](windows-autopilot/windows-autopilot.md) -### [Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md) -### [Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) -### [Windows 10 volume license media](windows-10-media.md) +### Subscription Activation +#### [Windows 10 Subscription Activation](windows-10-subscription-activation.md) +#### [Windows 10 Enterprise E3 in CSP](windows-10-enterprise-e3-overview.md) +#### [Configure VDA for Subscription Activation](vda-subscription-activation.md) +#### [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md) -### [Windows 10 in S mode](s-mode.md) -#### [Switch to Windows 10 Pro/Enterprise from S mode](windows-10-pro-in-s-mode.md) +## Manage Windows 10 updates +### [Windows as a service - introduction](update/windows-as-a-service.md) +### [Quick guide to Windows as a service](update/waas-quick-start.md) +### [Servicing stack updates](update/servicing-stack-updates.md) +### [Overview of Windows as a service](update/waas-overview.md) -### [Windows 10 deployment test lab](windows-10-poc.md) -#### [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) -#### [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md) - -### [Plan for Windows 10 deployment](planning/index.md) -#### [Windows 10 Enterprise FAQ for IT Pros](planning/windows-10-enterprise-faq-itpro.md) -#### [Windows 10 deployment considerations](planning/windows-10-deployment-considerations.md) -#### [Windows 10 compatibility](planning/windows-10-compatibility.md) -#### [Windows 10 infrastructure requirements](planning/windows-10-infrastructure-requirements.md) +## Reference +### Resolve upgrade errors +#### [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) +#### [Quick fixes](upgrade\quick-fixes.md) +#### [SetupDiag](upgrade/setupdiag.md) +#### [Troubleshooting upgrade errors](upgrade/troubleshoot-upgrade-errors.md) +#### [Windows error reporting](upgrade/windows-error-reporting.md) +#### [Upgrade error codes](upgrade/upgrade-error-codes.md) +#### [Log files](upgrade/log-files.md) +#### [Resolution procedures](upgrade/resolution-procedures.md) +#### [Submit Windows 10 upgrade errors](upgrade/submit-errors.md) #### [Volume Activation [client]](volume-activation/volume-activation-windows-10.md) ##### [Plan for volume activation [client]](volume-activation/plan-for-volume-activation-client.md) @@ -50,225 +45,4 @@ ##### [Activate clients running Windows 10](volume-activation/activate-windows-10-clients-vamt.md) ##### [Monitor activation [client]](volume-activation/monitor-activation-client.md) ##### [Use the Volume Activation Management Tool [client]](volume-activation/use-the-volume-activation-management-tool-client.md) -##### [Appendix: Information sent to Microsoft during activation [client]](volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md) - -#### [Application Compatibility Toolkit (ACT) Technical Reference](planning/act-technical-reference.md) -##### [SUA User's Guide](planning/sua-users-guide.md) -###### [Using the SUA Wizard](planning/using-the-sua-wizard.md) -###### [Using the SUA Tool](planning/using-the-sua-tool.md) -####### [Tabs on the SUA Tool Interface](planning/tabs-on-the-sua-tool-interface.md) -####### [Showing Messages Generated by the SUA Tool](planning/showing-messages-generated-by-the-sua-tool.md) -####### [Applying Filters to Data in the SUA Tool](planning/applying-filters-to-data-in-the-sua-tool.md) -####### [Fixing Applications by Using the SUA Tool](planning/fixing-applications-by-using-the-sua-tool.md) -##### [Compatibility Administrator User's Guide](planning/compatibility-administrator-users-guide.md) -###### [Using the Compatibility Administrator Tool](planning/using-the-compatibility-administrator-tool.md) -####### [Available Data Types and Operators in Compatibility Administrator](planning/available-data-types-and-operators-in-compatibility-administrator.md) -####### [Searching for Fixed Applications in Compatibility Administrator](planning/searching-for-fixed-applications-in-compatibility-administrator.md) -####### [Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator](planning/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md) -####### [Creating a Custom Compatibility Fix in Compatibility Administrator](planning/creating-a-custom-compatibility-fix-in-compatibility-administrator.md) -####### [Creating a Custom Compatibility Mode in Compatibility Administrator](planning/creating-a-custom-compatibility-mode-in-compatibility-administrator.md) -####### [Creating an AppHelp Message in Compatibility Administrator](planning/creating-an-apphelp-message-in-compatibility-administrator.md) -####### [Viewing the Events Screen in Compatibility Administrator](planning/viewing-the-events-screen-in-compatibility-administrator.md) -####### [Enabling and Disabling Compatibility Fixes in Compatibility Administrator](planning/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md) -####### [Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator](planning/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md) -###### [Managing Application-Compatibility Fixes and Custom Fix Databases](planning/managing-application-compatibility-fixes-and-custom-fix-databases.md) -####### [Understanding and Using Compatibility Fixes](planning/understanding-and-using-compatibility-fixes.md) -####### [Compatibility Fix Database Management Strategies and Deployment](planning/compatibility-fix-database-management-strategies-and-deployment.md) -####### [Testing Your Application Mitigation Packages](planning/testing-your-application-mitigation-packages.md) -###### [Using the Sdbinst.exe Command-Line Tool](planning/using-the-sdbinstexe-command-line-tool.md) -##### [Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](planning/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md) - - -### [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) -#### [Get started with the Microsoft Deployment Toolkit (MDT)](deploy-windows-mdt/get-started-with-the-microsoft-deployment-toolkit.md) -##### [Key features in MDT](deploy-windows-mdt/key-features-in-mdt.md) -##### [MDT Lite Touch components](deploy-windows-mdt/mdt-lite-touch-components.md) -##### [Prepare for deployment with MDT](deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md) - -#### [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md) -#### [Deploy a Windows 10 image using MDT](deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md) -#### [Build a distributed environment for Windows 10 deployment](deploy-windows-mdt/build-a-distributed-environment-for-windows-10-deployment.md) -#### [Refresh a Windows 7 computer with Windows 10](deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10.md) -#### [Replace a Windows 7 computer with a Windows 10 computer](deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md) -#### [Perform an in-place upgrade to Windows 10 with MDT](upgrade/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md) -#### [Configure MDT settings](deploy-windows-mdt/configure-mdt-settings.md) -##### [Set up MDT for BitLocker](deploy-windows-mdt/set-up-mdt-for-bitlocker.md) -##### [Configure MDT deployment share rules](deploy-windows-mdt/configure-mdt-deployment-share-rules.md) -##### [Configure MDT for UserExit scripts](deploy-windows-mdt/configure-mdt-for-userexit-scripts.md) -##### [Simulate a Windows 10 deployment in a test environment](deploy-windows-mdt/simulate-a-windows-10-deployment-in-a-test-environment.md) -##### [Use the MDT database to stage Windows 10 deployment information](deploy-windows-mdt/use-the-mdt-database-to-stage-windows-10-deployment-information.md) -##### [Assign applications using roles in MDT](deploy-windows-mdt/assign-applications-using-roles-in-mdt.md) -##### [Use web services in MDT](deploy-windows-mdt/use-web-services-in-mdt.md) -##### [Use Orchestrator runbooks with MDT](deploy-windows-mdt/use-orchestrator-runbooks-with-mdt.md) - -### [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) -#### [Integrate Configuration Manager with MDT](deploy-windows-mdt/integrate-configuration-manager-with-mdt.md) -#### [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-sccm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) -#### [Create a custom Windows PE boot image with Configuration Manager](deploy-windows-sccm/create-a-custom-windows-pe-boot-image-with-configuration-manager.md) -#### [Add a Windows 10 operating system image using Configuration Manager](deploy-windows-sccm/add-a-windows-10-operating-system-image-using-configuration-manager.md) -#### [Create an application to deploy with Windows 10 using Configuration Manager](deploy-windows-sccm/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md) -#### [Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](deploy-windows-sccm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md) -#### [Create a task sequence with Configuration Manager and MDT](deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md) -#### [Finalize the operating system configuration for Windows 10 deployment with Configuration Manager](deploy-windows-sccm/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md) -#### [Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-sccm/deploy-windows-10-using-pxe-and-configuration-manager.md) -#### [Monitor the Windows 10 deployment with Configuration Manager](deploy-windows-sccm/monitor-windows-10-deployment-with-configuration-manager.md) -#### [Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](deploy-windows-sccm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md) -#### [Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](deploy-windows-sccm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md) -#### [Perform an in-place upgrade to Windows 10 using Configuration Manager](upgrade/upgrade-to-windows-10-with-system-center-configuraton-manager.md) - -### [Windows 10 deployment tools](windows-10-deployment-tools.md) - -#### [Windows 10 deployment scenarios and tools](windows-deployment-scenarios-and-tools.md) -#### [Convert MBR partition to GPT](mbr-to-gpt.md) -#### [Configure a PXE server to load Windows PE](configure-a-pxe-server-to-load-windows-pe.md) -#### [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md) - -#### [Deploy Windows To Go in your organization](deploy-windows-to-go.md) -##### [Windows To Go: feature overview](planning/windows-to-go-overview.md) -###### [Best practice recommendations for Windows To Go](planning/best-practice-recommendations-for-windows-to-go.md) -###### [Deployment considerations for Windows To Go](planning/deployment-considerations-for-windows-to-go.md) -###### [Prepare your organization for Windows To Go](planning/prepare-your-organization-for-windows-to-go.md) -###### [Security and data protection considerations for Windows To Go](planning/security-and-data-protection-considerations-for-windows-to-go.md) -###### [Windows To Go: frequently asked questions](planning/windows-to-go-frequently-asked-questions.md) - -#### [Volume Activation Management Tool (VAMT) Technical Reference](volume-activation/volume-activation-management-tool.md) -##### [Introduction to VAMT](volume-activation/introduction-vamt.md) -##### [Active Directory-Based Activation Overview](volume-activation/active-directory-based-activation-overview.md) -##### [Install and Configure VAMT](volume-activation/install-configure-vamt.md) -###### [VAMT Requirements](volume-activation/vamt-requirements.md) -###### [Install VAMT](volume-activation/install-vamt.md) -###### [Configure Client Computers](volume-activation/configure-client-computers-vamt.md) -##### [Add and Manage Products](volume-activation/add-manage-products-vamt.md) -###### [Add and Remove Computers](volume-activation/add-remove-computers-vamt.md) -###### [Update Product Status](volume-activation/update-product-status-vamt.md) -###### [Remove Products](volume-activation/remove-products-vamt.md) -##### [Manage Product Keys](volume-activation/manage-product-keys-vamt.md) -###### [Add and Remove a Product Key](volume-activation/add-remove-product-key-vamt.md) -###### [Install a Product Key](volume-activation/install-product-key-vamt.md) -###### [Install a KMS Client Key](volume-activation/install-kms-client-key-vamt.md) -##### [Manage Activations](volume-activation/manage-activations-vamt.md) -###### [Perform Online Activation](volume-activation/online-activation-vamt.md) -###### [Perform Proxy Activation](volume-activation/proxy-activation-vamt.md) -###### [Perform KMS Activation](volume-activation/kms-activation-vamt.md) -###### [Perform Local Reactivation](volume-activation/local-reactivation-vamt.md) -###### [Activate an Active Directory Forest Online](volume-activation/activate-forest-vamt.md) -###### [Activate by Proxy an Active Directory Forest](volume-activation/activate-forest-by-proxy-vamt.md) -##### [Manage VAMT Data](volume-activation/manage-vamt-data.md) -###### [Import and Export VAMT Data](volume-activation/import-export-vamt-data.md) -###### [Use VAMT in Windows PowerShell](volume-activation/use-vamt-in-windows-powershell.md) -##### [VAMT Step-by-Step Scenarios](volume-activation/vamt-step-by-step.md) -###### [Scenario 1: Online Activation](volume-activation/scenario-online-activation-vamt.md) -###### [Scenario 2: Proxy Activation](volume-activation/scenario-proxy-activation-vamt.md) -###### [Scenario 3: KMS Client Activation](volume-activation/scenario-kms-activation-vamt.md) -##### [VAMT Known Issues](volume-activation/vamt-known-issues.md) -#### [User State Migration Tool (USMT) Technical Reference](usmt/usmt-technical-reference.md) -##### [User State Migration Tool (USMT) Overview Topics](usmt/usmt-topics.md) -###### [User State Migration Tool (USMT) Overview](usmt/usmt-overview.md) -###### [Getting Started with the User State Migration Tool (USMT)](usmt/getting-started-with-the-user-state-migration-tool.md) -###### [Windows Upgrade and Migration Considerations](upgrade/windows-upgrade-and-migration-considerations.md) -##### [User State Migration Tool (USMT) How-to topics](usmt/usmt-how-to.md) -###### [Exclude Files and Settings](usmt/usmt-exclude-files-and-settings.md) -###### [Extract Files from a Compressed USMT Migration Store](usmt/usmt-extract-files-from-a-compressed-migration-store.md) -###### [Include Files and Settings](usmt/usmt-include-files-and-settings.md) -###### [Migrate Application Settings](usmt/migrate-application-settings.md) -###### [Migrate EFS Files and Certificates](usmt/usmt-migrate-efs-files-and-certificates.md) -###### [Migrate User Accounts](usmt/usmt-migrate-user-accounts.md) -###### [Reroute Files and Settings](usmt/usmt-reroute-files-and-settings.md) -###### [Verify the Condition of a Compressed Migration Store](usmt/verify-the-condition-of-a-compressed-migration-store.md) -##### [User State Migration Tool (USMT) Troubleshooting](usmt/usmt-troubleshooting.md) -###### [Common Issues](usmt/usmt-common-issues.md) -###### [Frequently Asked Questions](usmt/usmt-faq.md) -###### [Log Files](usmt/usmt-log-files.md) -###### [Return Codes](usmt/usmt-return-codes.md) -###### [USMT Resources](usmt/usmt-resources.md) -##### [User State Migration Toolkit (USMT) Reference](usmt/usmt-reference.md) -###### [USMT Requirements](usmt/usmt-requirements.md) -###### [USMT Best Practices](usmt/usmt-best-practices.md) -###### [How USMT Works](usmt/usmt-how-it-works.md) -###### [Plan Your Migration](usmt/usmt-plan-your-migration.md) -####### [Common Migration Scenarios](usmt/usmt-common-migration-scenarios.md) -####### [What Does USMT Migrate?](usmt/usmt-what-does-usmt-migrate.md) -####### [Choose a Migration Store Type](usmt/usmt-choose-migration-store-type.md) -######## [Migration Store Types Overview](usmt/migration-store-types-overview.md) -######## [Estimate Migration Store Size](usmt/usmt-estimate-migration-store-size.md) -######## [Hard-Link Migration Store](usmt/usmt-hard-link-migration-store.md) -######## [Migration Store Encryption](usmt/usmt-migration-store-encryption.md) -####### [Determine What to Migrate](usmt/usmt-determine-what-to-migrate.md) -######## [Identify Users](usmt/usmt-identify-users.md) -######## [Identify Applications Settings](usmt/usmt-identify-application-settings.md) -######## [Identify Operating System Settings](usmt/usmt-identify-operating-system-settings.md) -######## [Identify File Types, Files, and Folders](usmt/usmt-identify-file-types-files-and-folders.md) -####### [Test Your Migration](usmt/usmt-test-your-migration.md) -###### [User State Migration Tool (USMT) Command-line Syntax](usmt/usmt-command-line-syntax.md) -####### [ScanState Syntax](usmt/usmt-scanstate-syntax.md) -####### [LoadState Syntax](usmt/usmt-loadstate-syntax.md) -####### [UsmtUtils Syntax](usmt/usmt-utilities.md) -###### [USMT XML Reference](usmt/usmt-xml-reference.md) -####### [Understanding Migration XML Files](usmt/understanding-migration-xml-files.md) -####### [Config.xml File](usmt/usmt-configxml-file.md) -####### [Customize USMT XML Files](usmt/usmt-customize-xml-files.md) -####### [Custom XML Examples](usmt/usmt-custom-xml-examples.md) -####### [Conflicts and Precedence](usmt/usmt-conflicts-and-precedence.md) -####### [General Conventions](usmt/usmt-general-conventions.md) -####### [XML File Requirements](usmt/xml-file-requirements.md) -####### [Recognized Environment Variables](usmt/usmt-recognized-environment-variables.md) -####### [XML Elements Library](usmt/usmt-xml-elements-library.md) -###### [Offline Migration Reference](usmt/offline-migration-reference.md) -### [Install fonts in Windows 10](windows-10-missing-fonts.md) - -## Update Windows 10 -### [Update Windows 10 in enterprise deployments](update/index.md) -### Windows as a service -#### [Windows as a service - introduction](update/windows-as-a-service.md) -#### [Quick guide to Windows as a service](update/waas-quick-start.md) -#### [Servicing stack updates](update/servicing-stack-updates.md) -#### [Overview of Windows as a service](update/waas-overview.md) -### [Prepare servicing strategy for Windows 10 updates](update/waas-servicing-strategy-windows-10-updates.md) -### [Build deployment rings for Windows 10 updates](update/waas-deployment-rings-windows-10-updates.md) -### [Assign devices to servicing channels for Windows 10 updates](update/waas-servicing-channels-windows-10-updates.md) -### Get started -#### [Get started with Windows Update](update/windows-update-overview.md) -#### [How Windows Update works](update/how-windows-update-works.md) -#### [Windows Update log files](update/windows-update-logs.md) -#### [How to troubleshoot Windows Update](update/windows-update-troubleshooting.md) -#### [Common Windows Update errors](update/windows-update-errors.md) -#### [Windows Update error code reference](update/windows-update-error-reference.md) -#### [Other Windows Update resources](update/windows-update-resources.md) -### Optimize delivery -#### [Optimize Windows 10 update delivery](update/waas-optimize-windows-10-updates.md) -#### [Delivery Optimization for Windows 10 updates](update/waas-delivery-optimization.md) -#### [Set up Delivery Optimization for Windows 10 updates](update/waas-delivery-optimization-setup.md) -#### [Delivery Optimization reference](update/waas-delivery-optimization-reference.md) -#### [Configure BranchCache for Windows 10 updates](update/waas-branchcache.md) -#### [Whitepaper: Windows Updates using forward and reverse differentials](update/PSFxWhitepaper.md) -### Monitor Windows Updates -#### [Monitor Windows Updates with Update Compliance](update/update-compliance-monitor.md) -#### [Get started with Update Compliance](update/update-compliance-get-started.md) -#### [Use Update Compliance](update/update-compliance-using.md) -##### [Need Attention! report](update/update-compliance-need-attention.md) -##### [Security Update Status report](update/update-compliance-security-update-status.md) -##### [Feature Update Status report](update/update-compliance-feature-update-status.md) -##### [Windows Defender AV Status report](update/update-compliance-wd-av-status.md) -##### [Delivery Optimization in Update Compliance](update/update-compliance-delivery-optimization.md) -##### [Update Compliance Perspectives](update/update-compliance-perspectives.md) -### Best practices -#### [Best practices for feature updates on mission-critical devices](update/feature-update-mission-critical.md) -#### [Deploy feature updates during maintenance windows](update/feature-update-maintenance-window.md) -#### [Deploy feature updates for user-initiated installations](update/feature-update-user-install.md) -#### [Conclusion](update/feature-update-conclusion.md) -### [Deploy updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile](update/waas-mobile-updates.md) -### Use Windows Update for Business -#### [Deploy updates using Windows Update for Business](update/waas-manage-updates-wufb.md) -#### [Configure Windows Update for Business](update/waas-configure-wufb.md) -#### [Enforcing compliance deadlines for updates](update/wufb-compliancedeadlines.md) -#### [Integrate Windows Update for Business with management solutions](update/waas-integrate-wufb.md) -#### [Walkthrough: use Group Policy to configure Windows Update for Business](update/waas-wufb-group-policy.md) -#### [Walkthrough: use Intune to configure Windows Update for Business](https://docs.microsoft.com/intune/windows-update-for-business-configure) -### Use Windows Server Update Services -#### [Deploy Windows 10 updates using Windows Server Update Services](update/waas-manage-updates-wsus.md) -#### [Enable FoD and language pack updates in Windows Update](update/fod-and-lang-packs.md) -### [Deploy Windows 10 updates using Microsoft Endpoint Configuration Manager](update/waas-manage-updates-configuration-manager.md) -### [Manage device restarts after updates](update/waas-restart.md) -### [Manage additional Windows Update settings](update/waas-wu-settings.md) -### [Determine the source of Windows updates](update/windows-update-sources.md) - +##### [Appendix: Information sent to Microsoft during activation [client]](volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md) \ No newline at end of file From ca7a8d3352f54863a9b2ce9e08e0371727bd0d44 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 3 Feb 2020 12:53:56 -0800 Subject: [PATCH 018/338] toc --- windows/deployment/TOC.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 57164b2217..94f764f5ee 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -2,9 +2,14 @@ ## [What's new in Windows 10 deployment](deploy-whats-new.md) ## [Windows as a service](update/windows-as-a-service.md) -## Get started +## Explore +### [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) ### [Deployment process posters](windows-10-deployment-posters.md) ### [Deploy Windows 10 with Microsoft 365](deploy-m365.md) +### Windows 10 deployment lab +#### [Windows 10 deployment test lab](windows-10-poc.md) +#### [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) +#### [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md) ## Plan for deployment ### [Windows 10 Enterprise FAQ for IT Pros](planning/windows-10-enterprise-faq-itpro.md) @@ -14,6 +19,8 @@ ## Deploy Windows 10 ### [Windows Autopilot](windows-autopilot/windows-autopilot.md) +### [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) +### [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) ### Subscription Activation #### [Windows 10 Subscription Activation](windows-10-subscription-activation.md) #### [Windows 10 Enterprise E3 in CSP](windows-10-enterprise-e3-overview.md) @@ -38,6 +45,9 @@ #### [Resolution procedures](upgrade/resolution-procedures.md) #### [Submit Windows 10 upgrade errors](upgrade/submit-errors.md) +### [Windows 10 in S mode](s-mode.md) +#### [Switch to Windows 10 Pro/Enterprise from S mode](windows-10-pro-in-s-mode.md) + #### [Volume Activation [client]](volume-activation/volume-activation-windows-10.md) ##### [Plan for volume activation [client]](volume-activation/plan-for-volume-activation-client.md) ##### [Activate using Key Management Service [client]](volume-activation/activate-using-key-management-service-vamt.md) From 00a4f8f28f7a091bcb82091baa4ed5a200662965 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 3 Feb 2020 15:36:45 -0800 Subject: [PATCH 019/338] landing page --- windows/deployment/index.md | 212 +++++++++++++++++++++++++++++++++++ windows/deployment/index.yml | 105 ----------------- 2 files changed, 212 insertions(+), 105 deletions(-) create mode 100644 windows/deployment/index.md delete mode 100644 windows/deployment/index.yml diff --git a/windows/deployment/index.md b/windows/deployment/index.md new file mode 100644 index 0000000000..13d58b54de --- /dev/null +++ b/windows/deployment/index.md @@ -0,0 +1,212 @@ +--- +layout: HubPage +hide_bc: false +description: Windows 10 deployment resources and documentation for admins & IT professionals +ms.author: greglin +author: greg-lindsay +ms.topic: hub-page +keywords: Windows 10 Enterprise, deploy, plan, test +localization_priority: Normal +audience: itpro +ms.prod: w10 +title: Windows 10 deployment resources and documentation for admins & IT professionals +description: Windows 10 deployment resources and documentation for admins & IT professionals +--- +
+
+

Windows 10 deployment resources and documentation

+

Learn how to test, plan, and deploy Windows 10 in your organization.

+

+ +
+
diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml deleted file mode 100644 index 4414c1e8fe..0000000000 --- a/windows/deployment/index.yml +++ /dev/null @@ -1,105 +0,0 @@ -### YamlMime:YamlDocument - -documentType: LandingData -title: Deploy and update Windows 10 -metadata: - document_id: - title: Deploy and update Windows 10 - description: Deploying and updating Windows 10 for IT professionals. - keywords: deploy, update, Windows, service, Microsoft365, e5, e3 - ms.localizationpriority: high - author: greg-lindsay - ms.author: greglin - manager: laurawi - ms.topic: article - ms.devlang: na - -sections: -- items: - - type: markdown - text: Learn about deployment of Windows 10 for IT professionals. This includes deploying the operating system, upgrading to it from previous versions and updating Windows 10. -- items: - - type: list - style: cards - className: cardsM - columns: 3 - items: - - href: windows-10-deployment-scenarios - html:

Understand the different ways that Windows 10 can be deployed

- image: - src: https://docs.microsoft.com/media/common/i_deploy.svg" - title: Windows 10 deployment scenarios - - href: update - html:

Update Windows 10 in the enterprise

- image: - src: https://docs.microsoft.com/media/common/i_upgrade.svg - title: Windows as a service - - href: windows-autopilot/windows-autopilot - html:

Windows Autopilot greatly simplifies deployment of Windows devices

- image: - src: https://docs.microsoft.com/media/common/i_delivery.svg - title: Windows Autopilot -- title: -- items: - - type: markdown - text: " -
- - - - - - - -
[Modern Desktop Deployment Center](https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home) Check out the new Modern Deskop Deployment Center and discover content to help you with your Windows 10 and Office 365 ProPlus deployments.
[What's new in Windows 10 deployment](deploy-whats-new.md) See this topic for a summary of new features and some recent changes related to deploying Windows 10 in your organization.
[Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) To successfully deploy the Windows 10 operating system in your organization, it is important to understand the different ways that it can be deployed, especially now that there are new scenarios to consider. Choosing among these scenarios, and understanding the key capabilities and limitations of each, is a key task.
[Windows Autopilot](windows-autopilot/windows-autopilot.md) Windows Autopilot enables an IT department to pre-configure new devices and repurpose existing devices with a simple process that requires little to no infrastructure.
[Windows 10 Subscription Activation](windows-10-subscription-activation.md) Windows 10 Enterprise has traditionally been sold as on premises software, however, with Windows 10 version 1703 (also known as the Creator’s Update), both Windows 10 Enterprise E3 and Windows 10 Enterprise E5 are available as true online services via subscription. You can move from Windows 10 Pro to Windows 10 Enterprise with no keys and no reboots. If you are using a Cloud Service Providers (CSP) see the related topic: [Windows 10 Enterprise E3 in CSP](windows-10-enterprise-e3-overview.md).
[Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) This topic provides a brief introduction to Windows 10 installation processes, and provides resolution procedures that IT administrators can use to resolve issues with Windows 10 upgrade.
- " -- title: Deploy Windows 10 -- items: - - type: markdown - text: " - Windows 10 upgrade options are discussed and information is provided about planning, testing, and managing your production deployment. -
 
- - - - - - - - - - - -
TopicDescription
[Overview of Windows Autopilot](windows-autopilot/windows-autopilot.md) Windows Autopilot deployment is a new cloud service from Microsoft that provides a zero touch experience for deploying Windows 10 devices.
[Windows 10 upgrade paths](upgrade/windows-10-upgrade-paths.md) This topic provides information about support for upgrading directly to Windows 10 from a previous operating system.
[Windows 10 edition upgrade](upgrade/windows-10-edition-upgrades.md) This topic provides information about support for upgrading from one edition of Windows 10 to another.
[Windows 10 volume license media](windows-10-media.md) This topic provides information about media available in the Microsoft Volume Licensing Service Center.
[Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) With Upgrade Readiness, enterprises now have the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With Windows diagnostic data enabled, Upgrade Readiness collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft. The Upgrade Readiness workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded.
[Windows 10 deployment test lab](windows-10-poc.md) This guide contains instructions to configure a proof of concept (PoC) environment requiring a minimum amount of resources. The guide makes extensive use of Windows PowerShell and Hyper-V. Subsequent companion guides contain steps to deploy Windows 10 using the PoC environment. After completing this guide, additional guides are provided to deploy Windows 10 in the test lab using [Microsoft Deployment Toolkit](windows-10-poc-mdt.md) or [System Center Configuration Manager](windows-10-poc-sc-config-mgr.md).
[Plan for Windows 10 deployment](planning/index.md) This section describes Windows 10 deployment considerations and provides information to assist in Windows 10 deployment planning.
[Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) This guide will walk you through the process of deploying Windows 10 in an enterprise environment using the Microsoft Deployment Toolkit (MDT).
[Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) If you have Microsoft System Center 2012 R2 Configuration Manager in your environment, you will most likely want to use it to deploy Windows 10. This topic will show you how to set up Configuration Manager for operating system deployment and how to integrate Configuration Manager with the Microsoft Deployment Toolkit (MDT) or.
[Windows 10 deployment tools](windows-10-deployment-tools-reference.md) Learn about available tools to deploy Windows 10, such as the Windows ADK, DISM, USMT, WDS, MDT, Windows PE and more.
- " -- title: Update Windows 10 -- items: - - type: markdown - text: " - Information is provided about keeping Windows 10 up-to-date. -
 
- - - - - - - - - - - - - - - -
TopicDescription
[Quick guide to Windows as a service](update/waas-quick-start.md) Provides a brief summary of the key points for the new servicing model for Windows 10.
[Overview of Windows as a service](update/waas-overview.md) Explains the differences in building, deploying, and servicing Windows 10; introduces feature updates, quality updates, and the different servicing branches; compares servicing tools.
[Prepare servicing strategy for Windows 10 updates](update/waas-servicing-strategy-windows-10-updates.md) Explains the decisions you need to make in your servicing strategy.
[Build deployment rings for Windows 10 updates](update/waas-deployment-rings-windows-10-updates.md) Explains how to make use of servicing branches and update deferrals to manage Windows 10 updates.
[Assign devices to servicing branches for Windows 10 updates](update/waas-servicing-branches-windows-10-updates.md) Explains how to assign devices to Current Branch (CB) or Current Branch for Business (CBB) for feature and quality updates, and how to enroll devices in Windows Insider.
[Monitor Windows Updates with Update Compliance](update/update-compliance-monitor.md) Explains how to use Windows Analytics: Update Compliance to monitor and manage Windows Updates on devices in your organization.
[Optimize update delivery for Windows 10 updates](update/waas-optimize-windows-10-updates.md) Explains the benefits of using Delivery Optimization or BranchCache for update distribution.
[Deploy updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile](update/waas-mobile-updates.md) Explains updates for Windows 10 Mobile Enterprise and Windows 10 IoT Mobile.
[Deploy updates using Windows Update for Business](update/waas-manage-updates-wufb.md) Explains how to use Windows Update for Business to manage when devices receive updates directly from Windows Update. Includes walkthroughs for configuring Windows Update for Business using Group Policy and Microsoft Intune.
[Deploy Windows 10 updates using Windows Server Update Services (WSUS)](update/waas-manage-updates-wsus.md) Explains how to use WSUS to manage Windows 10 updates.
[Deploy Windows 10 updates using System Center Configuration Manager](update/waas-manage-updates-configuration-manager.md) Explains how to use Configuration Manager to manage Windows 10 updates.
[Manage device restarts after updates](update/waas-restart.md) Explains how to manage update related device restarts.
[Manage additional Windows Update settings](update/waas-wu-settings.md) Provides details about settings available to control and configure Windows Update.
[Windows Insider Program for Business](update/waas-windows-insider-for-business.md) Explains how the Windows Insider Program for Business works and how to become an insider.
- " -- title: Additional topics -- items: - - type: markdown - text: " -
- [Upgrade a Windows Phone 8.1 to Windows 10 Mobile with Mobile Device Management](upgrade/upgrade-windows-phone-8-1-to-10.md) This topic describes how to upgrade eligible Windows Phone 8.1 devices to Windows 10 Mobile. - -  " From 5368a17ab75bd41eec411b4cd31a867ea09be37b Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 3 Feb 2020 15:51:01 -0800 Subject: [PATCH 020/338] landing page --- windows/deployment/index.md | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/windows/deployment/index.md b/windows/deployment/index.md index 13d58b54de..2c3bd0af80 100644 --- a/windows/deployment/index.md +++ b/windows/deployment/index.md @@ -72,11 +72,11 @@ description: Windows 10 deployment resources and documentation for admins & IT p
-

Manage security & compliance

-

Compliance solutions

-

Office 365 Security & Compliance

-

Identity & device access

-

Windows Defender ATP

+

Manage Windows 10 updates

+

Windows as a service

+

Prepare a servicing strategy

+

Optimize Windows 10 update delivery

+

Monitor Windows Updates

@@ -92,7 +92,7 @@ description: Windows 10 deployment resources and documentation for admins & IT p
-

Train your admins & users

+

Windows 10 and Microsoft 365

Microsoft 365

Office 365

Windows 10

@@ -112,7 +112,7 @@ description: Windows 10 deployment resources and documentation for admins & IT p
-

Manage Office 365

+

Microsoft Modern Desktop

Office 365 Enterprise

Office 365 Business

Office 365 ProPlus

@@ -131,7 +131,7 @@ description: Windows 10 deployment resources and documentation for admins & IT p
-

Manage Enterprise Mobility + Security

+

Reference documentation

Microsoft Cloud App Security

Microsoft Intune

Azure Active Directory

Azure Information Protection

@@ -155,10 +155,10 @@ description: Windows 10 deployment resources and documentation for admins & IT p
-

Develop for Microsoft 365

-

Office 365 Dev Center

-

Windows Dev Center

-

Microsoft Graph

+

Microsoft Surface

+

Surface devices

+

Surface Hub

+

Surface for Business

@@ -174,7 +174,8 @@ description: Windows 10 deployment resources and documentation for admins & IT p
-

Other Microsoft 365 products

+

Microsoft 365 products

+

Microsoft 365 Enterprise

Microsoft 365 Business

Microsoft 365 Education

From 2aa0f9c509e05e25248e35b7d552a5ed11130750 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 3 Feb 2020 15:53:40 -0800 Subject: [PATCH 021/338] landing page --- windows/deployment/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/index.md b/windows/deployment/index.md index 2c3bd0af80..1753da4263 100644 --- a/windows/deployment/index.md +++ b/windows/deployment/index.md @@ -196,7 +196,7 @@ description: Windows 10 deployment resources and documentation for admins & IT p

Need support?

Azure

Office 365

-

Windows 10

+

Windows 10

From 141240219650703217af50e9447c74f59f863d4b Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 3 Feb 2020 16:07:07 -0800 Subject: [PATCH 022/338] en-us --- windows/deployment/index.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/windows/deployment/index.md b/windows/deployment/index.md index 1753da4263..f7b26b31f0 100644 --- a/windows/deployment/index.md +++ b/windows/deployment/index.md @@ -55,7 +55,7 @@ description: Windows 10 deployment resources and documentation for admins & IT p

Deploy

Windows 10 deployment guides

-

FastTrack

+

FastTrack

Modern Desktop deployment

@@ -73,10 +73,10 @@ description: Windows 10 deployment resources and documentation for admins & IT p

Manage Windows 10 updates

-

Windows as a service

-

Prepare a servicing strategy

-

Optimize Windows 10 update delivery

-

Monitor Windows Updates

+

Windows as a service

+

Prepare a servicing strategy

+

Optimize Windows 10 update delivery

+

Monitor Windows Updates

@@ -156,9 +156,9 @@ description: Windows 10 deployment resources and documentation for admins & IT p

Microsoft Surface

-

Surface devices

-

Surface Hub

-

Surface for Business

+

Surface devices

+

Surface Hub

+

Surface for Business

@@ -175,7 +175,7 @@ description: Windows 10 deployment resources and documentation for admins & IT p

Microsoft 365 products

-

Microsoft 365 Enterprise

+

Microsoft 365 Enterprise

Microsoft 365 Business

Microsoft 365 Education

From dd0047eb4ea7b3118442b7edfe6501acefe1fceb Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 10 Feb 2020 10:31:54 -0800 Subject: [PATCH 023/338] something --- .../surface/surface-dock-firmware-update.md | 72 +++++++++++-------- 1 file changed, 43 insertions(+), 29 deletions(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index dc3e5b41f0..d5e58e4a5f 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -5,41 +5,58 @@ ms.localizationpriority: medium ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -author: dansimp -ms.author: dansimp +author: greg-lindsay +ms.author: greglin ms.topic: article -ms.date: 10/09/2019 ms.reviewer: scottmca manager: dansimp ms.audience: itpro --- # Microsoft Surface Dock Firmware Update -This article explains how to use Microsoft Surface Dock Firmware Update, newly redesigned to update Surface Dock firmware while running in the background on your Surface device. Once installed, it will update any Surface Dock attached to your Surface device. +This article explains how to use Microsoft Surface Dock Firmware Update to update Surface Dock firmware. When installed on your Surface device, it will update any Surface Dock attached to your Surface device. The file is released in the following naming format: **Surface_Dock_FwUpdate_X.XX.XXX_Win10_XXXXX_XX.XXX.XXXXX_X.MSI** (ex: Surface_Dock_FwUpdate_1.42.139_Win10_17134_19.084.31680_0.msi) and installs by default to C:\Program Files\SurfaceUpdate. -> [!NOTE] ->Microsoft Surface Dock Firmware Update supersedes the earlier Microsoft Surface Dock Updater tool, previously available for download as part of Surface Tools for IT. It was named Surface_Dock_Updater_vx.xx.xxx.x.msi (where x indicates the version of the tool). The earlier tool has been retired, is no longer available for download, and should not be used. +Microsoft Surface Dock Firmware Update supersedes the earlier Microsoft Surface Dock Updater tool, previously available for download as part of Surface Tools for IT. It was named Surface_Dock_Updater_vx.xx.xxx.x.msi (where x indicates the version of the tool). The earlier tool has been retired, is no longer available for download, and should not be used. -## To run Surface Dock Firmware Update +> [!IMPORTANT] +>Microsoft periodically releases new versions of Surface Dock Firmware Update. The MSI file is not self-updating. If you have deployed the MSI to Surface devices and a new version of the firmware is released, you will need to deploy the new version. + +## Monitor the Surface Dock Firmare Update + +>The procedures in this section provide an overview of how to monitor installation of the firmware update. This section is optional. + +For more detailed information about monitoring the update process, see the following sections in this article: + - [How to verify completion of firmware update](#how-to-verify-completion-of-the-firmware-update) + - [Event logging](#event-logging) + - [Troubleshooting tips](#troubleshooting-tips) + - [Versions reference](#versions-reference) + +To monitor the update: + +1. Open Event Viewer, browse to **Windows Logs > Application**, and then under **Actions** in the right-hand pane click **Filter Current Log**, enter **SurfaceDockFwUpdate** next to **Event sources**, and then click **OK**. +2. Type the following command at an elevated command prompt: + + ```cmd + Reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters" + ``` +3. Install the update as described in the next section. +4. Event 2007 with the following text indicates a successful update: **Firmware update finished. hr=0 DriverTelementry EventCode = 2007**. + - If the update is not successful, then event ID 2007 will be displayed as an **Error** event rather than **Information**. Additionally, the version reported in the Windows Registry will not be current. +5. When the update is complete, you will see the following DWORD values will be displayed in the Windows Registry: + - Component10CurrentFwVersion 0x04ac3970 (78395760) + - Component20CurrentFwVersion 0x04915a70 (76634736) + +>Note: If you see "The description for Event ID xxxx from source SurfaceDockFwUpdate cannot be found" in event text, this is expected and can be ignored. + +## Run the Surface Dock firmware update + +This section describes how to install the firmware update. 1. Download and install [Microsoft Surface Dock Firmware Update](https://www.microsoft.com/download/details.aspx?id=46703). - - The file is released in the following naming format: **Surface_Dock_FwUpdate_X.XX.XXX_Win10_XXXXX_XX.XXX.XXXXX_X.MSI** and installs by default to C:\Program Files\SurfaceUpdate. - - Requires Surface devices running at least Windows 10 version 1803 or later. + - The update requires a Surface device running Windows 10, version 1803 or later. + - Installing the MSI file may prompt you to restart Surface. However, restarting is not required to perform the update. -2. After you connect Surface Dock to your Surface device, the tool checks the firmware status while running in the background. - -4. After several seconds, disconnect your Surface Dock from your device and then wait for 5 seconds before reconnecting. The Surface Dock Firmware Update will normally update the dock silently in background after you disconnect from the dock and reconnect. The process can take a few minutes to complete and will continue even if interrupted. - -### Manual installation -If preferred, you can manually complete the update as follows: - -- Reconnect your Surface Dock for 2 minutes and then disconnect it from your device. The DisplayPort firmware update will be installed while the hardware is disconnected. The LED in the Ethernet port of the dock will blink while the update is in progress. Please wait until the LED stops blinking before you unplug your Surface Dock from power. - -> [!NOTE] -> -> - Manually installing the MSI file may prompt you to restart Surface; however, restarting is optional and not required. -> - You will need to disconnect and reconnect the dock twice before the update fully completes. -> - To create a log file, specify the path in the Msiexec command. For example, append /l*v %windir%\logs\ SurfaceDockFWI.log". +2. Disconnect your Surface device from the Surface Dock (using the power adapter), wait 5 seconds, and then reconnect. The Surface Dock Firmware Update will update the dock silently in background. The process can take a few minutes to complete and will continue even if interrupted. ## Network deployment @@ -48,7 +65,7 @@ You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firm - **Msiexec.exe /i /quiet /norestart** > [!NOTE] -> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]" +> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i /l*v %windir%\logs\ SurfaceDockFWI.log" For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. @@ -56,12 +73,13 @@ For more information, refer to [Command line options](https://docs.microsoft.com > If you want to keep your Surface Dock updated using any other method, refer to [Update your Surface Dock](https://support.microsoft.com/help/4023478/surface-update-your-surface-dock) for details. ## Intune deployment + You can use Intune to distribute Surface Dock Firmware Update to your devices. First you will need to convert the MSI file to the .intunewin format, as described in the following documentation: [Intune Standalone - Win32 app management](https://docs.microsoft.com/intune/apps/apps-win32-app-management). Use the following command: - **msiexec /i /quiet /q** -## How to verify completion of firmware update +## How to verify completion of the firmware update Surface dock firmware consists of two components: @@ -117,10 +135,6 @@ Events are logged in the Application Event Log. Note: Earlier versions of this - Ensure that the Surface Dock is disconnected, and then allow enough time for the update to complete as monitored via an LED in the Ethernet port of the dock. Wait until the LED stops blinking before you unplug Surface Dock from power. - Connect the Surface Dock to a different device to see if it is able to update the dock. -## Changes and updates - -Microsoft periodically releases new versions of Surface Dock Firmware Update.Note that the MSI file is not self-updating. If you have deployed the MSI to Surface devices and a new version of the firmware is released, you will need to deploy the new version of the MSI. - ## Versions reference ### Version 1.42.139 *Release Date: September 18 2019* From 15ed7b7a98ab190589b598771c406fcff9739465 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 10 Feb 2020 10:33:34 -0800 Subject: [PATCH 024/338] something --- .../surface/surface-dock-firmware-update.md | 221 ------------------ 1 file changed, 221 deletions(-) delete mode 100644 devices/surface/surface-dock-firmware-update.md diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md deleted file mode 100644 index d5e58e4a5f..0000000000 --- a/devices/surface/surface-dock-firmware-update.md +++ /dev/null @@ -1,221 +0,0 @@ ---- -title: Microsoft Surface Dock Firmware Update -description: This article explains how to use Microsoft Surface Dock Firmware Update, newly redesigned to update Surface Dock firmware while running in the background on your Surface device. -ms.localizationpriority: medium -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.reviewer: scottmca -manager: dansimp -ms.audience: itpro ---- -# Microsoft Surface Dock Firmware Update - -This article explains how to use Microsoft Surface Dock Firmware Update to update Surface Dock firmware. When installed on your Surface device, it will update any Surface Dock attached to your Surface device. The file is released in the following naming format: **Surface_Dock_FwUpdate_X.XX.XXX_Win10_XXXXX_XX.XXX.XXXXX_X.MSI** (ex: Surface_Dock_FwUpdate_1.42.139_Win10_17134_19.084.31680_0.msi) and installs by default to C:\Program Files\SurfaceUpdate. - -Microsoft Surface Dock Firmware Update supersedes the earlier Microsoft Surface Dock Updater tool, previously available for download as part of Surface Tools for IT. It was named Surface_Dock_Updater_vx.xx.xxx.x.msi (where x indicates the version of the tool). The earlier tool has been retired, is no longer available for download, and should not be used. - -> [!IMPORTANT] ->Microsoft periodically releases new versions of Surface Dock Firmware Update. The MSI file is not self-updating. If you have deployed the MSI to Surface devices and a new version of the firmware is released, you will need to deploy the new version. - -## Monitor the Surface Dock Firmare Update - ->The procedures in this section provide an overview of how to monitor installation of the firmware update. This section is optional. - -For more detailed information about monitoring the update process, see the following sections in this article: - - [How to verify completion of firmware update](#how-to-verify-completion-of-the-firmware-update) - - [Event logging](#event-logging) - - [Troubleshooting tips](#troubleshooting-tips) - - [Versions reference](#versions-reference) - -To monitor the update: - -1. Open Event Viewer, browse to **Windows Logs > Application**, and then under **Actions** in the right-hand pane click **Filter Current Log**, enter **SurfaceDockFwUpdate** next to **Event sources**, and then click **OK**. -2. Type the following command at an elevated command prompt: - - ```cmd - Reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters" - ``` -3. Install the update as described in the next section. -4. Event 2007 with the following text indicates a successful update: **Firmware update finished. hr=0 DriverTelementry EventCode = 2007**. - - If the update is not successful, then event ID 2007 will be displayed as an **Error** event rather than **Information**. Additionally, the version reported in the Windows Registry will not be current. -5. When the update is complete, you will see the following DWORD values will be displayed in the Windows Registry: - - Component10CurrentFwVersion 0x04ac3970 (78395760) - - Component20CurrentFwVersion 0x04915a70 (76634736) - ->Note: If you see "The description for Event ID xxxx from source SurfaceDockFwUpdate cannot be found" in event text, this is expected and can be ignored. - -## Run the Surface Dock firmware update - -This section describes how to install the firmware update. - -1. Download and install [Microsoft Surface Dock Firmware Update](https://www.microsoft.com/download/details.aspx?id=46703). - - The update requires a Surface device running Windows 10, version 1803 or later. - - Installing the MSI file may prompt you to restart Surface. However, restarting is not required to perform the update. - -2. Disconnect your Surface device from the Surface Dock (using the power adapter), wait 5 seconds, and then reconnect. The Surface Dock Firmware Update will update the dock silently in background. The process can take a few minutes to complete and will continue even if interrupted. - -## Network deployment - -You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firmware Update to multiple devices across your network. When using Microsoft Endpoint Configuration Manager or other deployment tool, enter the following syntax to ensure the installation is silent: - -- **Msiexec.exe /i /quiet /norestart** - -> [!NOTE] -> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i /l*v %windir%\logs\ SurfaceDockFWI.log" - -For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. - -> [!IMPORTANT] -> If you want to keep your Surface Dock updated using any other method, refer to [Update your Surface Dock](https://support.microsoft.com/help/4023478/surface-update-your-surface-dock) for details. - -## Intune deployment - -You can use Intune to distribute Surface Dock Firmware Update to your devices. First you will need to convert the MSI file to the .intunewin format, as described in the following documentation: [Intune Standalone - Win32 app management](https://docs.microsoft.com/intune/apps/apps-win32-app-management). - -Use the following command: - - **msiexec /i /quiet /q** - -## How to verify completion of the firmware update - -Surface dock firmware consists of two components: - -- **Component10:** Micro controller unit (MCU) firmware -- **Component20:** Display port (DP) firmware. - -Successful completion of Surface Dock Firmware Update results in new registry key values for these firmware components. - -**To verify updates:** - -1. Open Regedit and navigate to the following registry path: - -- **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** - -2. Look for the registry keys: **Component10CurrentFwVersion and Component20CurrentFwVersion**, which refer to the firmware that is currently on the device. - - ![Surface Dock Firmware Update installation process](images/regeditDock.png) - -3. Verify the new registry key values match the updated registry key values listed in the Versions reference at the end of this document. If the values match, the firmware was updated successfully. - -4. If unable to verify, review Event logging and Troubleshooting tips in the next section. - -## Event logging - -**Table 1. Log files for Surface Dock Firmware Update** - -| Log | Location | Notes | -| -------------------------------- | --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Surface Dock Firmware Update log | Path needs to be specified (see note) | Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater. | -| Windows Device Install log | %windir%\inf\setupapi.dev.log | For more information about using Device Install Log, refer to [SetupAPI Logging](https://docs.microsoft.com/windows-hardware/drivers/install/setupapi-logging--windows-vista-and-later-) documentation. | - - -**Table 2. Event log IDs for Surface Dock Firmware Update**
-Events are logged in the Application Event Log. Note: Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater. - -| Event ID | Event type | -| -------- | -------------------------------------------------------------------- | -| 2001 | Dock firmware update has started. | -| 2002 | Dock firmware update skipped because dock is known to be up to date. | -| 2003 | Dock firmware update failed to get firmware version. | -| 2004 | Querying the firmware version. | -| 2005 | Dock firmware failed to start update. | -| 2006 | Failed to send offer/payload pairs. | -| 2007 | Firmware update finished. | -| 2008 | BEGIN dock telemetry. | -| 2011 | END dock telemetry. | - -## Troubleshooting tips - -- Completely disconnect power for Surface dock from the AC power to reset the Surface Dock. -- Disconnect all peripherals except for the Surface Dock. -- Uninstall any current Surface Dock Firmware Update and then install the latest version. -- Ensure that the Surface Dock is disconnected, and then allow enough time for the update to complete as monitored via an LED in the Ethernet port of the dock. Wait until the LED stops blinking before you unplug Surface Dock from power. -- Connect the Surface Dock to a different device to see if it is able to update the dock. - -## Versions reference -### Version 1.42.139 -*Release Date: September 18 2019* - -This version, contained in Surface_Dock_FwUpdate_1.42.139_Win10_17134_19.084.31680_0.MSI, updates firmware in the background. -**Updated registry key values:**
- -- Component10CurrentFwVersion updated to **4ac3970**. -- Component20CurrentFwVersion updated to **4a1d570**. - -It adds support for Surface Pro 7 and Surface Laptop 3. - -## Legacy versions - -### Version 2.23.139.0 -*Release Date: 10 October 2018* - -This version of Surface Dock Updater adds support for the following: - -- Add support for Surface Pro 6 -- Add support for Surface Laptop 2 - - -### Version 2.22.139.0 -*Release Date: 26 July 2018* - -This version of Surface Dock Updater adds support for the following: - -- Increase update reliability -- Add support for Surface Go - -### Version 2.12.136.0 -*Release Date: 29 January 2018* - -This version of Surface Dock Updater adds support for the following: -* Update for Surface Dock Main Chipset Firmware -* Update for Surface Dock DisplayPort Firmware -* Improved display stability for external displays when used with Surface Book or Surface Book 2 - -Additionally, installation of this version of Surface Dock Updater on Surface Book devices includes the following: -* Update for Surface Book Base Firmware -* Added support for Surface Dock firmware updates with improvements targeted to Surface Book devices - - -### Version 2.9.136.0 -*Release date: November 3, 2017* - -This version of Surface Dock Updater adds support for the following: - -* Update for Surface Dock DisplayPort Firmware -* Resolves an issue with audio over passive display port adapters - -### Version 2.1.15.0 -*Release date: June 19, 2017* - -This version of Surface Dock Updater adds support for the following: - -* Surface Laptop -* Surface Pro - -### Version 2.1.6.0 -*Release date: April 7, 2017* - -This version of Surface Dock Updater adds support for the following: - -* Update for Surface Dock DisplayPort firmware -* Requires Windows 10 - -### Version 2.0.22.0 -*Release date: October 21, 2016* - -This version of Surface Dock Updater adds support for the following: - -* Update for Surface Dock USB firmware -* Improved reliability of Ethernet, audio, and USB ports - -### Version 1.0.8.0 -*Release date: April 26, 2016* - -This version of Surface Dock Updater adds support for the following: - -* Update for Surface Dock Main Chipset firmware -* Update for Surface Dock DisplayPort firmware - From 0b040e73c76a5b74c3abd5126d04ca4de0b5c8d1 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 10 Feb 2020 10:34:30 -0800 Subject: [PATCH 025/338] something --- .../surface/surface-dock-firmware-update.md | 207 ++++++++++++++++++ 1 file changed, 207 insertions(+) create mode 100644 devices/surface/surface-dock-firmware-update.md diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md new file mode 100644 index 0000000000..dc3e5b41f0 --- /dev/null +++ b/devices/surface/surface-dock-firmware-update.md @@ -0,0 +1,207 @@ +--- +title: Microsoft Surface Dock Firmware Update +description: This article explains how to use Microsoft Surface Dock Firmware Update, newly redesigned to update Surface Dock firmware while running in the background on your Surface device. +ms.localizationpriority: medium +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +author: dansimp +ms.author: dansimp +ms.topic: article +ms.date: 10/09/2019 +ms.reviewer: scottmca +manager: dansimp +ms.audience: itpro +--- +# Microsoft Surface Dock Firmware Update + +This article explains how to use Microsoft Surface Dock Firmware Update, newly redesigned to update Surface Dock firmware while running in the background on your Surface device. Once installed, it will update any Surface Dock attached to your Surface device. + +> [!NOTE] +>Microsoft Surface Dock Firmware Update supersedes the earlier Microsoft Surface Dock Updater tool, previously available for download as part of Surface Tools for IT. It was named Surface_Dock_Updater_vx.xx.xxx.x.msi (where x indicates the version of the tool). The earlier tool has been retired, is no longer available for download, and should not be used. + +## To run Surface Dock Firmware Update + +1. Download and install [Microsoft Surface Dock Firmware Update](https://www.microsoft.com/download/details.aspx?id=46703). + - The file is released in the following naming format: **Surface_Dock_FwUpdate_X.XX.XXX_Win10_XXXXX_XX.XXX.XXXXX_X.MSI** and installs by default to C:\Program Files\SurfaceUpdate. + - Requires Surface devices running at least Windows 10 version 1803 or later. + +2. After you connect Surface Dock to your Surface device, the tool checks the firmware status while running in the background. + +4. After several seconds, disconnect your Surface Dock from your device and then wait for 5 seconds before reconnecting. The Surface Dock Firmware Update will normally update the dock silently in background after you disconnect from the dock and reconnect. The process can take a few minutes to complete and will continue even if interrupted. + +### Manual installation +If preferred, you can manually complete the update as follows: + +- Reconnect your Surface Dock for 2 minutes and then disconnect it from your device. The DisplayPort firmware update will be installed while the hardware is disconnected. The LED in the Ethernet port of the dock will blink while the update is in progress. Please wait until the LED stops blinking before you unplug your Surface Dock from power. + +> [!NOTE] +> +> - Manually installing the MSI file may prompt you to restart Surface; however, restarting is optional and not required. +> - You will need to disconnect and reconnect the dock twice before the update fully completes. +> - To create a log file, specify the path in the Msiexec command. For example, append /l*v %windir%\logs\ SurfaceDockFWI.log". + +## Network deployment + +You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firmware Update to multiple devices across your network. When using Microsoft Endpoint Configuration Manager or other deployment tool, enter the following syntax to ensure the installation is silent: + +- **Msiexec.exe /i /quiet /norestart** + +> [!NOTE] +> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]" + +For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. + +> [!IMPORTANT] +> If you want to keep your Surface Dock updated using any other method, refer to [Update your Surface Dock](https://support.microsoft.com/help/4023478/surface-update-your-surface-dock) for details. + +## Intune deployment +You can use Intune to distribute Surface Dock Firmware Update to your devices. First you will need to convert the MSI file to the .intunewin format, as described in the following documentation: [Intune Standalone - Win32 app management](https://docs.microsoft.com/intune/apps/apps-win32-app-management). + +Use the following command: + - **msiexec /i /quiet /q** + +## How to verify completion of firmware update + +Surface dock firmware consists of two components: + +- **Component10:** Micro controller unit (MCU) firmware +- **Component20:** Display port (DP) firmware. + +Successful completion of Surface Dock Firmware Update results in new registry key values for these firmware components. + +**To verify updates:** + +1. Open Regedit and navigate to the following registry path: + +- **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** + +2. Look for the registry keys: **Component10CurrentFwVersion and Component20CurrentFwVersion**, which refer to the firmware that is currently on the device. + + ![Surface Dock Firmware Update installation process](images/regeditDock.png) + +3. Verify the new registry key values match the updated registry key values listed in the Versions reference at the end of this document. If the values match, the firmware was updated successfully. + +4. If unable to verify, review Event logging and Troubleshooting tips in the next section. + +## Event logging + +**Table 1. Log files for Surface Dock Firmware Update** + +| Log | Location | Notes | +| -------------------------------- | --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Surface Dock Firmware Update log | Path needs to be specified (see note) | Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater. | +| Windows Device Install log | %windir%\inf\setupapi.dev.log | For more information about using Device Install Log, refer to [SetupAPI Logging](https://docs.microsoft.com/windows-hardware/drivers/install/setupapi-logging--windows-vista-and-later-) documentation. | + + +**Table 2. Event log IDs for Surface Dock Firmware Update**
+Events are logged in the Application Event Log. Note: Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater. + +| Event ID | Event type | +| -------- | -------------------------------------------------------------------- | +| 2001 | Dock firmware update has started. | +| 2002 | Dock firmware update skipped because dock is known to be up to date. | +| 2003 | Dock firmware update failed to get firmware version. | +| 2004 | Querying the firmware version. | +| 2005 | Dock firmware failed to start update. | +| 2006 | Failed to send offer/payload pairs. | +| 2007 | Firmware update finished. | +| 2008 | BEGIN dock telemetry. | +| 2011 | END dock telemetry. | + +## Troubleshooting tips + +- Completely disconnect power for Surface dock from the AC power to reset the Surface Dock. +- Disconnect all peripherals except for the Surface Dock. +- Uninstall any current Surface Dock Firmware Update and then install the latest version. +- Ensure that the Surface Dock is disconnected, and then allow enough time for the update to complete as monitored via an LED in the Ethernet port of the dock. Wait until the LED stops blinking before you unplug Surface Dock from power. +- Connect the Surface Dock to a different device to see if it is able to update the dock. + +## Changes and updates + +Microsoft periodically releases new versions of Surface Dock Firmware Update.Note that the MSI file is not self-updating. If you have deployed the MSI to Surface devices and a new version of the firmware is released, you will need to deploy the new version of the MSI. + +## Versions reference +### Version 1.42.139 +*Release Date: September 18 2019* + +This version, contained in Surface_Dock_FwUpdate_1.42.139_Win10_17134_19.084.31680_0.MSI, updates firmware in the background. +**Updated registry key values:**
+ +- Component10CurrentFwVersion updated to **4ac3970**. +- Component20CurrentFwVersion updated to **4a1d570**. + +It adds support for Surface Pro 7 and Surface Laptop 3. + +## Legacy versions + +### Version 2.23.139.0 +*Release Date: 10 October 2018* + +This version of Surface Dock Updater adds support for the following: + +- Add support for Surface Pro 6 +- Add support for Surface Laptop 2 + + +### Version 2.22.139.0 +*Release Date: 26 July 2018* + +This version of Surface Dock Updater adds support for the following: + +- Increase update reliability +- Add support for Surface Go + +### Version 2.12.136.0 +*Release Date: 29 January 2018* + +This version of Surface Dock Updater adds support for the following: +* Update for Surface Dock Main Chipset Firmware +* Update for Surface Dock DisplayPort Firmware +* Improved display stability for external displays when used with Surface Book or Surface Book 2 + +Additionally, installation of this version of Surface Dock Updater on Surface Book devices includes the following: +* Update for Surface Book Base Firmware +* Added support for Surface Dock firmware updates with improvements targeted to Surface Book devices + + +### Version 2.9.136.0 +*Release date: November 3, 2017* + +This version of Surface Dock Updater adds support for the following: + +* Update for Surface Dock DisplayPort Firmware +* Resolves an issue with audio over passive display port adapters + +### Version 2.1.15.0 +*Release date: June 19, 2017* + +This version of Surface Dock Updater adds support for the following: + +* Surface Laptop +* Surface Pro + +### Version 2.1.6.0 +*Release date: April 7, 2017* + +This version of Surface Dock Updater adds support for the following: + +* Update for Surface Dock DisplayPort firmware +* Requires Windows 10 + +### Version 2.0.22.0 +*Release date: October 21, 2016* + +This version of Surface Dock Updater adds support for the following: + +* Update for Surface Dock USB firmware +* Improved reliability of Ethernet, audio, and USB ports + +### Version 1.0.8.0 +*Release date: April 26, 2016* + +This version of Surface Dock Updater adds support for the following: + +* Update for Surface Dock Main Chipset firmware +* Update for Surface Dock DisplayPort firmware + From c56240770d9772c5a122f242120d9674983712d5 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Feb 2020 15:33:32 -0800 Subject: [PATCH 026/338] 01 --- windows/deployment/TOC.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 9f3665c21e..8e3b350ec4 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -1,8 +1,8 @@ -# [Deploy and update Windows 10](https://docs.microsoft.com/windows/deployment) -## [What's new in Windows 10 deployment](deploy-whats-new.md) -## [Windows as a service](update/windows-as-a-service.md) +# [Windows 10 deployment resources and documentation](https://docs.microsoft.com/windows/deployment) ## Explore +### [What's new in Windows 10 deployment](deploy-whats-new.md) +### [Windows as a service](update/windows-as-a-service.md) ### [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) ### [Deployment process posters](windows-10-deployment-posters.md) ### [Deploy Windows 10 with Microsoft 365](deploy-m365.md) From 573cb3bc871b51fac744e7ed4f67bd2f41c1e0b0 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Feb 2020 15:37:42 -0800 Subject: [PATCH 027/338] 01 --- windows/deployment/index.md | 213 ----------------------------------- windows/deployment/index.yml | 103 +++++++++++++++++ 2 files changed, 103 insertions(+), 213 deletions(-) delete mode 100644 windows/deployment/index.md create mode 100644 windows/deployment/index.yml diff --git a/windows/deployment/index.md b/windows/deployment/index.md deleted file mode 100644 index f7b26b31f0..0000000000 --- a/windows/deployment/index.md +++ /dev/null @@ -1,213 +0,0 @@ ---- -layout: HubPage -hide_bc: false -description: Windows 10 deployment resources and documentation for admins & IT professionals -ms.author: greglin -author: greg-lindsay -ms.topic: hub-page -keywords: Windows 10 Enterprise, deploy, plan, test -localization_priority: Normal -audience: itpro -ms.prod: w10 -title: Windows 10 deployment resources and documentation for admins & IT professionals -description: Windows 10 deployment resources and documentation for admins & IT professionals ---- -
-
-

Windows 10 deployment resources and documentation

-

Learn how to test, plan, and deploy Windows 10 in your organization.

-

- -
-
diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml new file mode 100644 index 0000000000..c1c4afa954 --- /dev/null +++ b/windows/deployment/index.yml @@ -0,0 +1,103 @@ +### YamlMime:Landing + +title: Microsoft 365 security documentation # < 60 chars +summary: Learn about the robust security solutions and services in Microsoft 365 Security so that you can better protect your enterprise across attack surfaces. # < 160 chars + +metadata: + title: Microsoft 365 security documentation # Required; page title displayed in search results. Include the brand. < 60 chars. + description: Learn about the robust security solutions and services in Microsoft 365 Security so that you can better protect your enterprise across attack surfaces # Required; article description that is displayed in search results. < 160 chars. + services: office-365-security-compliance + ms.service: O365-seccomp #Required; service per approved list. service slug assigned to your service by ACOM. + ms.subservice: subservice + ms.topic: landing-page # Required + ms.collection: m365-security-compliance + author: mjcaparas #Required; your GitHub user alias, with correct capitalization. + ms.author: macapara #Required; microsoft alias of author; optional team alias. + ms.date: 09/13/2019 #Required; mm/dd/yyyy format. + localization_priority: Priority + +# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new + +landingContent: +# Cards and links should be based on top customer tasks or top subjects +# Start card title with a verb + # Card (optional) + - title: Microsoft Threat Protection + linkLists: + - linkListType: overview + links: + - text: What is Microsoft Threat Protection? + url: mtp/microsoft-threat-protection.md + - text: Microsoft 365 security center + url: mtp/overview-security-center.md + + # Card (optional) + - title: Microsoft Defender ATP + linkLists: + - linkListType: overview + links: + - text: What is Microsoft Defender ATP? + url: https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection + - text: Overview of capabilities + url: https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview + + # Card + - title: Office 365 ATP + linkLists: + - linkListType: overview + links: + - text: What is Office 365 ATP? + url: office-365-security/office-365-atp.md + - text: Office 365 ATP service description + url: https://docs.microsoft.com/office365/servicedescriptions/office-365-advanced-threat-protection-service-description + + # Card + - title: Azure ATP + linkLists: + - linkListType: overview + links: + - text: What is Azure ATP? + url: https://docs.microsoft.com/azure-advanced-threat-protection/what-is-atp + - text: Azure ATP architecture + url: https://docs.microsoft.com/azure-advanced-threat-protection/atp-architecture + + # Card (optional) + - title: Azure Security Center + linkLists: + - linkListType: overview + links: + - text: What is Azure Security Center? + url: https://docs.microsoft.com/azure/security-center/security-center-intro + - text: Supported features + url: https://docs.microsoft.com/azure/security-center/security-center-services + + # Card + - title: Microsoft Cloud App Security + linkLists: + - linkListType: overview + links: + - text: What is Microsoft Cloud App Security? + url: https://docs.microsoft.com/cloud-app-security/what-is-cloud-app-security + - text: Get started with Microsoft Cloud App Security + url: https://docs.microsoft.com/cloud-app-security/getting-started-with-cloud-app-security + + # Card + - title: Azure Sentinel (Preview) + linkLists: + - linkListType: overview + links: + - text: What is Azure Sentinel? (Preview) + url: https://docs.microsoft.com/azure/sentinel/overview + + # Card + - title: Security management + linkLists: + - linkListType: overview + links: + - text: Secure score + url: mtp/microsoft-secure-score.md + + + + + From 4f84ff37882ee5f5fc9204163ae26ec98fb3761d Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Feb 2020 15:53:08 -0800 Subject: [PATCH 028/338] 02 --- windows/deployment/TOC.md | 58 -------------------------------------- windows/deployment/TOC.yml | 24 ++++++++++++++++ 2 files changed, 24 insertions(+), 58 deletions(-) delete mode 100644 windows/deployment/TOC.md create mode 100644 windows/deployment/TOC.yml diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md deleted file mode 100644 index 8e3b350ec4..0000000000 --- a/windows/deployment/TOC.md +++ /dev/null @@ -1,58 +0,0 @@ -# [Windows 10 deployment resources and documentation](https://docs.microsoft.com/windows/deployment) - -## Explore -### [What's new in Windows 10 deployment](deploy-whats-new.md) -### [Windows as a service](update/windows-as-a-service.md) -### [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) -### [Deployment process posters](windows-10-deployment-posters.md) -### [Deploy Windows 10 with Microsoft 365](deploy-m365.md) -### Windows 10 deployment lab -#### [Windows 10 deployment test lab](windows-10-poc.md) -#### [Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit](windows-10-poc-mdt.md) -#### [Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager](windows-10-poc-sc-config-mgr.md) - -## Plan for deployment -### [Windows 10 Enterprise FAQ for IT Pros](planning/windows-10-enterprise-faq-itpro.md) -### [Windows 10 deployment considerations](planning/windows-10-deployment-considerations.md) -### [Windows 10 compatibility](planning/windows-10-compatibility.md) -### [Windows 10 infrastructure requirements](planning/windows-10-infrastructure-requirements.md) - -## Deploy Windows 10 -### [Windows Autopilot](windows-autopilot/windows-autopilot.md) -### [Deploy Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md) -### [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](deploy-windows-sccm/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md) -### Subscription Activation -#### [Windows 10 Subscription Activation](windows-10-subscription-activation.md) -#### [Windows 10 Enterprise E3 in CSP](windows-10-enterprise-e3-overview.md) -#### [Configure VDA for Subscription Activation](vda-subscription-activation.md) -#### [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md) - -## Manage Windows 10 updates -### [Windows as a service - introduction](update/windows-as-a-service.md) -### [Quick guide to Windows as a service](update/waas-quick-start.md) -### [Servicing stack updates](update/servicing-stack-updates.md) -### [Overview of Windows as a service](update/waas-overview.md) - -## Reference -### Resolve upgrade errors -#### [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) -#### [Quick fixes](upgrade\quick-fixes.md) -#### [SetupDiag](upgrade/setupdiag.md) -#### [Troubleshooting upgrade errors](upgrade/troubleshoot-upgrade-errors.md) -#### [Windows error reporting](upgrade/windows-error-reporting.md) -#### [Upgrade error codes](upgrade/upgrade-error-codes.md) -#### [Log files](upgrade/log-files.md) -#### [Resolution procedures](upgrade/resolution-procedures.md) -#### [Submit Windows 10 upgrade errors](upgrade/submit-errors.md) - -### [Windows 10 in S mode](s-mode.md) -#### [Switch to Windows 10 Pro/Enterprise from S mode](windows-10-pro-in-s-mode.md) - -#### [Volume Activation [client]](volume-activation/volume-activation-windows-10.md) -##### [Plan for volume activation [client]](volume-activation/plan-for-volume-activation-client.md) -##### [Activate using Key Management Service [client]](volume-activation/activate-using-key-management-service-vamt.md) -##### [Activate using Active Directory-based activation [client]](volume-activation/activate-using-active-directory-based-activation-client.md) -##### [Activate clients running Windows 10](volume-activation/activate-windows-10-clients-vamt.md) -##### [Monitor activation [client]](volume-activation/monitor-activation-client.md) -##### [Use the Volume Activation Management Tool [client]](volume-activation/use-the-volume-activation-management-tool-client.md) -##### [Appendix: Information sent to Microsoft during activation [client]](volume-activation/appendix-information-sent-to-microsoft-during-activation-client.md) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml new file mode 100644 index 0000000000..964e1e0e9c --- /dev/null +++ b/windows/deployment/TOC.yml @@ -0,0 +1,24 @@ +- name: Windows 10 deployment resources and documentation + href: index.yml + items: + - name: Explore + items: + - name: Windows 10 deployment scenarios + href: windows-10-deployment-scenarios.md + - name: H2 + href: windows-10-deployment-scenarios.md + items: + - name: H3 + href: windows-10-deployment-scenarios.md + items: + - name: H4 + href: windows-10-deployment-scenarios.md + items: + - name: H5 + href: windows-10-deployment-scenarios.md + items: + - name: H6 + href: windows-10-deployment-scenarios.md + items: + - name: H7 + href: windows-10-deployment-scenarios.md \ No newline at end of file From f3d5b830ad6d20ac6b85d1e86b2f3623f42fe228 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 12 Feb 2020 16:19:13 -0800 Subject: [PATCH 029/338] 02 --- windows/deployment/TOC.yml | 7 ++---- windows/deployment/index.yml | 47 ++++++++++++------------------------ 2 files changed, 18 insertions(+), 36 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 964e1e0e9c..50a3a04cfb 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -9,16 +9,13 @@ href: windows-10-deployment-scenarios.md items: - name: H3 - href: windows-10-deployment-scenarios.md items: - name: H4 - href: windows-10-deployment-scenarios.md items: - name: H5 - href: windows-10-deployment-scenarios.md items: - name: H6 - href: windows-10-deployment-scenarios.md items: - name: H7 - href: windows-10-deployment-scenarios.md \ No newline at end of file + items: + - name: foo diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index c1c4afa954..c9d7ffcd89 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -1,20 +1,20 @@ ### YamlMime:Landing -title: Microsoft 365 security documentation # < 60 chars -summary: Learn about the robust security solutions and services in Microsoft 365 Security so that you can better protect your enterprise across attack surfaces. # < 160 chars +title: Windows 10 deployment resources and documentation # < 60 chars +summary: Learn about deploying Windows 10 and keeping it up to date in your organization. # < 160 chars metadata: - title: Microsoft 365 security documentation # Required; page title displayed in search results. Include the brand. < 60 chars. - description: Learn about the robust security solutions and services in Microsoft 365 Security so that you can better protect your enterprise across attack surfaces # Required; article description that is displayed in search results. < 160 chars. - services: office-365-security-compliance - ms.service: O365-seccomp #Required; service per approved list. service slug assigned to your service by ACOM. + title: Windows 10 deployment resources and documentation # Required; page title displayed in search results. Include the brand. < 60 chars. + description: Learn about deploying Windows 10 and keeping it up to date in your organization. # Required; article description that is displayed in search results. < 160 chars. + services: windows-10 + ms.service: windows-10 #Required; service per approved list. service slug assigned to your service by ACOM. ms.subservice: subservice ms.topic: landing-page # Required - ms.collection: m365-security-compliance - author: mjcaparas #Required; your GitHub user alias, with correct capitalization. - ms.author: macapara #Required; microsoft alias of author; optional team alias. + ms.collection: windows-10 + author: greg-lindsay #Required; your GitHub user alias, with correct capitalization. + ms.author: greglin #Required; microsoft alias of author; optional team alias. ms.date: 09/13/2019 #Required; mm/dd/yyyy format. - localization_priority: Priority + localization_priority: medium # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new @@ -22,7 +22,7 @@ landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb # Card (optional) - - title: Microsoft Threat Protection + - title: Plan for deployment linkLists: - linkListType: overview links: @@ -32,7 +32,7 @@ landingContent: url: mtp/overview-security-center.md # Card (optional) - - title: Microsoft Defender ATP + - title: Deploy Windows 10 linkLists: - linkListType: overview links: @@ -42,7 +42,7 @@ landingContent: url: https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview # Card - - title: Office 365 ATP + - title: Update Windows 10 linkLists: - linkListType: overview links: @@ -52,7 +52,7 @@ landingContent: url: https://docs.microsoft.com/office365/servicedescriptions/office-365-advanced-threat-protection-service-description # Card - - title: Azure ATP + - title: Troubleshooting linkLists: - linkListType: overview links: @@ -62,7 +62,7 @@ landingContent: url: https://docs.microsoft.com/azure-advanced-threat-protection/atp-architecture # Card (optional) - - title: Azure Security Center + - title: Tools linkLists: - linkListType: overview links: @@ -72,7 +72,7 @@ landingContent: url: https://docs.microsoft.com/azure/security-center/security-center-services # Card - - title: Microsoft Cloud App Security + - title: Lab guides linkLists: - linkListType: overview links: @@ -81,21 +81,6 @@ landingContent: - text: Get started with Microsoft Cloud App Security url: https://docs.microsoft.com/cloud-app-security/getting-started-with-cloud-app-security - # Card - - title: Azure Sentinel (Preview) - linkLists: - - linkListType: overview - links: - - text: What is Azure Sentinel? (Preview) - url: https://docs.microsoft.com/azure/sentinel/overview - - # Card - - title: Security management - linkLists: - - linkListType: overview - links: - - text: Secure score - url: mtp/microsoft-secure-score.md From a194121b240637c00740f1c7c64b9b3c62fdc7e9 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 13 Feb 2020 11:00:46 -0800 Subject: [PATCH 030/338] starting to build toc --- windows/deployment/TOC.yml | 48 +++++++++++++++++++++++++++----------- 1 file changed, 35 insertions(+), 13 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 50a3a04cfb..77d73ed44b 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -5,17 +5,39 @@ items: - name: Windows 10 deployment scenarios href: windows-10-deployment-scenarios.md - - name: H2 - href: windows-10-deployment-scenarios.md + - name: Deployment test lab items: - - name: H3 - items: - - name: H4 - items: - - name: H5 - items: - - name: H6 - items: - - name: H7 - items: - - name: foo + - name: Windows 10 deployment test lab + href: windows-10-deployment-scenarios.md + - name: Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit + href: windows-10-poc-mdt.md + - name: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager + href: windows-10-poc-sc-config-mgr.md + + - name: Plan + items: + - name: item1 + href: file1.md + - name: item2 + href: file2.md + + - name: Deploy Windows 10 + items: + - name: item1 + href: file1.md + - name: item2 + href: file2.md + + - name: Manage Windows 10 updates + items: + - name: item1 + href: file1.md + - name: item2 + href: file2.md + + - name: Reference + items: + - name: item1 + href: file1.md + - name: item2 + href: file2.md \ No newline at end of file From 3d72ae59ec20d3a1e0beba78fbecf495d7e87c9a Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 13 Feb 2020 11:40:17 -0800 Subject: [PATCH 031/338] toc --- windows/deployment/TOC.yml | 36 ++++++++++++++++++++++++------------ windows/deployment/file1.md | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+), 12 deletions(-) create mode 100644 windows/deployment/file1.md diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 77d73ed44b..6c2a689ec8 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -5,6 +5,8 @@ items: - name: Windows 10 deployment scenarios href: windows-10-deployment-scenarios.md + - name: Windows as a service + href: file1.md - name: Deployment test lab items: - name: Windows 10 deployment test lab @@ -16,28 +18,38 @@ - name: Plan items: - - name: item1 + - name: Windows 10 deployment considerations + href: file1.md + - name: Windows update resources + href: file1.md + - name: Features removed or planned for replacement href: file1.md - - name: item2 - href: file2.md - name: Deploy Windows 10 items: - - name: item1 + - name: Deploy with Windows Autopilot + href: file1.md + - name: Deploy with Configuration Manager + href: file1.md + - name: Deploy with Microsoft Deployment Toolkit href: file1.md - - name: item2 - href: file2.md - name: Manage Windows 10 updates items: - - name: item1 + - name: Manage with Configuration Manager + href: file1.md + - name: Manage with Group Policy + href: file1.md + - name: Manage with WSUS + href: file1.md + - name: Monitor updates href: file1.md - - name: item2 - href: file2.md - name: Reference items: - - name: item1 + - name: Windows 10 upgrade paths href: file1.md - - name: item2 - href: file2.md \ No newline at end of file + - name: Windows 10 edition upgrade + href: file1.md + - name: Windows 10 in S mode + href: file1.md \ No newline at end of file diff --git a/windows/deployment/file1.md b/windows/deployment/file1.md new file mode 100644 index 0000000000..44279dc9af --- /dev/null +++ b/windows/deployment/file1.md @@ -0,0 +1,32 @@ +--- +title: Configure a test lab to deploy Windows 10 +ms.reviewer: +manager: laurawi +ms.audience: itpro +author: greg-lindsay +description: Concepts and procedures for deploying Windows 10 in a proof of concept lab environment. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +keywords: deployment, automate, tools, configure, mdt, sccm +ms.localizationpriority: medium +audience: itpro +author: greg-lindsay +ms.topic: article +--- + +# Step by step guide: Configure a test lab to deploy Windows 10 + +**Applies to** + +- Windows 10 + +This is a placeholder file to be deleted. + + + + + + + From 0d9f01a6a975d116dd3eeed1d9f04faa56e243fa Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 13 Feb 2020 12:37:31 -0800 Subject: [PATCH 032/338] toc --- windows/deployment/index.yml | 87 +++++++++++++++++++++--------------- 1 file changed, 50 insertions(+), 37 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index c9d7ffcd89..218ea980fa 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -1,7 +1,7 @@ ### YamlMime:Landing title: Windows 10 deployment resources and documentation # < 60 chars -summary: Learn about deploying Windows 10 and keeping it up to date in your organization. # < 160 chars +summary: Learn about deploying and and keeping Windows 10 up to date. # < 160 chars metadata: title: Windows 10 deployment resources and documentation # Required; page title displayed in search results. Include the brand. < 60 chars. @@ -22,64 +22,77 @@ landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb # Card (optional) - - title: Plan for deployment + - title: Get started linkLists: - linkListType: overview links: - - text: What is Microsoft Threat Protection? - url: mtp/microsoft-threat-protection.md - - text: Microsoft 365 security center - url: mtp/overview-security-center.md - + - text: What's new? + url: file1.md + - text: Deployment scenarios + url: file1.md + - text: Windows as a service + url: file1.md + + # Card (optional) + - title: Prepare for deployment + linkLists: + - linkListType: overview + links: + - text: Assess your current environment + url: file1.md + - text: Choose a deployment method + url: file1.md + - text: Design an update strategy + url: file1.md + # Card (optional) - title: Deploy Windows 10 linkLists: - linkListType: overview links: - - text: What is Microsoft Defender ATP? - url: https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection - - text: Overview of capabilities - url: https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview + - text: Deploy Windows 10 + url: file1.md + - text: Deploy Windows 10 updates + url: file1.md + - text: Monitor your deployment + url: file1.md # Card - - title: Update Windows 10 + - title: Monitor and manage updates linkLists: - linkListType: overview links: - - text: What is Office 365 ATP? - url: office-365-security/office-365-atp.md - - text: Office 365 ATP service description - url: https://docs.microsoft.com/office365/servicedescriptions/office-365-advanced-threat-protection-service-description + - text: Monitor Windows 10 updates + url: file1.md + - text: Manage updates + url: file1.md + - text: Optimize update delivery + url: file1.md # Card - - title: Troubleshooting + - title: Troubleshooting resources linkLists: - linkListType: overview links: - - text: What is Azure ATP? - url: https://docs.microsoft.com/azure-advanced-threat-protection/what-is-atp - - text: Azure ATP architecture - url: https://docs.microsoft.com/azure-advanced-threat-protection/atp-architecture - - # Card (optional) - - title: Tools - linkLists: - - linkListType: overview - links: - - text: What is Azure Security Center? - url: https://docs.microsoft.com/azure/security-center/security-center-intro - - text: Supported features - url: https://docs.microsoft.com/azure/security-center/security-center-services + - text: Resolve upgrade errors + url: file1.md + - text: Troubleshoot Windows Update + url: file1.md + - text: Troubleshoot Windows Autopilot + url: file1.md - # Card - - title: Lab guides + # Card (optional) + - title: Additional resources linkLists: - linkListType: overview links: - - text: What is Microsoft Cloud App Security? - url: https://docs.microsoft.com/cloud-app-security/what-is-cloud-app-security - - text: Get started with Microsoft Cloud App Security - url: https://docs.microsoft.com/cloud-app-security/getting-started-with-cloud-app-security + - text: Windows 10 release information + url: file1.md + - text: What's new in Windows 10 + url: file1.md + - text: Desktop Deployment Center + url: https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home + From 40aa595d96c0e61dcbf9f0447e29528931432368 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 13 Feb 2020 12:45:23 -0800 Subject: [PATCH 033/338] toc --- windows/deployment/TOC.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 6c2a689ec8..12479ddab4 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -18,11 +18,11 @@ - name: Plan items: - - name: Windows 10 deployment considerations + - name: Plan your Windows 10 deployment href: file1.md - - name: Windows update resources + - name: Plan an update management strategy href: file1.md - - name: Features removed or planned for replacement + - name: Review application compatibility href: file1.md - name: Deploy Windows 10 From 39140540bc62e448adbd615336248356577dacc5 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 13 Feb 2020 15:18:33 -0800 Subject: [PATCH 034/338] generalize landing page --- windows/deployment/index.yml | 50 ++++++++++++++++++------------------ 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index 218ea980fa..1ad83ae3ad 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -22,76 +22,76 @@ landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb # Card (optional) - - title: Get started + - title: Title1 linkLists: - linkListType: overview links: - - text: What's new? + - text: Article1a url: file1.md - - text: Deployment scenarios + - text: Article1b url: file1.md - text: Windows as a service - url: file1.md + url: Article1c # Card (optional) - - title: Prepare for deployment + - title: Title2 linkLists: - linkListType: overview links: - - text: Assess your current environment + - text: Article2a url: file1.md - - text: Choose a deployment method + - text: Article2b url: file1.md - - text: Design an update strategy + - text: Article2c url: file1.md # Card (optional) - - title: Deploy Windows 10 + - title: Title3 linkLists: - linkListType: overview links: - - text: Deploy Windows 10 + - text: Article3a url: file1.md - - text: Deploy Windows 10 updates + - text: Article3b url: file1.md - - text: Monitor your deployment + - text: Article3c url: file1.md # Card - - title: Monitor and manage updates + - title: Title4 linkLists: - linkListType: overview links: - - text: Monitor Windows 10 updates + - text: Article4a url: file1.md - - text: Manage updates + - text: Article4b url: file1.md - - text: Optimize update delivery + - text: Article4c url: file1.md # Card - - title: Troubleshooting resources + - title: Title5 linkLists: - linkListType: overview links: - - text: Resolve upgrade errors + - text: Article5a url: file1.md - - text: Troubleshoot Windows Update + - text: Article5b url: file1.md - - text: Troubleshoot Windows Autopilot + - text: Article5c url: file1.md # Card (optional) - - title: Additional resources + - title: Title6 linkLists: - linkListType: overview links: - - text: Windows 10 release information + - text: Article6a url: file1.md - - text: What's new in Windows 10 + - text: Article6b + url: file1.md + - text: Article6c url: file1.md - - text: Desktop Deployment Center - url: https://docs.microsoft.com/microsoft-365/enterprise/desktop-deployment-center-home From 95eaf992f37e027f2163dfe2c0be09caf54a77c9 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 13 Feb 2020 16:00:55 -0800 Subject: [PATCH 035/338] toc update --- windows/deployment/TOC.yml | 40 +++++++++++++++++++++++--------------- 1 file changed, 24 insertions(+), 16 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 12479ddab4..879ca23d6b 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -1,20 +1,22 @@ - name: Windows 10 deployment resources and documentation href: index.yml items: - - name: Explore + - name: Get started items: - - name: Windows 10 deployment scenarios - href: windows-10-deployment-scenarios.md - - name: Windows as a service + - name: Deployment tools and methods href: file1.md - - name: Deployment test lab + - name: Understand Windows as a service + href: file1.md + - name: Calendar of operations + href: file1.md + - name: Deployment test lab items: - name: Windows 10 deployment test lab - href: windows-10-deployment-scenarios.md + href: file1.md - name: Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit - href: windows-10-poc-mdt.md + href: file1.md - name: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager - href: windows-10-poc-sc-config-mgr.md + href: file1.md - name: Plan items: @@ -36,14 +38,20 @@ - name: Manage Windows 10 updates items: - - name: Manage with Configuration Manager - href: file1.md - - name: Manage with Group Policy - href: file1.md - - name: Manage with WSUS - href: file1.md - - name: Monitor updates - href: file1.md + - name: Manage updates locally + items: + - name: Manage updates with WSUS + href: file1.md + - name: Manage updates using images + href: file1.md + - name: Manage updates from the cloud + items: + - name: Manage updates with Configuration Manager + href: file1.md + - name: Manage updates with Intune + href: file1.md + - name: Manage with Group Policy + href: file1.md - name: Reference items: From 5260a1043190ad58c1847c6206a5c77d0700cc4b Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Fri, 14 Feb 2020 16:34:35 -0800 Subject: [PATCH 036/338] toc update --- windows/deployment/TOC.yml | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 879ca23d6b..92ae98ee15 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -1,13 +1,15 @@ - name: Windows 10 deployment resources and documentation href: index.yml items: + - name: What's new in Windows 10 deployment + href: file1.md - name: Get started items: - name: Deployment tools and methods href: file1.md - - name: Understand Windows as a service + - name: Deployment process posters href: file1.md - - name: Calendar of operations + - name: Windows as a service href: file1.md - name: Deployment test lab items: @@ -21,7 +23,23 @@ - name: Plan items: - name: Plan your Windows 10 deployment - href: file1.md + items: + - name: Windows 10 compatibility + href: file1.md + - name: Windows 10 infrastructure requirements + href: file1.md + - name: Windows 10 volume license media + href: file1.md + - name: Plan for volume activation + href: file1.md + - name: Features removed or planned for replacement + items: + - name: Windows 10 features lifecycle + href: file1.md + - name: Features we're no longer developing + href: file1.md + - name: Features we removed + href: file1.md - name: Plan an update management strategy href: file1.md - name: Review application compatibility From cfe2c09231e79921cd962ca5eb0b5de13fc2c248 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Fri, 14 Feb 2020 20:52:07 -0800 Subject: [PATCH 037/338] update --- windows/deployment/index.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index 1ad83ae3ad..76995cff39 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -30,8 +30,8 @@ landingContent: url: file1.md - text: Article1b url: file1.md - - text: Windows as a service - url: Article1c + - text: Article1c + url: file1.md # Card (optional) - title: Title2 From 275dbeaaecdf63eb641e379b39d8b966427f33c3 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 19 Feb 2020 09:32:25 -0800 Subject: [PATCH 038/338] toc update --- windows/deployment/TOC.yml | 62 ++++++++++++++++++++++++++++++++------ 1 file changed, 53 insertions(+), 9 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 92ae98ee15..7fde2915a3 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -1,16 +1,18 @@ - name: Windows 10 deployment resources and documentation href: index.yml items: - - name: What's new in Windows 10 deployment - href: file1.md - name: Get started items: + - name: What's new in Windows 10 deployment + href: file1.md - name: Deployment tools and methods href: file1.md - name: Deployment process posters href: file1.md - name: Windows as a service - href: file1.md + items: + - name: Recommended calendar of operations + href: file1.md - name: Deployment test lab items: - name: Windows 10 deployment test lab @@ -40,10 +42,26 @@ href: file1.md - name: Features we removed href: file1.md - - name: Plan an update management strategy - href: file1.md - - name: Review application compatibility - href: file1.md + - name: Plan your update strategy + items: + - name: Plan image-based management + href: file1.md + - name: Plan cloud (Waas management) + items: + - name: Designate rings, channels, and policies + href: file1.md + - name: Chooose a delivery optimization strategy + href: file1.md + - name: Choose a monitoring approach + href: file1.md + - name: Assess apps + items: + - name: With Desktop Analytics + href: file1.md + - name: By other means + href: file1.md + - name: Other prep activities + href: file1.md - name: Deploy Windows 10 items: @@ -65,11 +83,37 @@ - name: Manage updates from the cloud items: - name: Manage updates with Configuration Manager - href: file1.md + items: + - name: Set up rings, channels, optimization, polices + href: file1.md + - name: Perform a pilot deployment + href: file1.md + - name: Perform a broad deployment + href: file1.md - name: Manage updates with Intune - href: file1.md + items: + - name: Set up rings, channels, optimization, polices + href: file1.md + - name: Perform a pilot deployment + href: file1.md + - name: Perform a broad deployment + href: file1.md - name: Manage with Group Policy + items: + - name: Set up rings, channels, optimization, polices + href: file1.md + - name: Perform a pilot deployment + href: file1.md + - name: Perform a broad deployment + href: file1.md + - name: Monitor updates + items: + - name: Monitor updates with Update Compliance href: file1.md + - name: Monitor updates with Desktop Analytics + href: file1.md + - name: Monitor Delivery Optimization + href: file1.md - name: Reference items: From b67dfe83ee47d8a3e4a4bb9eb6c5e78b9b038f40 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 19 Feb 2020 11:57:00 -0800 Subject: [PATCH 039/338] toc update --- windows/deployment/TOC.yml | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 7fde2915a3..74b7af91c7 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -3,6 +3,8 @@ items: - name: Get started items: + - name: Learn about Windows 10 (new) + href: file1.md - name: What's new in Windows 10 deployment href: file1.md - name: Deployment tools and methods @@ -11,7 +13,7 @@ href: file1.md - name: Windows as a service items: - - name: Recommended calendar of operations + - name: Recommended calendar of operations (new) href: file1.md - name: Deployment test lab items: @@ -44,8 +46,6 @@ href: file1.md - name: Plan your update strategy items: - - name: Plan image-based management - href: file1.md - name: Plan cloud (Waas management) items: - name: Designate rings, channels, and policies @@ -62,6 +62,8 @@ href: file1.md - name: Other prep activities href: file1.md + - name: Plan image-based management + href: file1.md - name: Deploy Windows 10 items: @@ -74,12 +76,6 @@ - name: Manage Windows 10 updates items: - - name: Manage updates locally - items: - - name: Manage updates with WSUS - href: file1.md - - name: Manage updates using images - href: file1.md - name: Manage updates from the cloud items: - name: Manage updates with Configuration Manager @@ -106,6 +102,12 @@ href: file1.md - name: Perform a broad deployment href: file1.md + - name: Manage updates locally + items: + - name: Manage updates with WSUS + href: file1.md + - name: Manage updates using images + href: file1.md - name: Monitor updates items: - name: Monitor updates with Update Compliance From ae7cd1ee87e1e7296c2a005599a171cbde4e6f93 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 10:35:09 -0800 Subject: [PATCH 040/338] TOC update --- windows/deployment/TOC.yml | 332 +++++++++++++++++++++++++++++++++++-- 1 file changed, 319 insertions(+), 13 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 74b7af91c7..986344a5cd 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -19,9 +19,9 @@ items: - name: Windows 10 deployment test lab href: file1.md - - name: Deploy Windows 10 in a test lab using Microsoft Deployment Toolkit + - name: Deploy Windows 10 in a test lab using MDT href: file1.md - - name: Deploy Windows 10 in a test lab using Microsoft Endpoint Configuration Manager + - name: Deploy Windows 10 in a test lab using Configuration Manager href: file1.md - name: Plan @@ -46,7 +46,7 @@ href: file1.md - name: Plan your update strategy items: - - name: Plan cloud (Waas management) + - name: Plan cloud management items: - name: Designate rings, channels, and policies href: file1.md @@ -54,13 +54,13 @@ href: file1.md - name: Choose a monitoring approach href: file1.md - - name: Assess apps + - name: Assess apps (new) items: - name: With Desktop Analytics href: file1.md - - name: By other means + - name: By other means (new) href: file1.md - - name: Other prep activities + - name: Other prep activities (new) href: file1.md - name: Plan image-based management href: file1.md @@ -82,7 +82,7 @@ items: - name: Set up rings, channels, optimization, polices href: file1.md - - name: Perform a pilot deployment + - name: Perform a pilot deployment (new) href: file1.md - name: Perform a broad deployment href: file1.md @@ -90,7 +90,7 @@ items: - name: Set up rings, channels, optimization, polices href: file1.md - - name: Perform a pilot deployment + - name: Perform a pilot deployment (new) href: file1.md - name: Perform a broad deployment href: file1.md @@ -98,7 +98,7 @@ items: - name: Set up rings, channels, optimization, polices href: file1.md - - name: Perform a pilot deployment + - name: Perform a pilot deployment (new) href: file1.md - name: Perform a broad deployment href: file1.md @@ -118,10 +118,316 @@ href: file1.md - name: Reference - items: + items: - name: Windows 10 upgrade paths href: file1.md - - name: Windows 10 edition upgrade + - name: Windows 10 edition upgrade href: file1.md - - name: Windows 10 in S mode - href: file1.md \ No newline at end of file + - name: Deploy Windows 10 with Microsoft 365 + href: file1.md + - name: Subscription Activation + items: + - name: Windows 10 Subscription Activation + href: file1.md + - name: Windows 10 Enterprise E3 in CSP + href: file1.md + - name: Configure VDA for Subscription Activation + href: file1.md + - name: Deploy Windows 10 Enterprise licenses + href: file1.md + - name: Resolve upgrade errors + items: + - name: Resolve Windows 10 upgrade errors + href: file1.md + - name: Quick fixes + href: file1.md + - name: SetupDiag + href: file1.md + - name: Troubleshooting upgrade errors + href: file1.md + - name: Windows error reporting + href: file1.md + - name: Upgrade error codes + href: file1.md + - name: Log files + href: file1.md + - name: Resolution procedures + href: file1.md + - name: Submit Windows 10 upgrade errors + href: file1.md + - name: How Windows Update works (new) + href: file1.md + - name: Additional Windows Update settings + href: file1.md + - name: Delivery Optimization reference + href: file1.md + + - name: Windows 10 deployment tools + items: + - name: Windows 10 deployment scenarios and tools + items: + - name: Convert MBR partition to GPT + - name: Configure a PXE server to load Windows PE + - name: Windows ADK for Windows 10 scenarios for IT Pros + - name: Windows To Go + items: + - name: Deploy Windows To Go in your organization + href: file1.md + - name: Feature overview + items: + - name: Windows To Go - feature overview + href: file1.md + - name: Best practice recommendations for Windows To Go + href: file1.md + - name: Deployment considerations for Windows To Go + href: file1.md + - name: Prepare your organization for Windows To Go + href: file1.md + - name: Security and data protection considerations for Windows To Go + href: file1.md + - name: Windows To Go - frequently asked questions + href: file1.md + + - name: Volume Activation Management Tool (VAMT) technical reference + items: + - name: VAMT technical reference + href: file1.md + - name: Introduction to VAMT + href: file1.md + - name: Active Directory-Based Activation Overview + href: file1.md + - name: Install and Configure VAMT + href: file1.md + - name: VAMT Requirements + href: file1.md + - name: Install VAMT + href: file1.md + - name: Configure Client Computers + href: file1.md + - name: Add and Manage Products + href: file1.md + - name: Add and Remove Computers + href: file1.md + - name: Update Product Status + href: file1.md + - name: Remove Products + href: file1.md + - name: Manage Product Keys + href: file1.md + - name: Add and Remove a Product Key + href: file1.md + - name: Install a Product Key + href: file1.md + - name: Install a KMS Client Key + href: file1.md + - name: Manage Activations + href: file1.md + - name: Perform Online Activation + href: file1.md + - name: Perform Proxy Activation + href: file1.md + - name: Perform KMS Activation + href: file1.md + - name: Perform Local Reactivation + href: file1.md + - name: Activate an Active Directory Forest Online + href: file1.md + - name: Activate by Proxy an Active Directory Forest + href: file1.md + - name: Manage VAMT Data + href: file1.md + - name: Import and Export VAMT Data + href: file1.md + - name: Use VAMT in Windows PowerShell + href: file1.md + - name: VAMT Step-by-Step Scenarios + href: file1.md + - name: Scenario 1: Online Activation + href: file1.md + - name: Scenario 2: Proxy Activation + href: file1.md + - name: Scenario 3: KMS Client Activation + href: file1.md + - name: VAMT Known Issues + href: file1.md + + - name: User State Migration Tool (USMT) technical reference + items: + - name: USMT overview topics + items: + - name: USMT overview + href: file1.md + - name: Getting started with the USMT + href: file1.md + - name: Windows upgrade and migration considerations + href: file1.md + - name: USMT How-to topics + items: + - name: Exclude Files and Settings + href: file1.md + - name: Extract Files from a Compressed USMT Migration Store + href: file1.md + - name: Include Files and Settings + href: file1.md + - name: Migrate Application Settings + href: file1.md + - name: Migrate EFS Files and Certificates + href: file1.md + - name: Migrate User Accounts + href: file1.md + - name: Reroute Files and Settings + href: file1.md + - name: Verify the Condition of a Compressed Migration Store + href: file1.md + - name: USMT Troubleshooting + href: file1.md + - name: Common Issues + href: file1.md + - name: Frequently Asked Questions + href: file1.md + - name: Log Files + href: file1.md + - name: Return Codes + href: file1.md + - name: USMT Resources + href: file1.md + + - name: USMT Reference + items: + - name: USMT Requirements + href: file1.md + - name: USMT Best Practices + href: file1.md + - name: How USMT Works + href: file1.md + - name: Plan Your Migration + href: file1.md + - name: Common Migration Scenarios + href: file1.md + - name: What Does USMT Migrate? + href: file1.md + - name: Choose a Migration Store Type + href: file1.md + - name: Migration Store Types Overview + href: file1.md + - name: Estimate Migration Store Size + href: file1.md + - name: Hard-Link Migration Store + href: file1.md + - name: Migration Store Encryption + href: file1.md + - name: Determine What to Migrate + href: file1.md + - name: Determine What to Migrate + href: file1.md + - name: Identify Applications Settings + href: file1.md + - name: Identify Operating System Settings + href: file1.md + - name: Identify File Types, Files, and Folders + href: file1.md + - name: Test Your Migration + href: file1.md + - name: USMT Command-line Syntax + href: file1.md + - name: ScanState Syntax + href: file1.md + - name: LoadState Syntax + href: file1.md + - name: UsmtUtils Syntax + href: file1.md + - name: USMT XML Reference + href: file1.md + - name: Understanding Migration XML Files + href: file1.md + - name: Config.xml File + href: file1.md + - name: Customize USMT XML Files + href: file1.md + - name: Custom XML Examples + href: file1.md + - name: Conflicts and Precedence + href: file1.md + - name: General Conventions + href: file1.md + - name: XML File Requirements + href: file1.md + - name: Recognized Environment Variables + href: file1.md + - name: XML Elements Library + href: file1.md + - name: Offline Migration Reference + href: file1.md + + - name: Application Compatibility Toolkit (ACT) Technical Reference + items: + - name: SUA User's Guide + href: file1.md + - name: Using the SUA Wizard + href: file1.md + - name: Using the SUA Tool + href: file1.md + - name: Tabs on the SUA Tool Interface + href: file1.md + - name: Showing Messages Generated by the SUA Tool + href: file1.md + - name: Applying Filters to Data in the SUA Tool + href: file1.md + - name: Fixing Applications by Using the SUA Tool + href: file1.md + - name: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista + href: file1.md + - name: Compatibility Administrator User's Guide + href: file1.md + - name: Using the Compatibility Administrator Tool + href: file1.md + - name: Available Data Types and Operators in Compatibility Administrator + href: file1.md + - name: Searching for Fixed Applications in Compatibility Administrator + href: file1.md + - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator + href: file1.md + - name: Creating a Custom Compatibility Fix in Compatibility Administrator + href: file1.md + - name: Creating a Custom Compatibility Mode in Compatibility Administrator + href: file1.md + - name: Creating an AppHelp Message in Compatibility Administrator + href: file1.md + - name: Viewing the Events Screen in Compatibility Administrator + href: file1.md + - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator + href: file1.md + - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator + href: file1.md + - name: Managing Application-Compatibility Fixes and Custom Fix Databases + href: file1.md + - name: Understanding and Using Compatibility Fixes + href: file1.md + - name: Compatibility Fix Database Management Strategies and Deployment + href: file1.md + - name: Testing Your Application Mitigation Packages + href: file1.md + - name: Using the Sdbinst.exe Command-Line Tool + href: file1.md + - name: Volume Activation [client] + href: file1.md + - name: Plan for volume activation [client] + href: file1.md + - name: Activate using Key Management Service [client] + href: file1.md + - name: Activate using Active Directory-based activation [client] + href: file1.md + - name: Activate clients running Windows 10 + href: file1.md + - name: Monitor activation [client] + href: file1.md + - name: Use the Volume Activation Management Tool [client] + href: file1.md + - name: Appendix: Information sent to Microsoft during activation [client] + href: file1.md + - name: Windows 10 in S mode + items: + - name: Switch to Windows 10 Pro/Enterprise from S mode + href: file1.md + - name: Install fonts in Windows 10 + href: file1.md \ No newline at end of file From 0687c34d3f951c519cde38d34ab1e87cf423ced4 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 10:49:50 -0800 Subject: [PATCH 041/338] TOC update --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 986344a5cd..e616b75d13 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -191,7 +191,7 @@ - name: Volume Activation Management Tool (VAMT) technical reference items: - name: VAMT technical reference - href: file1.md + href: file1.md - name: Introduction to VAMT href: file1.md - name: Active Directory-Based Activation Overview From 119a508b2a32b54645cb3096a72a0a4e31d2ed91 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 11:05:03 -0800 Subject: [PATCH 042/338] remove colons --- windows/deployment/TOC.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index e616b75d13..ba7635b511 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -242,11 +242,11 @@ href: file1.md - name: VAMT Step-by-Step Scenarios href: file1.md - - name: Scenario 1: Online Activation + - name: Scenario 1 - Online Activation href: file1.md - - name: Scenario 2: Proxy Activation + - name: Scenario 2 - Proxy Activation href: file1.md - - name: Scenario 3: KMS Client Activation + - name: Scenario 3 - KMS Client Activation href: file1.md - name: VAMT Known Issues href: file1.md @@ -423,7 +423,7 @@ href: file1.md - name: Use the Volume Activation Management Tool [client] href: file1.md - - name: Appendix: Information sent to Microsoft during activation [client] + - name: Appendix - Information sent to Microsoft during activation [client] href: file1.md - name: Windows 10 in S mode items: From 54b5103c167588b3fc6c79419c310cca376eb780 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 11:10:05 -0800 Subject: [PATCH 043/338] use quotes for titles with colons --- windows/deployment/TOC.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index ba7635b511..462e56c54b 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -175,7 +175,7 @@ href: file1.md - name: Feature overview items: - - name: Windows To Go - feature overview + - name: "Windows To Go: feature overview" href: file1.md - name: Best practice recommendations for Windows To Go href: file1.md @@ -185,7 +185,7 @@ href: file1.md - name: Security and data protection considerations for Windows To Go href: file1.md - - name: Windows To Go - frequently asked questions + - name: "Windows To Go: frequently asked questions" href: file1.md - name: Volume Activation Management Tool (VAMT) technical reference @@ -242,11 +242,11 @@ href: file1.md - name: VAMT Step-by-Step Scenarios href: file1.md - - name: Scenario 1 - Online Activation + - name: "Scenario 1: Online Activation" href: file1.md - - name: Scenario 2 - Proxy Activation + - name: "Scenario 2: Proxy Activation" href: file1.md - - name: Scenario 3 - KMS Client Activation + - name: "Scenario 3: KMS Client Activation" href: file1.md - name: VAMT Known Issues href: file1.md @@ -423,7 +423,7 @@ href: file1.md - name: Use the Volume Activation Management Tool [client] href: file1.md - - name: Appendix - Information sent to Microsoft during activation [client] + - name: "Appendix: Information sent to Microsoft during activation [client]"" href: file1.md - name: Windows 10 in S mode items: From 36f3046239d824a49e1db7d9886671b34edf53a2 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 11:31:30 -0800 Subject: [PATCH 044/338] fix some indents --- windows/deployment/TOC.yml | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 462e56c54b..61cc965e45 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -125,6 +125,18 @@ href: file1.md - name: Deploy Windows 10 with Microsoft 365 href: file1.md + - name: How Windows Update works (new) + href: file1.md + - name: Additional Windows Update settings + href: file1.md + - name: Delivery Optimization reference + href: file1.md + - name: Windows 10 in S mode + items: + - name: Windows 10 in S mode overview + href: file1.md + - name: Switch to Windows 10 Pro/Enterprise from S mode + href: file1.md - name: Subscription Activation items: - name: Windows 10 Subscription Activation @@ -155,12 +167,7 @@ href: file1.md - name: Submit Windows 10 upgrade errors href: file1.md - - name: How Windows Update works (new) - href: file1.md - - name: Additional Windows Update settings - href: file1.md - - name: Delivery Optimization reference - href: file1.md + - name: Windows 10 deployment tools items: @@ -423,11 +430,8 @@ href: file1.md - name: Use the Volume Activation Management Tool [client] href: file1.md - - name: "Appendix: Information sent to Microsoft during activation [client]"" + - name: "Appendix: Information sent to Microsoft during activation [client]" href: file1.md - - name: Windows 10 in S mode - items: - - name: Switch to Windows 10 Pro/Enterprise from S mode - href: file1.md - - name: Install fonts in Windows 10 - href: file1.md \ No newline at end of file + + - name: Install fonts in Windows 10 + href: file1.md \ No newline at end of file From 45bd5494372a76a444dee3dd8e4cad5050cdf971 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 12:08:29 -0800 Subject: [PATCH 045/338] added deploy toc items --- windows/deployment/TOC.yml | 130 +++++++++++++++++++++++++++++++++++-- 1 file changed, 126 insertions(+), 4 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 61cc965e45..6cc0756364 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -68,11 +68,133 @@ - name: Deploy Windows 10 items: - name: Deploy with Windows Autopilot - href: file1.md + items: + - name: Windows Autopilot deployment + href: file1.md + - name: What's new in Windows Autopilot + href: file1.md + - name: Understand Windows Autopilot + items: + - name: Overview + href: file1.md + - name: Requirements + href: file1.md + - name: Scenarios and capabilities + href: file1.md + - name: Get started + href: file1.md + - name: Deployment scenarios + items: + - name: Deployment processes + href: file1.md + - name: User-driven mode + href: file1.md + - name: Self-deploying mode + href: file1.md + - name: Windows Autopilot Reset + href: file1.md + - name: White glove + href: file1.md + - name: Support for existing devices + href: file1.md + - name: Administer Windows Autopilot + items: + - name: Register devices + href: file1.md + - name: Configure device profiles + href: file1.md + - name: Enrollment Status Page + href: file1.md + - name: BitLocker encryption + href: file1.md + - name: DFCI management + href: file1.md + - name: Windows Autopilot update + href: file1.md + - name: Troubleshooting + href: file1.md + - name: Known issues + href: file1.md + - name: Support + items: + - name: FAQ + href: file1.md + - name: Contacts + href: file1.md + - name: Registration authorization + href: file1.md + - name: Device guidelines + href: file1.md + - name: Motherboard replacement + href: file1.md - name: Deploy with Configuration Manager - href: file1.md - - name: Deploy with Microsoft Deployment Toolkit - href: file1.md + items: + - name: Integrate Configuration Manager with MDT + href: file1.md + - name: Prepare for Zero Touch Installation of Windows 10 with Configuration Manager + href: file1.md + - name: Create a custom Windows PE boot image with Configuration Manager + href: file1.md + - name: Add a Windows 10 operating system image using Configuration Manager + href: file1.md + - name: Create an application to deploy with Windows 10 using Configuration Manager + href: file1.md + - name: Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager + href: file1.md + - name: Create a task sequence with Configuration Manager and MDT + href: file1.md + - name: Finalize the operating system configuration for Windows 10 deployment with Configuration Manager + href: file1.md + - name: Deploy Windows 10 using PXE and Configuration Manager + href: file1.md + - name: Monitor the Windows 10 deployment with Configuration Manager + href: file1.md + - name: Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager + href: file1.md + - name: Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager + href: file1.md + - name: Perform an in-place upgrade to Windows 10 using Configuration Manager + href: file1.md + - name: Deploy with the Microsoft Deployment Toolkit + items: + - name: Get started with MDT + href: file1.md + - name: Deploy Windows 10 with MDT + items: + - name: Prepare for deployment with MDT + href: file1.md + - name: Create a Windows 10 reference image + href: file1.md + - name: Deploy a Windows 10 reference image using MDT + href: file1.md + - name: Build a distributed environment for Windows 10 deployment + href: file1.md + - name: Refresh a Windows 7 computer with Windows 10 + href: file1.md + - name: Replace a Windows 7 computer with Windows 10 + href: file1.md + - name: Perform an in-place upgrade to Windows 10 with MDT + href: file1.md + - name: Customize MDT + items: + - name: Configure MDT settings + href: file1.md + - name: Set up MDT for BitLocker + href: file1.md + - name: Configure MDT deployment share rules + href: file1.md + - name: Configure MDT UserExit scripts + href: file1.md + - name: Simulate a Windows 10 deployment in a test environment + href: file1.md + - name: Use the MDT database to state Windows 10 deployment information + href: file1.md + - name: Assign applications using roles in MDT + href: file1.md + - name: Use web services in MDT + href: file1.md + - name: Use Orchestrator runbooks with MDT + href: file1.md - name: Manage Windows 10 updates items: From d99ac9e76071ff7eaf7e1c89dfd071c55a920852 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 12:39:44 -0800 Subject: [PATCH 046/338] testing ap toc --- windows/deployment/windows-autopilot/TOC.yml | 490 ++++++++++++++++++ .../windows-autopilot/{TOC.md => old.TOC.md} | 0 2 files changed, 490 insertions(+) create mode 100644 windows/deployment/windows-autopilot/TOC.yml rename windows/deployment/windows-autopilot/{TOC.md => old.TOC.md} (100%) diff --git a/windows/deployment/windows-autopilot/TOC.yml b/windows/deployment/windows-autopilot/TOC.yml new file mode 100644 index 0000000000..fc9e510e05 --- /dev/null +++ b/windows/deployment/windows-autopilot/TOC.yml @@ -0,0 +1,490 @@ + - name: Deploy with Windows Autopilot + items: + - name: Windows Autopilot deployment + href: file1.md + - name: What's new in Windows Autopilot + href: file1.md + - name: Understand Windows Autopilot + items: + - name: Overview + href: file1.md + - name: Requirements + href: file1.md + - name: Scenarios and capabilities + href: file1.md + - name: Get started + href: file1.md + - name: Deployment scenarios + items: + - name: Deployment processes + href: file1.md + - name: User-driven mode + href: file1.md + - name: Self-deploying mode + href: file1.md + - name: Windows Autopilot Reset + href: file1.md + - name: White glove + href: file1.md + - name: Support for existing devices + href: file1.md + - name: Administer Windows Autopilot + items: + - name: Register devices + href: file1.md + - name: Configure device profiles + href: file1.md + - name: Enrollment Status Page + href: file1.md + - name: BitLocker encryption + href: file1.md + - name: DFCI management + href: file1.md + - name: Windows Autopilot update + href: file1.md + - name: Troubleshooting + href: file1.md + - name: Known issues + href: file1.md + - name: Support + items: + - name: FAQ + href: file1.md + - name: Contacts + href: file1.md + - name: Registration authorization + href: file1.md + - name: Device guidelines + href: file1.md + - name: Motherboard replacement + href: file1.md + - name: Deploy with Configuration Manager + items: + - name: Integrate Configuration Manager with MDT + href: file1.md + - name: Prepare for Zero Touch Installation of Windows 10 with Configuration Manager + href: file1.md + - name: Create a custom Windows PE boot image with Configuration Manager + href: file1.md + - name: Add a Windows 10 operating system image using Configuration Manager + href: file1.md + - name: Create an application to deploy with Windows 10 using Configuration Manager + href: file1.md + - name: Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager + href: file1.md + - name: Create a task sequence with Configuration Manager and MDT + href: file1.md + - name: Finalize the operating system configuration for Windows 10 deployment with Configuration Manager + href: file1.md + - name: Deploy Windows 10 using PXE and Configuration Manager + href: file1.md + - name: Monitor the Windows 10 deployment with Configuration Manager + href: file1.md + - name: Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager + href: file1.md + - name: Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager + href: file1.md + - name: Perform an in-place upgrade to Windows 10 using Configuration Manager + href: file1.md + - name: Deploy with the Microsoft Deployment Toolkit + items: + - name: Get started with MDT + href: file1.md + - name: Deploy Windows 10 with MDT + items: + - name: Prepare for deployment with MDT + href: file1.md + - name: Create a Windows 10 reference image + href: file1.md + - name: Deploy a Windows 10 reference image using MDT + href: file1.md + - name: Build a distributed environment for Windows 10 deployment + href: file1.md + - name: Refresh a Windows 7 computer with Windows 10 + href: file1.md + - name: Replace a Windows 7 computer with Windows 10 + href: file1.md + - name: Perform an in-place upgrade to Windows 10 with MDT + href: file1.md + - name: Customize MDT + items: + - name: Configure MDT settings + href: file1.md + - name: Set up MDT for BitLocker + href: file1.md + - name: Configure MDT deployment share rules + href: file1.md + - name: Configure MDT UserExit scripts + href: file1.md + - name: Simulate a Windows 10 deployment in a test environment + href: file1.md + - name: Use the MDT database to state Windows 10 deployment information + href: file1.md + - name: Assign applications using roles in MDT + href: file1.md + - name: Use web services in MDT + href: file1.md + - name: Use Orchestrator runbooks with MDT + href: file1.md + + - name: Manage Windows 10 updates + items: + - name: Manage updates from the cloud + items: + - name: Manage updates with Configuration Manager + items: + - name: Set up rings, channels, optimization, polices + href: file1.md + - name: Perform a pilot deployment (new) + href: file1.md + - name: Perform a broad deployment + href: file1.md + - name: Manage updates with Intune + items: + - name: Set up rings, channels, optimization, polices + href: file1.md + - name: Perform a pilot deployment (new) + href: file1.md + - name: Perform a broad deployment + href: file1.md + - name: Manage with Group Policy + items: + - name: Set up rings, channels, optimization, polices + href: file1.md + - name: Perform a pilot deployment (new) + href: file1.md + - name: Perform a broad deployment + href: file1.md + - name: Manage updates locally + items: + - name: Manage updates with WSUS + href: file1.md + - name: Manage updates using images + href: file1.md + - name: Monitor updates + items: + - name: Monitor updates with Update Compliance + href: file1.md + - name: Monitor updates with Desktop Analytics + href: file1.md + - name: Monitor Delivery Optimization + href: file1.md + + - name: Reference + items: + - name: Windows 10 upgrade paths + href: file1.md + - name: Windows 10 edition upgrade + href: file1.md + - name: Deploy Windows 10 with Microsoft 365 + href: file1.md + - name: How Windows Update works (new) + href: file1.md + - name: Additional Windows Update settings + href: file1.md + - name: Delivery Optimization reference + href: file1.md + - name: Windows 10 in S mode + items: + - name: Windows 10 in S mode overview + href: file1.md + - name: Switch to Windows 10 Pro/Enterprise from S mode + href: file1.md + - name: Subscription Activation + items: + - name: Windows 10 Subscription Activation + href: file1.md + - name: Windows 10 Enterprise E3 in CSP + href: file1.md + - name: Configure VDA for Subscription Activation + href: file1.md + - name: Deploy Windows 10 Enterprise licenses + href: file1.md + - name: Resolve upgrade errors + items: + - name: Resolve Windows 10 upgrade errors + href: file1.md + - name: Quick fixes + href: file1.md + - name: SetupDiag + href: file1.md + - name: Troubleshooting upgrade errors + href: file1.md + - name: Windows error reporting + href: file1.md + - name: Upgrade error codes + href: file1.md + - name: Log files + href: file1.md + - name: Resolution procedures + href: file1.md + - name: Submit Windows 10 upgrade errors + href: file1.md + + + - name: Windows 10 deployment tools + items: + - name: Windows 10 deployment scenarios and tools + items: + - name: Convert MBR partition to GPT + - name: Configure a PXE server to load Windows PE + - name: Windows ADK for Windows 10 scenarios for IT Pros + - name: Windows To Go + items: + - name: Deploy Windows To Go in your organization + href: file1.md + - name: Feature overview + items: + - name: "Windows To Go: feature overview" + href: file1.md + - name: Best practice recommendations for Windows To Go + href: file1.md + - name: Deployment considerations for Windows To Go + href: file1.md + - name: Prepare your organization for Windows To Go + href: file1.md + - name: Security and data protection considerations for Windows To Go + href: file1.md + - name: "Windows To Go: frequently asked questions" + href: file1.md + + - name: Volume Activation Management Tool (VAMT) technical reference + items: + - name: VAMT technical reference + href: file1.md + - name: Introduction to VAMT + href: file1.md + - name: Active Directory-Based Activation Overview + href: file1.md + - name: Install and Configure VAMT + href: file1.md + - name: VAMT Requirements + href: file1.md + - name: Install VAMT + href: file1.md + - name: Configure Client Computers + href: file1.md + - name: Add and Manage Products + href: file1.md + - name: Add and Remove Computers + href: file1.md + - name: Update Product Status + href: file1.md + - name: Remove Products + href: file1.md + - name: Manage Product Keys + href: file1.md + - name: Add and Remove a Product Key + href: file1.md + - name: Install a Product Key + href: file1.md + - name: Install a KMS Client Key + href: file1.md + - name: Manage Activations + href: file1.md + - name: Perform Online Activation + href: file1.md + - name: Perform Proxy Activation + href: file1.md + - name: Perform KMS Activation + href: file1.md + - name: Perform Local Reactivation + href: file1.md + - name: Activate an Active Directory Forest Online + href: file1.md + - name: Activate by Proxy an Active Directory Forest + href: file1.md + - name: Manage VAMT Data + href: file1.md + - name: Import and Export VAMT Data + href: file1.md + - name: Use VAMT in Windows PowerShell + href: file1.md + - name: VAMT Step-by-Step Scenarios + href: file1.md + - name: "Scenario 1: Online Activation" + href: file1.md + - name: "Scenario 2: Proxy Activation" + href: file1.md + - name: "Scenario 3: KMS Client Activation" + href: file1.md + - name: VAMT Known Issues + href: file1.md + + - name: User State Migration Tool (USMT) technical reference + items: + - name: USMT overview topics + items: + - name: USMT overview + href: file1.md + - name: Getting started with the USMT + href: file1.md + - name: Windows upgrade and migration considerations + href: file1.md + - name: USMT How-to topics + items: + - name: Exclude Files and Settings + href: file1.md + - name: Extract Files from a Compressed USMT Migration Store + href: file1.md + - name: Include Files and Settings + href: file1.md + - name: Migrate Application Settings + href: file1.md + - name: Migrate EFS Files and Certificates + href: file1.md + - name: Migrate User Accounts + href: file1.md + - name: Reroute Files and Settings + href: file1.md + - name: Verify the Condition of a Compressed Migration Store + href: file1.md + - name: USMT Troubleshooting + href: file1.md + - name: Common Issues + href: file1.md + - name: Frequently Asked Questions + href: file1.md + - name: Log Files + href: file1.md + - name: Return Codes + href: file1.md + - name: USMT Resources + href: file1.md + + - name: USMT Reference + items: + - name: USMT Requirements + href: file1.md + - name: USMT Best Practices + href: file1.md + - name: How USMT Works + href: file1.md + - name: Plan Your Migration + href: file1.md + - name: Common Migration Scenarios + href: file1.md + - name: What Does USMT Migrate? + href: file1.md + - name: Choose a Migration Store Type + href: file1.md + - name: Migration Store Types Overview + href: file1.md + - name: Estimate Migration Store Size + href: file1.md + - name: Hard-Link Migration Store + href: file1.md + - name: Migration Store Encryption + href: file1.md + - name: Determine What to Migrate + href: file1.md + - name: Determine What to Migrate + href: file1.md + - name: Identify Applications Settings + href: file1.md + - name: Identify Operating System Settings + href: file1.md + - name: Identify File Types, Files, and Folders + href: file1.md + - name: Test Your Migration + href: file1.md + - name: USMT Command-line Syntax + href: file1.md + - name: ScanState Syntax + href: file1.md + - name: LoadState Syntax + href: file1.md + - name: UsmtUtils Syntax + href: file1.md + - name: USMT XML Reference + href: file1.md + - name: Understanding Migration XML Files + href: file1.md + - name: Config.xml File + href: file1.md + - name: Customize USMT XML Files + href: file1.md + - name: Custom XML Examples + href: file1.md + - name: Conflicts and Precedence + href: file1.md + - name: General Conventions + href: file1.md + - name: XML File Requirements + href: file1.md + - name: Recognized Environment Variables + href: file1.md + - name: XML Elements Library + href: file1.md + - name: Offline Migration Reference + href: file1.md + + - name: Application Compatibility Toolkit (ACT) Technical Reference + items: + - name: SUA User's Guide + href: file1.md + - name: Using the SUA Wizard + href: file1.md + - name: Using the SUA Tool + href: file1.md + - name: Tabs on the SUA Tool Interface + href: file1.md + - name: Showing Messages Generated by the SUA Tool + href: file1.md + - name: Applying Filters to Data in the SUA Tool + href: file1.md + - name: Fixing Applications by Using the SUA Tool + href: file1.md + - name: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista + href: file1.md + - name: Compatibility Administrator User's Guide + href: file1.md + - name: Using the Compatibility Administrator Tool + href: file1.md + - name: Available Data Types and Operators in Compatibility Administrator + href: file1.md + - name: Searching for Fixed Applications in Compatibility Administrator + href: file1.md + - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator + href: file1.md + - name: Creating a Custom Compatibility Fix in Compatibility Administrator + href: file1.md + - name: Creating a Custom Compatibility Mode in Compatibility Administrator + href: file1.md + - name: Creating an AppHelp Message in Compatibility Administrator + href: file1.md + - name: Viewing the Events Screen in Compatibility Administrator + href: file1.md + - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator + href: file1.md + - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator + href: file1.md + - name: Managing Application-Compatibility Fixes and Custom Fix Databases + href: file1.md + - name: Understanding and Using Compatibility Fixes + href: file1.md + - name: Compatibility Fix Database Management Strategies and Deployment + href: file1.md + - name: Testing Your Application Mitigation Packages + href: file1.md + - name: Using the Sdbinst.exe Command-Line Tool + href: file1.md + - name: Volume Activation [client] + href: file1.md + - name: Plan for volume activation [client] + href: file1.md + - name: Activate using Key Management Service [client] + href: file1.md + - name: Activate using Active Directory-based activation [client] + href: file1.md + - name: Activate clients running Windows 10 + href: file1.md + - name: Monitor activation [client] + href: file1.md + - name: Use the Volume Activation Management Tool [client] + href: file1.md + - name: "Appendix: Information sent to Microsoft during activation [client]" + href: file1.md + + - name: Install fonts in Windows 10 + href: file1.md \ No newline at end of file diff --git a/windows/deployment/windows-autopilot/TOC.md b/windows/deployment/windows-autopilot/old.TOC.md similarity index 100% rename from windows/deployment/windows-autopilot/TOC.md rename to windows/deployment/windows-autopilot/old.TOC.md From 85968beef0eea938a869a95068e1cab9c43b0b40 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 12:48:32 -0800 Subject: [PATCH 047/338] testing ap toc --- windows/deployment/windows-autopilot/TOC.yml | 550 ++----------------- 1 file changed, 60 insertions(+), 490 deletions(-) diff --git a/windows/deployment/windows-autopilot/TOC.yml b/windows/deployment/windows-autopilot/TOC.yml index fc9e510e05..8d7648fd4f 100644 --- a/windows/deployment/windows-autopilot/TOC.yml +++ b/windows/deployment/windows-autopilot/TOC.yml @@ -1,490 +1,60 @@ - - name: Deploy with Windows Autopilot - items: - - name: Windows Autopilot deployment - href: file1.md - - name: What's new in Windows Autopilot - href: file1.md - - name: Understand Windows Autopilot - items: - - name: Overview - href: file1.md - - name: Requirements - href: file1.md - - name: Scenarios and capabilities - href: file1.md - - name: Get started - href: file1.md - - name: Deployment scenarios - items: - - name: Deployment processes - href: file1.md - - name: User-driven mode - href: file1.md - - name: Self-deploying mode - href: file1.md - - name: Windows Autopilot Reset - href: file1.md - - name: White glove - href: file1.md - - name: Support for existing devices - href: file1.md - - name: Administer Windows Autopilot - items: - - name: Register devices - href: file1.md - - name: Configure device profiles - href: file1.md - - name: Enrollment Status Page - href: file1.md - - name: BitLocker encryption - href: file1.md - - name: DFCI management - href: file1.md - - name: Windows Autopilot update - href: file1.md - - name: Troubleshooting - href: file1.md - - name: Known issues - href: file1.md - - name: Support - items: - - name: FAQ - href: file1.md - - name: Contacts - href: file1.md - - name: Registration authorization - href: file1.md - - name: Device guidelines - href: file1.md - - name: Motherboard replacement - href: file1.md - - name: Deploy with Configuration Manager - items: - - name: Integrate Configuration Manager with MDT - href: file1.md - - name: Prepare for Zero Touch Installation of Windows 10 with Configuration Manager - href: file1.md - - name: Create a custom Windows PE boot image with Configuration Manager - href: file1.md - - name: Add a Windows 10 operating system image using Configuration Manager - href: file1.md - - name: Create an application to deploy with Windows 10 using Configuration Manager - href: file1.md - - name: Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager - href: file1.md - - name: Create a task sequence with Configuration Manager and MDT - href: file1.md - - name: Finalize the operating system configuration for Windows 10 deployment with Configuration Manager - href: file1.md - - name: Deploy Windows 10 using PXE and Configuration Manager - href: file1.md - - name: Monitor the Windows 10 deployment with Configuration Manager - href: file1.md - - name: Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager - href: file1.md - - name: Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager - href: file1.md - - name: Perform an in-place upgrade to Windows 10 using Configuration Manager - href: file1.md - - name: Deploy with the Microsoft Deployment Toolkit - items: - - name: Get started with MDT - href: file1.md - - name: Deploy Windows 10 with MDT - items: - - name: Prepare for deployment with MDT - href: file1.md - - name: Create a Windows 10 reference image - href: file1.md - - name: Deploy a Windows 10 reference image using MDT - href: file1.md - - name: Build a distributed environment for Windows 10 deployment - href: file1.md - - name: Refresh a Windows 7 computer with Windows 10 - href: file1.md - - name: Replace a Windows 7 computer with Windows 10 - href: file1.md - - name: Perform an in-place upgrade to Windows 10 with MDT - href: file1.md - - name: Customize MDT - items: - - name: Configure MDT settings - href: file1.md - - name: Set up MDT for BitLocker - href: file1.md - - name: Configure MDT deployment share rules - href: file1.md - - name: Configure MDT UserExit scripts - href: file1.md - - name: Simulate a Windows 10 deployment in a test environment - href: file1.md - - name: Use the MDT database to state Windows 10 deployment information - href: file1.md - - name: Assign applications using roles in MDT - href: file1.md - - name: Use web services in MDT - href: file1.md - - name: Use Orchestrator runbooks with MDT - href: file1.md - - - name: Manage Windows 10 updates - items: - - name: Manage updates from the cloud - items: - - name: Manage updates with Configuration Manager - items: - - name: Set up rings, channels, optimization, polices - href: file1.md - - name: Perform a pilot deployment (new) - href: file1.md - - name: Perform a broad deployment - href: file1.md - - name: Manage updates with Intune - items: - - name: Set up rings, channels, optimization, polices - href: file1.md - - name: Perform a pilot deployment (new) - href: file1.md - - name: Perform a broad deployment - href: file1.md - - name: Manage with Group Policy - items: - - name: Set up rings, channels, optimization, polices - href: file1.md - - name: Perform a pilot deployment (new) - href: file1.md - - name: Perform a broad deployment - href: file1.md - - name: Manage updates locally - items: - - name: Manage updates with WSUS - href: file1.md - - name: Manage updates using images - href: file1.md - - name: Monitor updates - items: - - name: Monitor updates with Update Compliance - href: file1.md - - name: Monitor updates with Desktop Analytics - href: file1.md - - name: Monitor Delivery Optimization - href: file1.md - - - name: Reference - items: - - name: Windows 10 upgrade paths - href: file1.md - - name: Windows 10 edition upgrade - href: file1.md - - name: Deploy Windows 10 with Microsoft 365 - href: file1.md - - name: How Windows Update works (new) - href: file1.md - - name: Additional Windows Update settings - href: file1.md - - name: Delivery Optimization reference - href: file1.md - - name: Windows 10 in S mode - items: - - name: Windows 10 in S mode overview - href: file1.md - - name: Switch to Windows 10 Pro/Enterprise from S mode - href: file1.md - - name: Subscription Activation - items: - - name: Windows 10 Subscription Activation - href: file1.md - - name: Windows 10 Enterprise E3 in CSP - href: file1.md - - name: Configure VDA for Subscription Activation - href: file1.md - - name: Deploy Windows 10 Enterprise licenses - href: file1.md - - name: Resolve upgrade errors - items: - - name: Resolve Windows 10 upgrade errors - href: file1.md - - name: Quick fixes - href: file1.md - - name: SetupDiag - href: file1.md - - name: Troubleshooting upgrade errors - href: file1.md - - name: Windows error reporting - href: file1.md - - name: Upgrade error codes - href: file1.md - - name: Log files - href: file1.md - - name: Resolution procedures - href: file1.md - - name: Submit Windows 10 upgrade errors - href: file1.md - - - - name: Windows 10 deployment tools - items: - - name: Windows 10 deployment scenarios and tools - items: - - name: Convert MBR partition to GPT - - name: Configure a PXE server to load Windows PE - - name: Windows ADK for Windows 10 scenarios for IT Pros - - name: Windows To Go - items: - - name: Deploy Windows To Go in your organization - href: file1.md - - name: Feature overview - items: - - name: "Windows To Go: feature overview" - href: file1.md - - name: Best practice recommendations for Windows To Go - href: file1.md - - name: Deployment considerations for Windows To Go - href: file1.md - - name: Prepare your organization for Windows To Go - href: file1.md - - name: Security and data protection considerations for Windows To Go - href: file1.md - - name: "Windows To Go: frequently asked questions" - href: file1.md - - - name: Volume Activation Management Tool (VAMT) technical reference - items: - - name: VAMT technical reference - href: file1.md - - name: Introduction to VAMT - href: file1.md - - name: Active Directory-Based Activation Overview - href: file1.md - - name: Install and Configure VAMT - href: file1.md - - name: VAMT Requirements - href: file1.md - - name: Install VAMT - href: file1.md - - name: Configure Client Computers - href: file1.md - - name: Add and Manage Products - href: file1.md - - name: Add and Remove Computers - href: file1.md - - name: Update Product Status - href: file1.md - - name: Remove Products - href: file1.md - - name: Manage Product Keys - href: file1.md - - name: Add and Remove a Product Key - href: file1.md - - name: Install a Product Key - href: file1.md - - name: Install a KMS Client Key - href: file1.md - - name: Manage Activations - href: file1.md - - name: Perform Online Activation - href: file1.md - - name: Perform Proxy Activation - href: file1.md - - name: Perform KMS Activation - href: file1.md - - name: Perform Local Reactivation - href: file1.md - - name: Activate an Active Directory Forest Online - href: file1.md - - name: Activate by Proxy an Active Directory Forest - href: file1.md - - name: Manage VAMT Data - href: file1.md - - name: Import and Export VAMT Data - href: file1.md - - name: Use VAMT in Windows PowerShell - href: file1.md - - name: VAMT Step-by-Step Scenarios - href: file1.md - - name: "Scenario 1: Online Activation" - href: file1.md - - name: "Scenario 2: Proxy Activation" - href: file1.md - - name: "Scenario 3: KMS Client Activation" - href: file1.md - - name: VAMT Known Issues - href: file1.md - - - name: User State Migration Tool (USMT) technical reference - items: - - name: USMT overview topics - items: - - name: USMT overview - href: file1.md - - name: Getting started with the USMT - href: file1.md - - name: Windows upgrade and migration considerations - href: file1.md - - name: USMT How-to topics - items: - - name: Exclude Files and Settings - href: file1.md - - name: Extract Files from a Compressed USMT Migration Store - href: file1.md - - name: Include Files and Settings - href: file1.md - - name: Migrate Application Settings - href: file1.md - - name: Migrate EFS Files and Certificates - href: file1.md - - name: Migrate User Accounts - href: file1.md - - name: Reroute Files and Settings - href: file1.md - - name: Verify the Condition of a Compressed Migration Store - href: file1.md - - name: USMT Troubleshooting - href: file1.md - - name: Common Issues - href: file1.md - - name: Frequently Asked Questions - href: file1.md - - name: Log Files - href: file1.md - - name: Return Codes - href: file1.md - - name: USMT Resources - href: file1.md - - - name: USMT Reference - items: - - name: USMT Requirements - href: file1.md - - name: USMT Best Practices - href: file1.md - - name: How USMT Works - href: file1.md - - name: Plan Your Migration - href: file1.md - - name: Common Migration Scenarios - href: file1.md - - name: What Does USMT Migrate? - href: file1.md - - name: Choose a Migration Store Type - href: file1.md - - name: Migration Store Types Overview - href: file1.md - - name: Estimate Migration Store Size - href: file1.md - - name: Hard-Link Migration Store - href: file1.md - - name: Migration Store Encryption - href: file1.md - - name: Determine What to Migrate - href: file1.md - - name: Determine What to Migrate - href: file1.md - - name: Identify Applications Settings - href: file1.md - - name: Identify Operating System Settings - href: file1.md - - name: Identify File Types, Files, and Folders - href: file1.md - - name: Test Your Migration - href: file1.md - - name: USMT Command-line Syntax - href: file1.md - - name: ScanState Syntax - href: file1.md - - name: LoadState Syntax - href: file1.md - - name: UsmtUtils Syntax - href: file1.md - - name: USMT XML Reference - href: file1.md - - name: Understanding Migration XML Files - href: file1.md - - name: Config.xml File - href: file1.md - - name: Customize USMT XML Files - href: file1.md - - name: Custom XML Examples - href: file1.md - - name: Conflicts and Precedence - href: file1.md - - name: General Conventions - href: file1.md - - name: XML File Requirements - href: file1.md - - name: Recognized Environment Variables - href: file1.md - - name: XML Elements Library - href: file1.md - - name: Offline Migration Reference - href: file1.md - - - name: Application Compatibility Toolkit (ACT) Technical Reference - items: - - name: SUA User's Guide - href: file1.md - - name: Using the SUA Wizard - href: file1.md - - name: Using the SUA Tool - href: file1.md - - name: Tabs on the SUA Tool Interface - href: file1.md - - name: Showing Messages Generated by the SUA Tool - href: file1.md - - name: Applying Filters to Data in the SUA Tool - href: file1.md - - name: Fixing Applications by Using the SUA Tool - href: file1.md - - name: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista - href: file1.md - - name: Compatibility Administrator User's Guide - href: file1.md - - name: Using the Compatibility Administrator Tool - href: file1.md - - name: Available Data Types and Operators in Compatibility Administrator - href: file1.md - - name: Searching for Fixed Applications in Compatibility Administrator - href: file1.md - - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator - href: file1.md - - name: Creating a Custom Compatibility Fix in Compatibility Administrator - href: file1.md - - name: Creating a Custom Compatibility Mode in Compatibility Administrator - href: file1.md - - name: Creating an AppHelp Message in Compatibility Administrator - href: file1.md - - name: Viewing the Events Screen in Compatibility Administrator - href: file1.md - - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator - href: file1.md - - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator - href: file1.md - - name: Managing Application-Compatibility Fixes and Custom Fix Databases - href: file1.md - - name: Understanding and Using Compatibility Fixes - href: file1.md - - name: Compatibility Fix Database Management Strategies and Deployment - href: file1.md - - name: Testing Your Application Mitigation Packages - href: file1.md - - name: Using the Sdbinst.exe Command-Line Tool - href: file1.md - - name: Volume Activation [client] - href: file1.md - - name: Plan for volume activation [client] - href: file1.md - - name: Activate using Key Management Service [client] - href: file1.md - - name: Activate using Active Directory-based activation [client] - href: file1.md - - name: Activate clients running Windows 10 - href: file1.md - - name: Monitor activation [client] - href: file1.md - - name: Use the Volume Activation Management Tool [client] - href: file1.md - - name: "Appendix: Information sent to Microsoft during activation [client]" - href: file1.md - - - name: Install fonts in Windows 10 - href: file1.md \ No newline at end of file +- name: Deploy with Windows Autopilot + items: + - name: Windows Autopilot deployment + href: file1.md + - name: What's new in Windows Autopilot + href: file1.md + - name: Understand Windows Autopilot + items: + - name: Overview + href: file1.md + - name: Requirements + href: file1.md + - name: Scenarios and capabilities + href: file1.md + - name: Get started + href: file1.md + - name: Deployment scenarios + items: + - name: Deployment processes + href: file1.md + - name: User-driven mode + href: file1.md + - name: Self-deploying mode + href: file1.md + - name: Windows Autopilot Reset + href: file1.md + - name: White glove + href: file1.md + - name: Support for existing devices + href: file1.md + - name: Administer Windows Autopilot + items: + - name: Register devices + href: file1.md + - name: Configure device profiles + href: file1.md + - name: Enrollment Status Page + href: file1.md + - name: BitLocker encryption + href: file1.md + - name: DFCI management + href: file1.md + - name: Windows Autopilot update + href: file1.md + - name: Troubleshooting + href: file1.md + - name: Known issues + href: file1.md + - name: Support + items: + - name: FAQ + href: file1.md + - name: Contacts + href: file1.md + - name: Registration authorization + href: file1.md + - name: Device guidelines + href: file1.md + - name: Motherboard replacement + href: file1.md \ No newline at end of file From 47cdf0859b57530a6bd45a012a140e4696d8f565 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 12:50:09 -0800 Subject: [PATCH 048/338] formatting --- windows/deployment/windows-autopilot/TOC.yml | 118 +++++++++---------- 1 file changed, 59 insertions(+), 59 deletions(-) diff --git a/windows/deployment/windows-autopilot/TOC.yml b/windows/deployment/windows-autopilot/TOC.yml index 8d7648fd4f..86d1957236 100644 --- a/windows/deployment/windows-autopilot/TOC.yml +++ b/windows/deployment/windows-autopilot/TOC.yml @@ -1,60 +1,60 @@ - name: Deploy with Windows Autopilot - items: - - name: Windows Autopilot deployment - href: file1.md - - name: What's new in Windows Autopilot - href: file1.md - - name: Understand Windows Autopilot - items: - - name: Overview - href: file1.md - - name: Requirements - href: file1.md - - name: Scenarios and capabilities - href: file1.md - - name: Get started - href: file1.md - - name: Deployment scenarios - items: - - name: Deployment processes - href: file1.md - - name: User-driven mode - href: file1.md - - name: Self-deploying mode - href: file1.md - - name: Windows Autopilot Reset - href: file1.md - - name: White glove - href: file1.md - - name: Support for existing devices - href: file1.md - - name: Administer Windows Autopilot - items: - - name: Register devices - href: file1.md - - name: Configure device profiles - href: file1.md - - name: Enrollment Status Page - href: file1.md - - name: BitLocker encryption - href: file1.md - - name: DFCI management - href: file1.md - - name: Windows Autopilot update - href: file1.md - - name: Troubleshooting - href: file1.md - - name: Known issues - href: file1.md - - name: Support - items: - - name: FAQ - href: file1.md - - name: Contacts - href: file1.md - - name: Registration authorization - href: file1.md - - name: Device guidelines - href: file1.md - - name: Motherboard replacement - href: file1.md \ No newline at end of file + items: + - name: Windows Autopilot deployment + href: file1.md + - name: What's new in Windows Autopilot + href: file1.md + - name: Understand Windows Autopilot + items: + - name: Overview + href: file1.md + - name: Requirements + href: file1.md + - name: Scenarios and capabilities + href: file1.md + - name: Get started + href: file1.md + - name: Deployment scenarios + items: + - name: Deployment processes + href: file1.md + - name: User-driven mode + href: file1.md + - name: Self-deploying mode + href: file1.md + - name: Windows Autopilot Reset + href: file1.md + - name: White glove + href: file1.md + - name: Support for existing devices + href: file1.md + - name: Administer Windows Autopilot + items: + - name: Register devices + href: file1.md + - name: Configure device profiles + href: file1.md + - name: Enrollment Status Page + href: file1.md + - name: BitLocker encryption + href: file1.md + - name: DFCI management + href: file1.md + - name: Windows Autopilot update + href: file1.md + - name: Troubleshooting + href: file1.md + - name: Known issues + href: file1.md + - name: Support + items: + - name: FAQ + href: file1.md + - name: Contacts + href: file1.md + - name: Registration authorization + href: file1.md + - name: Device guidelines + href: file1.md + - name: Motherboard replacement + href: file1.md \ No newline at end of file From fbd9b905db337b7338717317fda92e9e94085d7f Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 12:55:47 -0800 Subject: [PATCH 049/338] fix old toc --- .../deployment/windows-autopilot/old.TOC.md | 56 +++++++++---------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/windows/deployment/windows-autopilot/old.TOC.md b/windows/deployment/windows-autopilot/old.TOC.md index d94b04fdcb..cc6bf8b6f2 100644 --- a/windows/deployment/windows-autopilot/old.TOC.md +++ b/windows/deployment/windows-autopilot/old.TOC.md @@ -1,32 +1,32 @@ # [Windows Autopilot deployment](index.md) -# [What's new](windows-autopilot-whats-new.md) -# Understanding Windows Autopilot -## [Overview](windows-autopilot.md) -## [Requirements](windows-autopilot-requirements.md) -## [Scenarios and capabilities](windows-autopilot-scenarios.md) -## [Get started](demonstrate-deployment-on-vm.md) +## [What's new](windows-autopilot-whats-new.md) +## Understanding Windows Autopilot +### [Overview](windows-autopilot.md) +### [Requirements](windows-autopilot-requirements.md) +### [Scenarios and capabilities](windows-autopilot-scenarios.md) +### [Get started](demonstrate-deployment-on-vm.md) -# Deployment scenarios -## [Deployment processes](deployment-process.md) -## [User-driven mode](user-driven.md) -## [Self-deploying mode](self-deploying.md) -## [Windows Autopilot Reset](windows-autopilot-reset.md) -## [White glove](white-glove.md) -## [Support for existing devices](existing-devices.md) +## Deployment scenarios +### [Deployment processes](deployment-process.md) +### [User-driven mode](user-driven.md) +### [Self-deploying mode](self-deploying.md) +### [Windows Autopilot Reset](windows-autopilot-reset.md) +### [White glove](white-glove.md) +### [Support for existing devices](existing-devices.md) -# Administering Windows Autopilot -## [Registering devices](add-devices.md) -## [Configuring device profiles](profiles.md) -## [Enrollment Status Page](enrollment-status.md) -## [BitLocker encryption](bitlocker.md) -## [DFCI management](dfci-management.md) -## [Windows Autopilot update](autopilot-update.md) -## [Troubleshooting](troubleshooting.md) -## [Known issues](known-issues.md) +## Administering Windows Autopilot +### [Registering devices](add-devices.md) +### [Configuring device profiles](profiles.md) +### [Enrollment Status Page](enrollment-status.md) +### [BitLocker encryption](bitlocker.md) +### [DFCI management](dfci-management.md) +### [Windows Autopilot update](autopilot-update.md) +### [Troubleshooting](troubleshooting.md) +### [Known issues](known-issues.md) -# Support -## [FAQ](autopilot-faq.md) -## [Contacts](autopilot-support.md) -## [Registration authorization](registration-auth.md) -## [Device guidelines](autopilot-device-guidelines.md) -## [Motherboard replacement](autopilot-mbr.md) +## Support +### [FAQ](autopilot-faq.md) +### [Contacts](autopilot-support.md) +### [Registration authorization](registration-auth.md) +### [Device guidelines](autopilot-device-guidelines.md) +### [Motherboard replacement](autopilot-mbr.md) From 4cd52de20935c650d26dadafec606ed355753d70 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 13:05:46 -0800 Subject: [PATCH 050/338] fix yaml toc --- windows/deployment/windows-autopilot/TOC.yml | 98 ++++++++++---------- 1 file changed, 48 insertions(+), 50 deletions(-) diff --git a/windows/deployment/windows-autopilot/TOC.yml b/windows/deployment/windows-autopilot/TOC.yml index 86d1957236..881b11a440 100644 --- a/windows/deployment/windows-autopilot/TOC.yml +++ b/windows/deployment/windows-autopilot/TOC.yml @@ -1,51 +1,49 @@ -- name: Deploy with Windows Autopilot - items: - - name: Windows Autopilot deployment - href: file1.md - - name: What's new in Windows Autopilot - href: file1.md - - name: Understand Windows Autopilot - items: - - name: Overview - href: file1.md - - name: Requirements - href: file1.md - - name: Scenarios and capabilities - href: file1.md - - name: Get started - href: file1.md - - name: Deployment scenarios - items: - - name: Deployment processes - href: file1.md - - name: User-driven mode - href: file1.md - - name: Self-deploying mode - href: file1.md - - name: Windows Autopilot Reset - href: file1.md - - name: White glove - href: file1.md - - name: Support for existing devices - href: file1.md - - name: Administer Windows Autopilot - items: - - name: Register devices - href: file1.md - - name: Configure device profiles - href: file1.md - - name: Enrollment Status Page - href: file1.md - - name: BitLocker encryption - href: file1.md - - name: DFCI management - href: file1.md - - name: Windows Autopilot update - href: file1.md - - name: Troubleshooting - href: file1.md - - name: Known issues - href: file1.md + - name: Windows Autopilot deployment + href: file1.md + - name: What's new in Windows Autopilot + href: file1.md + - name: Understand Windows Autopilot + items: + - name: Overview + href: file1.md + - name: Requirements + href: file1.md + - name: Scenarios and capabilities + href: file1.md + - name: Get started + href: file1.md + - name: Deployment scenarios + items: + - name: Deployment processes + href: file1.md + - name: User-driven mode + href: file1.md + - name: Self-deploying mode + href: file1.md + - name: Windows Autopilot Reset + href: file1.md + - name: White glove + href: file1.md + - name: Support for existing devices + href: file1.md + - name: Administer Windows Autopilot + items: + - name: Register devices + href: file1.md + - name: Configure device profiles + href: file1.md + - name: Enrollment Status Page + href: file1.md + - name: BitLocker encryption + href: file1.md + - name: DFCI management + href: file1.md + - name: Windows Autopilot update + href: file1.md + - name: Troubleshooting + href: file1.md + - name: Known issues + href: file1.md - name: Support items: - name: FAQ @@ -55,6 +53,6 @@ - name: Registration authorization href: file1.md - name: Device guidelines - href: file1.md + href: file1.md - name: Motherboard replacement - href: file1.md \ No newline at end of file + href: file1.md \ No newline at end of file From a583735407cd850fadc543d1eb4c2ab620c90c3a Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 13:21:54 -0800 Subject: [PATCH 051/338] rename --- windows/deployment/windows-autopilot/{old.TOC.md => old.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename windows/deployment/windows-autopilot/{old.TOC.md => old.md} (100%) diff --git a/windows/deployment/windows-autopilot/old.TOC.md b/windows/deployment/windows-autopilot/old.md similarity index 100% rename from windows/deployment/windows-autopilot/old.TOC.md rename to windows/deployment/windows-autopilot/old.md From bc26514bc4a916afa946ca053dc3c304d9c18274 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 13:27:23 -0800 Subject: [PATCH 052/338] yaml is picky --- windows/deployment/windows-autopilot/TOC.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/deployment/windows-autopilot/TOC.yml b/windows/deployment/windows-autopilot/TOC.yml index 881b11a440..ff75aa758d 100644 --- a/windows/deployment/windows-autopilot/TOC.yml +++ b/windows/deployment/windows-autopilot/TOC.yml @@ -5,13 +5,13 @@ - name: Understand Windows Autopilot items: - name: Overview - href: file1.md + href: file1.md - name: Requirements href: file1.md - name: Scenarios and capabilities href: file1.md - name: Get started - href: file1.md + href: file1.md - name: Deployment scenarios items: - name: Deployment processes @@ -53,6 +53,6 @@ - name: Registration authorization href: file1.md - name: Device guidelines - href: file1.md + href: file1.md - name: Motherboard replacement - href: file1.md \ No newline at end of file + href: file1.md \ No newline at end of file From 82c8dc1e6a36dd0e16c1d10971e3bfd54e94b32d Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 13:58:02 -0800 Subject: [PATCH 053/338] yaml is picky --- windows/deployment/windows-autopilot/TOC.yml | 24 ++++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/windows/deployment/windows-autopilot/TOC.yml b/windows/deployment/windows-autopilot/TOC.yml index ff75aa758d..491fe40589 100644 --- a/windows/deployment/windows-autopilot/TOC.yml +++ b/windows/deployment/windows-autopilot/TOC.yml @@ -14,18 +14,18 @@ href: file1.md - name: Deployment scenarios items: - - name: Deployment processes - href: file1.md - - name: User-driven mode - href: file1.md - - name: Self-deploying mode - href: file1.md - - name: Windows Autopilot Reset - href: file1.md - - name: White glove - href: file1.md - - name: Support for existing devices - href: file1.md + - name: Deployment processes + href: file1.md + - name: User-driven mode + href: file1.md + - name: Self-deploying mode + href: file1.md + - name: Windows Autopilot Reset + href: file1.md + - name: White glove + href: file1.md + - name: Support for existing devices + href: file1.md - name: Administer Windows Autopilot items: - name: Register devices From 0d69d16d398e8be8503227536eb5f90e8d0965f3 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 15:19:16 -0800 Subject: [PATCH 054/338] yaml is picky --- windows/deployment/windows-autopilot/TOC.yml | 52 ++++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/windows/deployment/windows-autopilot/TOC.yml b/windows/deployment/windows-autopilot/TOC.yml index 491fe40589..e8420a1841 100644 --- a/windows/deployment/windows-autopilot/TOC.yml +++ b/windows/deployment/windows-autopilot/TOC.yml @@ -12,20 +12,20 @@ href: file1.md - name: Get started href: file1.md - - name: Deployment scenarios - items: - - name: Deployment processes - href: file1.md - - name: User-driven mode - href: file1.md - - name: Self-deploying mode - href: file1.md - - name: Windows Autopilot Reset - href: file1.md - - name: White glove - href: file1.md - - name: Support for existing devices - href: file1.md + - name: Deployment scenarios + items: + - name: Deployment processes + href: file1.md + - name: User-driven mode + href: file1.md + - name: Self-deploying mode + href: file1.md + - name: Windows Autopilot Reset + href: file1.md + - name: White glove + href: file1.md + - name: Support for existing devices + href: file1.md - name: Administer Windows Autopilot items: - name: Register devices @@ -44,15 +44,15 @@ href: file1.md - name: Known issues href: file1.md - - name: Support - items: - - name: FAQ - href: file1.md - - name: Contacts - href: file1.md - - name: Registration authorization - href: file1.md - - name: Device guidelines - href: file1.md - - name: Motherboard replacement - href: file1.md \ No newline at end of file + - name: Support + items: + - name: FAQ + href: file1.md + - name: Contacts + href: file1.md + - name: Registration authorization + href: file1.md + - name: Device guidelines + href: file1.md + - name: Motherboard replacement + href: file1.md \ No newline at end of file From bb93c4e30c630e618293c34e33485f1adae0b898 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 20 Feb 2020 15:41:51 -0800 Subject: [PATCH 055/338] yaml is picky --- windows/deployment/windows-autopilot/file1.md | 54 +++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 windows/deployment/windows-autopilot/file1.md diff --git a/windows/deployment/windows-autopilot/file1.md b/windows/deployment/windows-autopilot/file1.md new file mode 100644 index 0000000000..234ae17fcc --- /dev/null +++ b/windows/deployment/windows-autopilot/file1.md @@ -0,0 +1,54 @@ +--- +title: Setting the BitLocker encryption algorithm for Autopilot devices +ms.reviewer: +manager: laurawi +description: Microsoft Intune provides a comprehensive set of configuration options to manage BitLocker on Windows 10 devices. +keywords: Autopilot, BitLocker, encryption, 256-bit, Windows 10 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +ms.localizationpriority: medium +audience: itpro +author: greg-lindsay +ms.author: greglin +ms.collection: M365-modern-desktop +ms.topic: article +--- + + +# Setting the BitLocker encryption algorithm for Autopilot devices + +**Applies to** + +- Windows 10 + +With Windows Autopilot, you can configure the BitLocker encryption settings to be applied before automatic encryption is started. This ensures that the default encrytion algorithm is not applied automatically when this is not the desired setting. Other BitLocker policies that must be applied prior to encryption can also be delivered before automatic BitLocker encryption begins. + +The BitLocker encryption algorithm is used when BitLocker is first enabled, and sets the strength to which full volume encryption should occur. Available encryption algorithms are: AES-CBC 128-bit, AES-CBC 256-bit, XTS-AES 128-bit or XTS-AES 256-bit encryption. The default value is XTS-AES 128-bit encryption. See [BitLocker CSP](https://docs.microsoft.com/windows/client-management/mdm/bitlocker-csp) for information about the recommended encryption algorithms to use. + +To ensure the desired BitLocker encryption algorithm is set before automatic encryption occurs for Autopilot devices: + +1. Configure the [encryption method settings](https://docs.microsoft.com/intune/endpoint-protection-windows-10#windows-encryption) in the Windows 10 Endpoint Protection profile to the desired encryption algorithm. +2. [Assign the policy](https://docs.microsoft.com/intune/device-profile-assign) to your Autopilot device group. + - **IMPORTANT**: The encryption policy must be assigned to **devices** in the group, not users. +3. Enable the Autopilot [Enrollment Status Page](https://docs.microsoft.com/windows/deployment/windows-autopilot/enrollment-status) (ESP) for these devices. + - **IMPORTANT**: If the ESP is not enabled, the policy will not apply before encryption starts. + +An example of Microsoft Intune Windows Encryption settings is shown below. + + ![BitLocker encryption settings](images/bitlocker-encryption.png) + +Note that a device which is encrypted automatically will need to be decrypted prior to changing the encyption algorithm. + +The settings are available under Device Configuration -> Profiles -> Create profile -> Platform = Windows 10 and later, Profile type = Endpoint protection -> Configure -> Windows Encryption -> BitLocker base settings, Configure encryption methods = Enable. + +Note: It is also recommended to set Windows Encryption -> Windows Settings -> Encrypt = **Require**. + +## Requirements + +Windows 10, version 1809 or later. + +## See also + +[Bitlocker overview](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview) From 0e4ad812681d2e3c56ea8a05923bf8d6f7661601 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Wed, 25 Mar 2020 16:45:18 +0500 Subject: [PATCH 056/338] Update hello-cert-trust-adfs.md --- .../hello-for-business/hello-cert-trust-adfs.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md index f42095fd31..a51e3b166f 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-adfs.md @@ -75,8 +75,9 @@ Sign-in the federation server with domain administrator equivalent credentials. 6. On the **Request Certificates** page, Select the **Internal Web Server** check box. 7. Click the **More information is required to enroll for this certificate. Click here to configure settings** link ![Example of Certificate Properties Subject Tab - This is what shows when you click the above link](images/hello-internal-web-server-cert.png) -8. Under **Subject name**, select **Common Name** from the **Type** list. Type the FQDN of the computer hosting the Active Directory Federation Services role and then click **Add**. Under **Alternative name**, select **DNS** from the **Type** list. Type the FQDN of the name you will use for your federation services (fs.corp.contoso.com). The name you use here MUST match the name you use when configuring the Active Directory Federation Services server role. Click **Add**. Click **OK** when finished. -9. Click **Enroll**. +8. Under **Subject name**, select **Common Name** from the **Type** list. Type the FQDN of the computer hosting the Active Directory Federation Services role and then click **Add**. +9. Under **Alternative name**, select **DNS** from the **Type** list. Type the FQDN of the name you will use for your federation services (fs.corp.contoso.com). The name you use here MUST match the name you use when configuring the Active Directory Federation Services server role. Click **Add**. Repeat the same to add device registration service name (*enterpriseregistration.contoso.com*) as another alternative name. Click **OK** when finished. +10. Click **Enroll**. A server authentication certificate should appear in the computer’s Personal certificate store. From a4df631a859085ee2a43ade4c28c374484ae80bc Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Fri, 3 Apr 2020 16:09:36 -0700 Subject: [PATCH 057/338] update --- windows/deployment/TOC.yml | 223 +++++++++---------------------------- 1 file changed, 52 insertions(+), 171 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 6cc0756364..dfc5842a40 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -1,4 +1,4 @@ -- name: Windows 10 deployment resources and documentation +- name: Deploy and update Windows 10 href: index.yml items: - name: Get started @@ -24,6 +24,47 @@ - name: Deploy Windows 10 in a test lab using Configuration Manager href: file1.md + - name: Prepare + items: + - name: Prepare for Windows 10 deployment + items: + - name: Windows 10 compatibility + href: file1.md + - name: Windows 10 infrastructure requirements + href: file1.md + - name: Windows 10 volume license media + href: file1.md + - name: Plan for volume activation + href: file1.md + - name: Features removed or planned for replacement + items: + - name: Windows 10 features lifecycle + href: file1.md + - name: Features we're no longer developing + href: file1.md + - name: Features we removed + href: file1.md + - name: Prepare your update strategy + items: + - name: Plan cloud management + items: + - name: Designate rings, channels, and policies + href: file1.md + - name: Chooose a delivery optimization strategy + href: file1.md + - name: Choose a monitoring approach + href: file1.md + - name: Assess apps (new) + items: + - name: With Desktop Analytics + href: file1.md + - name: By other means (new) + href: file1.md + - name: Other prep activities (new) + href: file1.md + - name: Plan image-based management + href: file1.md + - name: Plan items: - name: Plan your Windows 10 deployment @@ -65,179 +106,19 @@ - name: Plan image-based management href: file1.md - - name: Deploy Windows 10 + - name: Deploy items: - - name: Deploy with Windows Autopilot + - name: Deploy Windows 10 items: - - name: Windows Autopilot deployment - href: file1.md - - name: What's new in Windows Autopilot - href: file1.md - - name: Understand Windows Autopilot - items: - - name: Overview - href: file1.md - - name: Requirements - href: file1.md - - name: Scenarios and capabilities - href: file1.md - - name: Get started - href: file1.md - - name: Deployment scenarios - items: - - name: Deployment processes - href: file1.md - - name: User-driven mode - href: file1.md - - name: Self-deploying mode - href: file1.md - - name: Windows Autopilot Reset - href: file1.md - - name: White glove - href: file1.md - - name: Support for existing devices - href: file1.md - - name: Administer Windows Autopilot - items: - - name: Register devices - href: file1.md - - name: Configure device profiles - href: file1.md - - name: Enrollment Status Page - href: file1.md - - name: BitLocker encryption - href: file1.md - - name: DFCI management - href: file1.md - - name: Windows Autopilot update - href: file1.md - - name: Troubleshooting - href: file1.md - - name: Known issues - href: file1.md - - name: Support - items: - - name: FAQ - href: file1.md - - name: Contacts - href: file1.md - - name: Registration authorization - href: file1.md - - name: Device guidelines - href: file1.md - - name: Motherboard replacement - href: file1.md - - name: Deploy with Configuration Manager + - name: Deploy Windows 10 with Autopilot + - name: Deploy Windows 10 with Configuration Manager + - name: Deploy Windows 10 with MDT + - name: Deploy Windows 10 updates items: - - name: Integrate Configuration Manager with MDT - href: file1.md - - name: Prepare for Zero Touch Installation of Windows 10 with Configuration Manager - href: file1.md - - name: Create a custom Windows PE boot image with Configuration Manager - href: file1.md - - name: Add a Windows 10 operating system image using Configuration Manager - href: file1.md - - name: Create an application to deploy with Windows 10 using Configuration Manager - href: file1.md - - name: Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager - href: file1.md - - name: Create a task sequence with Configuration Manager and MDT - href: file1.md - - name: Finalize the operating system configuration for Windows 10 deployment with Configuration Manager - href: file1.md - - name: Deploy Windows 10 using PXE and Configuration Manager - href: file1.md - - name: Monitor the Windows 10 deployment with Configuration Manager - href: file1.md - - name: Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager - href: file1.md - - name: Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager - href: file1.md - - name: Perform an in-place upgrade to Windows 10 using Configuration Manager - href: file1.md - - name: Deploy with the Microsoft Deployment Toolkit - items: - - name: Get started with MDT - href: file1.md - - name: Deploy Windows 10 with MDT - items: - - name: Prepare for deployment with MDT - href: file1.md - - name: Create a Windows 10 reference image - href: file1.md - - name: Deploy a Windows 10 reference image using MDT - href: file1.md - - name: Build a distributed environment for Windows 10 deployment - href: file1.md - - name: Refresh a Windows 7 computer with Windows 10 - href: file1.md - - name: Replace a Windows 7 computer with Windows 10 - href: file1.md - - name: Perform an in-place upgrade to Windows 10 with MDT - href: file1.md - - name: Customize MDT - items: - - name: Configure MDT settings - href: file1.md - - name: Set up MDT for BitLocker - href: file1.md - - name: Configure MDT deployment share rules - href: file1.md - - name: Configure MDT UserExit scripts - href: file1.md - - name: Simulate a Windows 10 deployment in a test environment - href: file1.md - - name: Use the MDT database to state Windows 10 deployment information - href: file1.md - - name: Assign applications using roles in MDT - href: file1.md - - name: Use web services in MDT - href: file1.md - - name: Use Orchestrator runbooks with MDT - href: file1.md - - - name: Manage Windows 10 updates - items: - - name: Manage updates from the cloud - items: - - name: Manage updates with Configuration Manager - items: - - name: Set up rings, channels, optimization, polices - href: file1.md - - name: Perform a pilot deployment (new) - href: file1.md - - name: Perform a broad deployment - href: file1.md - - name: Manage updates with Intune - items: - - name: Set up rings, channels, optimization, polices - href: file1.md - - name: Perform a pilot deployment (new) - href: file1.md - - name: Perform a broad deployment - href: file1.md - - name: Manage with Group Policy - items: - - name: Set up rings, channels, optimization, polices - href: file1.md - - name: Perform a pilot deployment (new) - href: file1.md - - name: Perform a broad deployment - href: file1.md - - name: Manage updates locally - items: - - name: Manage updates with WSUS - href: file1.md - - name: Manage updates using images - href: file1.md - - name: Monitor updates - items: - - name: Monitor updates with Update Compliance - href: file1.md - - name: Monitor updates with Desktop Analytics - href: file1.md - - name: Monitor Delivery Optimization - href: file1.md + - name: Deploy updates with Configuration Manager + - name: Deploy updates with Intune + - name: Deploy updates with WSUS + - name: Deploy updates with Group Policy - name: Reference items: From 515f761bcf51e0e8570eeb6687b66ac29f30e6d4 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Fri, 3 Apr 2020 16:57:20 -0700 Subject: [PATCH 058/338] update --- windows/deployment/TOC.yml | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index dfc5842a40..7ef810630d 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -7,6 +7,10 @@ href: file1.md - name: What's new in Windows 10 deployment href: file1.md + - name: Windows 10 upgrade paths + href: file1.md + - name: Windows 10 edition upgrade + href: file1.md - name: Deployment tools and methods href: file1.md - name: Deployment process posters @@ -32,8 +36,6 @@ href: file1.md - name: Windows 10 infrastructure requirements href: file1.md - - name: Windows 10 volume license media - href: file1.md - name: Plan for volume activation href: file1.md - name: Features removed or planned for replacement @@ -111,8 +113,20 @@ - name: Deploy Windows 10 items: - name: Deploy Windows 10 with Autopilot + items: + - name: Windows Autopilot overview - name: Deploy Windows 10 with Configuration Manager + items: + - name: Deploy to a new device + - name: Refresh a device + - name: Replace a device + - name: In-place upgrade - name: Deploy Windows 10 with MDT + items: + - name: Deploy to a new device + - name: Refresh a device + - name: Replace a device + - name: In-place upgrade - name: Deploy Windows 10 updates items: - name: Deploy updates with Configuration Manager @@ -122,9 +136,7 @@ - name: Reference items: - - name: Windows 10 upgrade paths - href: file1.md - - name: Windows 10 edition upgrade + - name: Windows 10 volume license media href: file1.md - name: Deploy Windows 10 with Microsoft 365 href: file1.md From 94cd2bde7d93198c9e0170ffa2e91de81c060994 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Sun, 5 Apr 2020 11:52:44 +0500 Subject: [PATCH 059/338] Update hello-hybrid-key-trust-prereqs.md --- .../hello-for-business/hello-hybrid-key-trust-prereqs.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index 97c87a6d14..2e296b0040 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -63,7 +63,7 @@ The Windows Hello for Business deployment depends on an enterprise public key in Key trust deployments do not need client issued certificates for on-premises authentication. Active Directory user accounts are automatically configured for public key mapping by Azure AD Connect synchronizing the public key of the registered Windows Hello for Business credential to an attribute on the user's Active Directory object. -The minimum required enterprise certificate authority that can be used with Windows Hello for Business is Windows Server 2012, but you can also use a third-party enterprise certification authority. The detailed requirements for the Domain Controller certificate are shown below. +The minimum required enterprise certificate authority that can be used with Windows Hello for Business is Windows Server 2012, but you can also use a third-party enterprise certification authority. The requirements for the Domain Controller certificate are shown below, more detailed version could be found [here](https://support.microsoft.com/help/291010/requirements-for-domain-controller-certificates-from-a-third-party-ca). * The certificate must have a Certificate Revocation List (CRL) distribution point extension that points to a valid CRL. * Optionally, the certificate Subject section should contain the directory path of the server object (the distinguished name). @@ -71,7 +71,7 @@ The minimum required enterprise certificate authority that can be used with Wind * Optionally, the certificate Basic Constraints section should contain: [Subject Type=End Entity, Path Length Constraint=None]. * The certificate Enhanced Key Usage section must contain Client Authentication (1.3.6.1.5.5.7.3.2), Server Authentication (1.3.6.1.5.5.7.3.1), and KDC Authentication (1.3.6.1.5.2.3.5). * The certificate Subject Alternative Name section must contain the Domain Name System (DNS) name. -* The certificate template must have an extension that has the BMP data value "DomainController". +* The certificate template must have an extension that has the value "DomainController", encoded as a [BMPstring](https://docs.microsoft.com/windows/win32/seccertenroll/about-bmpstring). * The domain controller certificate must be installed in the local computer's certificate store. From 9b08473155898029d0211780c48ecc41e57430a7 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Sun, 5 Apr 2020 15:13:34 +0500 Subject: [PATCH 060/338] Update windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../hello-for-business/hello-hybrid-key-trust-prereqs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index 2e296b0040..cfe007b704 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -63,7 +63,7 @@ The Windows Hello for Business deployment depends on an enterprise public key in Key trust deployments do not need client issued certificates for on-premises authentication. Active Directory user accounts are automatically configured for public key mapping by Azure AD Connect synchronizing the public key of the registered Windows Hello for Business credential to an attribute on the user's Active Directory object. -The minimum required enterprise certificate authority that can be used with Windows Hello for Business is Windows Server 2012, but you can also use a third-party enterprise certification authority. The requirements for the Domain Controller certificate are shown below, more detailed version could be found [here](https://support.microsoft.com/help/291010/requirements-for-domain-controller-certificates-from-a-third-party-ca). +The minimum required Enterprise certificate authority that can be used with Windows Hello for Business is Windows Server 2012, but you can also use a third-party Enterprise certification authority. The requirements for the domain controller certificate are shown below. For more details, see [Requirements for domain controller certificates from a third-party CA](https://support.microsoft.com/help/291010/requirements-for-domain-controller-certificates-from-a-third-party-ca). * The certificate must have a Certificate Revocation List (CRL) distribution point extension that points to a valid CRL. * Optionally, the certificate Subject section should contain the directory path of the server object (the distinguished name). From 326620fd12e9446aeeff16605995c8e36e8464e6 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 17:45:39 -0700 Subject: [PATCH 061/338] test --- windows/deployment/index.yml | 46 ++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index 299997d434..d6f0097a6e 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -92,4 +92,50 @@ landingContent: url: file1.md - text: Article6c url: file1.md + + # Table + - title: Recent ammouncements +- items: + - type: markdown + text: " + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
MessageDate
February 2020 Windows 10, version 1909 and Windows 10, version 1903 \"D\" optional release is available
The February 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 27, 2020
01:30 PM PT
February 2020 Windows \"C\" optional release is available.
The February 2020 optional monthly “C” release for all supported versions of Windows prior to Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 25, 2020
08:00 AM PT
Status of February 2020 “C” release
The optional monthly “C” release for February 2020 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 21, 2020
12:00 PM PT
Compatibility issue with some Windows Server container images
If you are encountering issues with Windows Server container images, please see KB4542617.
February 13, 2020
03:21 PM PT
Take action: February 2020 security update available for all supported versions of Windows
The February 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
February 11, 2020
08:00 AM PT
Take action: ESU security updates available for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2
Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 reached end of support on January 14, 2020. For customers who have purchased Extended Security Updates (ESU), the first monthly ESU security updates are now available. If your organization has not yet been able to complete your transition to Windows 10, Windows Server 2016, or Windows Server 2019 and want to continue to receive security updates for your current version of Windows, you will need to purchase Extended Security Updates. For information on how to do so, please see How to get Extended Security Updates for eligible Windows devices, Windows 7 ESU frequently ask questions, and Windows Server 2008 R2 SP1 and Windows Server 2008 SP2 ESU frequently asked questions.

We recommend ESU customers review the applicable KB article below for prerequisites and other important information you will need to deploy these updates.

The following updates were released today for Windows Server 2008 SP2:
The following updates were released today for Windows 7 SP1 and Windows Server 2008 R2 SP1:
February 11, 2020
08:00 AM PT
Resolved: Windows Search shows blank box
We are aware of a temporary server-side issue causing Windows search to show a blank box. This issue has been resolved for most users and in some cases, you might need to restart your device. We are working diligently to fully resolve the issue and will provide an update once resolved. 

This issue was resolved at 12:00 PM PST. If you are still experiencing issues, please restart your device. In rare cases, to mitigate this issue you may need to manually end the SearchUI.exe or SearchApp.exe process via Task Manager. (To locate these processes, select CTRL + Shift + Esc then select the Details tab.) If you have restarted and tried the previous mitigations and are still encountering issues with Windows Search, you are not experiencing the issue described here. Please see Fix problems in Windows Search for other mitigations.
February 05, 2020
12:00 PM PT
January 2020 Windows 10, version 1909 \"D\" optional release is available.
The January 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
January 28, 2020
08:00 AM PT
January 2020 Windows \"C\" optional release is available.
The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
January 23, 2020
12:00 PM PT
Windows 7 has reached end of support
Windows 7 reached end of support on January 14, 2020. If your organization has not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read How to get Extended Security Updates for eligible Windows devices. For more information on end of service dates for currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
January 15, 2020
10:00 AM PT
Take action: January 2020 security update available for all supported versions of Windows
The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
January 14, 2020
08:00 AM PT
Advisory: Windows CryptoAPI certificate validation vulnerability
On January 14, 2020, Microsoft released security updates to address an elliptic-curve cryptography (ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10 operating system, client and server. While we have not observed an attack exploiting this vulnerability, we recommend that you apply this update to all of your Windows 10 devices with priority. Here is what you need to know:
  • If you are running a supported version of Windows 10 and have automatic updates enabled, you are automatically protected and do not need to take any further action.
  • If you are managing updates on behalf of your organization, you should download the latest updates from the Microsoft Security Update Guide and apply those updates to your Windows 10 devices and servers as soon as possible.
If you are running an unsupported version of Windows 10, we recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections. For more information about this vulnerability, see the Microsoft Security Guidance for CVE-2020-0601 and the Microsoft Security Response Center blog, January 2020 Security Updates: CVE-2020-0601.
January 14, 2020
08:00 AM PT
Take action: December 2019 security update available for all supported versions of Windows
The December 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
December 10, 2019
08:00 AM PT
Timing of Windows 10 optional update releases (December 2019)
For the balance of this calendar year, there will be no optional non-security “C” and “D” releases for Windows 10. The \"C\" releases normally target the third week of the month, with \"D\" releases targeting the fourth week. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer.
December 10, 2019
08:00 AM PT
Windows 10, version 1909 now available
Learn how to get Windows 10, version 1909 (the November 2019 Update), and explore how we’ve worked to make this a great experience for all devices, including a new, streamlined (and fast) update experience for devices updating directly from the May 2019 Update.
November 12, 2019
10:00 AM PT
Windows 10, version 1909 delivery options
Learn how devices running Windows 10, version 1903 can update to Windows 10, version 1909 using the same servicing technology used to deliver monthly quality updates, resulting in a single restart and reducing update-related downtime.
November 12, 2019
10:00 AM PT
What’s new for IT pros in Windows 10, version 1909
Explore the latest features for IT, get information about media availability and related tools, and find answers to frequently asked questions.
November 12, 2019
10:00 AM PT
Take action: November 2019 security update available for all supported versions of Windows
The November 2019 security update release, referred to as our “B” release, is now available for all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
November 12, 2019
10:00 AM PT
Timing of Windows 10 optional update releases (November/December 2019)
For the balance of this calendar year, there will be no optional non-security “C” and “D” releases for Windows 10. The \"C\" releases normally target the third week of the month, with \"D\" releases targeting the fourth week. Note There will be a December Security Update Tuesday release, as usual. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer
November 12, 2019
10:00 AM PT
Windows 10, version 1803 Home and Pro editions have reached end of service
Windows 10, version 1803 (the April 2018 Update) Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update (with users having the ability to choose a convenient time); keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. For more information on end of service dates for currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
November 12, 2019
10:00 AM PT
October 2019 Windows 10, version 1903 \"D\" optional release is available.
The October 2019 optional monthly “D” release for Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
October 24, 2019
08:00 AM PT
October 2019 Windows \"C\" optional release is available.
The October 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
October 15, 2019
09:59 AM PT
Windows 10, version 1703 has reached end of service
Consumer and commercial editions of Windows 10, version 1703 have reached end of service. As devices running these editions are no longer receiving monthly security and quality updates containing protections from the latest security threats, we recommend that you update these devices to the latest version of Windows 10 immediately. For more information on end of service dates for currently supported versions of Windows 10, see the Windows lifecycle fact sheet.

Note The Windows 10, version 1703 section will be removed from this dashboard on November 12, 2019.
October 09, 2019
12:00 PM PT
Take Action: October 2019 security update available for all supported versions of Windows
The October 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
 
October 08, 2019
08:00 AM PT
Take action: Security update available for all supported versions of Windows
On October 3, 2019, Microsoft expanded delivery of the out-of-band Internet Explorer scripting engine security vulnerability (CVE-2019-1367) update released on September 23, 2019 to Windows Update and Windows Server Update Services (WSUS). This is now a required security update for all supported versions of Windows as it includes the Internet Explorer scripting engine vulnerability mitigation and corrects a recent printing issue some users have experienced. All customers using Windows Update or WSUS will be offered this update automatically. We recommend that you install this update as soon as a possible, then restart your PC to fully apply the mitigations and help secure your devices. As with all cumulative updates, this update supersedes any preceding update.
 
Note: This update does not replace the standard October 2019 monthly security update release, which is scheduled for October 8, 2019.
October 03, 2019
08:00 AM PT
September 2019 Windows 10, version 1903 \"D\" optional release is available
The September 2019 optional monthly “D” release for Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
September 26, 2019
02:00 PM PT
Status update: September 2019 Windows \"C\" optional release available
The September 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
September 24, 2019
08:10 AM PT
Plan for change: Windows Media Center Electronic Program Guide retiring in January 2020
Starting in January 2020, Microsoft is retiring its Electronic Program Guide (EPG) service for all versions of Windows Media Center. To continue receiving TV Program Guide information on your Windows Media Center, you’ll need to configure an alternate TV listing provider.
September 24, 2019
08:00 AM PT
Status of September 2019 “C” release
The optional monthly “C” release for September 2019 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
September 19, 2019
04:11 PM PT
Plan for change: End of service reminders for Windows 10, versions 1703 and 1803
The Enterprise and Education editions of Windows 10, version 1703 (the Creators Update) will reach end of service on October 8, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions of Windows 10, version 1803 (the April 2018 Update) will reach end of service on November 12, 2019. We recommend that you update devices running these versions and editions to the latest version of Windows 10—Windows 10, version 1903—as soon as possible to help keep them protected and your environments secure.
September 13, 2019
03:23 PM PT
September 2019 security update available for all supported versions of Windows
The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
September 10, 2019
09:34 AM PT
Status update: Windows 10, version 1903 \"D\" optional release available August 30th
The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
August 30, 2019
08:00 AM PT
Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
August 29, 2019
04:39 PM PT
Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
August 29, 2019
08:00 AM PT
Windows 10, version 1903 rollout begins
The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.		May 21, 2019
10:00 AM PT
+ " + \ No newline at end of file From 04138cb264244c81d7b9830923a994dda950e03e Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 17:53:28 -0700 Subject: [PATCH 062/338] test2 --- windows/deployment/index.yml | 46 +++++------------------------------- 1 file changed, 6 insertions(+), 40 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index d6f0097a6e..522cb55b03 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -95,47 +95,13 @@ landingContent: # Table - title: Recent ammouncements -- items: - - type: markdown - text: " - + - items: + - type: markdown + text: " +
MessageDate
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
MessageDate
February 2020 Windows 10, version 1909 and Windows 10, version 1903 \"D\" optional release is available
The February 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 27, 2020
01:30 PM PT
February 2020 Windows \"C\" optional release is available.
The February 2020 optional monthly “C” release for all supported versions of Windows prior to Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 25, 2020
08:00 AM PT
Status of February 2020 “C” release
The optional monthly “C” release for February 2020 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 21, 2020
12:00 PM PT
Compatibility issue with some Windows Server container images
If you are encountering issues with Windows Server container images, please see KB4542617.
February 13, 2020
03:21 PM PT
Take action: February 2020 security update available for all supported versions of Windows
The February 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
February 11, 2020
08:00 AM PT
Take action: ESU security updates available for Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2
Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 reached end of support on January 14, 2020. For customers who have purchased Extended Security Updates (ESU), the first monthly ESU security updates are now available. If your organization has not yet been able to complete your transition to Windows 10, Windows Server 2016, or Windows Server 2019 and want to continue to receive security updates for your current version of Windows, you will need to purchase Extended Security Updates. For information on how to do so, please see How to get Extended Security Updates for eligible Windows devices, Windows 7 ESU frequently ask questions, and Windows Server 2008 R2 SP1 and Windows Server 2008 SP2 ESU frequently asked questions.

We recommend ESU customers review the applicable KB article below for prerequisites and other important information you will need to deploy these updates.

The following updates were released today for Windows Server 2008 SP2:
The following updates were released today for Windows 7 SP1 and Windows Server 2008 R2 SP1:
February 11, 2020
08:00 AM PT
Resolved: Windows Search shows blank box
We are aware of a temporary server-side issue causing Windows search to show a blank box. This issue has been resolved for most users and in some cases, you might need to restart your device. We are working diligently to fully resolve the issue and will provide an update once resolved. 

This issue was resolved at 12:00 PM PST. If you are still experiencing issues, please restart your device. In rare cases, to mitigate this issue you may need to manually end the SearchUI.exe or SearchApp.exe process via Task Manager. (To locate these processes, select CTRL + Shift + Esc then select the Details tab.) If you have restarted and tried the previous mitigations and are still encountering issues with Windows Search, you are not experiencing the issue described here. Please see Fix problems in Windows Search for other mitigations.
February 05, 2020
12:00 PM PT
January 2020 Windows 10, version 1909 \"D\" optional release is available.
The January 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
January 28, 2020
08:00 AM PT
January 2020 Windows \"C\" optional release is available.
The January 2020 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
January 23, 2020
12:00 PM PT
Windows 7 has reached end of support
Windows 7 reached end of support on January 14, 2020. If your organization has not yet been able to complete your transition from Windows 7 to Windows 10, and want to continue to receive security updates while you complete your upgrade projects, please read How to get Extended Security Updates for eligible Windows devices. For more information on end of service dates for currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
January 15, 2020
10:00 AM PT
Take action: January 2020 security update available for all supported versions of Windows
The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
January 14, 2020
08:00 AM PT
Advisory: Windows CryptoAPI certificate validation vulnerability
On January 14, 2020, Microsoft released security updates to address an elliptic-curve cryptography (ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10 operating system, client and server. While we have not observed an attack exploiting this vulnerability, we recommend that you apply this update to all of your Windows 10 devices with priority. Here is what you need to know:
  • If you are running a supported version of Windows 10 and have automatic updates enabled, you are automatically protected and do not need to take any further action.
  • If you are managing updates on behalf of your organization, you should download the latest updates from the Microsoft Security Update Guide and apply those updates to your Windows 10 devices and servers as soon as possible.
If you are running an unsupported version of Windows 10, we recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections. For more information about this vulnerability, see the Microsoft Security Guidance for CVE-2020-0601 and the Microsoft Security Response Center blog, January 2020 Security Updates: CVE-2020-0601.
January 14, 2020
08:00 AM PT
Take action: December 2019 security update available for all supported versions of Windows
The December 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
December 10, 2019
08:00 AM PT
Timing of Windows 10 optional update releases (December 2019)
For the balance of this calendar year, there will be no optional non-security “C” and “D” releases for Windows 10. The \"C\" releases normally target the third week of the month, with \"D\" releases targeting the fourth week. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer.
December 10, 2019
08:00 AM PT
Windows 10, version 1909 now available
Learn how to get Windows 10, version 1909 (the November 2019 Update), and explore how we’ve worked to make this a great experience for all devices, including a new, streamlined (and fast) update experience for devices updating directly from the May 2019 Update.
November 12, 2019
10:00 AM PT
Windows 10, version 1909 delivery options
Learn how devices running Windows 10, version 1903 can update to Windows 10, version 1909 using the same servicing technology used to deliver monthly quality updates, resulting in a single restart and reducing update-related downtime.
November 12, 2019
10:00 AM PT
What’s new for IT pros in Windows 10, version 1909
Explore the latest features for IT, get information about media availability and related tools, and find answers to frequently asked questions.
November 12, 2019
10:00 AM PT
Take action: November 2019 security update available for all supported versions of Windows
The November 2019 security update release, referred to as our “B” release, is now available for all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
November 12, 2019
10:00 AM PT
Timing of Windows 10 optional update releases (November/December 2019)
For the balance of this calendar year, there will be no optional non-security “C” and “D” releases for Windows 10. The \"C\" releases normally target the third week of the month, with \"D\" releases targeting the fourth week. Note There will be a December Security Update Tuesday release, as usual. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer
November 12, 2019
10:00 AM PT
Windows 10, version 1803 Home and Pro editions have reached end of service
Windows 10, version 1803 (the April 2018 Update) Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update (with users having the ability to choose a convenient time); keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. For more information on end of service dates for currently supported versions of Windows 10, see the Windows lifecycle fact sheet.
November 12, 2019
10:00 AM PT
October 2019 Windows 10, version 1903 \"D\" optional release is available.
The October 2019 optional monthly “D” release for Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
October 24, 2019
08:00 AM PT
October 2019 Windows \"C\" optional release is available.
The October 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
October 15, 2019
09:59 AM PT
Windows 10, version 1703 has reached end of service
Consumer and commercial editions of Windows 10, version 1703 have reached end of service. As devices running these editions are no longer receiving monthly security and quality updates containing protections from the latest security threats, we recommend that you update these devices to the latest version of Windows 10 immediately. For more information on end of service dates for currently supported versions of Windows 10, see the Windows lifecycle fact sheet.

Note The Windows 10, version 1703 section will be removed from this dashboard on November 12, 2019.
October 09, 2019
12:00 PM PT
Take Action: October 2019 security update available for all supported versions of Windows
The October 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
 
October 08, 2019
08:00 AM PT
Take action: Security update available for all supported versions of Windows
On October 3, 2019, Microsoft expanded delivery of the out-of-band Internet Explorer scripting engine security vulnerability (CVE-2019-1367) update released on September 23, 2019 to Windows Update and Windows Server Update Services (WSUS). This is now a required security update for all supported versions of Windows as it includes the Internet Explorer scripting engine vulnerability mitigation and corrects a recent printing issue some users have experienced. All customers using Windows Update or WSUS will be offered this update automatically. We recommend that you install this update as soon as a possible, then restart your PC to fully apply the mitigations and help secure your devices. As with all cumulative updates, this update supersedes any preceding update.
 
Note: This update does not replace the standard October 2019 monthly security update release, which is scheduled for October 8, 2019.
October 03, 2019
08:00 AM PT
September 2019 Windows 10, version 1903 \"D\" optional release is available
The September 2019 optional monthly “D” release for Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
September 26, 2019
02:00 PM PT
Status update: September 2019 Windows \"C\" optional release available
The September 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
September 24, 2019
08:10 AM PT
Plan for change: Windows Media Center Electronic Program Guide retiring in January 2020
Starting in January 2020, Microsoft is retiring its Electronic Program Guide (EPG) service for all versions of Windows Media Center. To continue receiving TV Program Guide information on your Windows Media Center, you’ll need to configure an alternate TV listing provider.
September 24, 2019
08:00 AM PT
Status of September 2019 “C” release
The optional monthly “C” release for September 2019 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
September 19, 2019
04:11 PM PT
Plan for change: End of service reminders for Windows 10, versions 1703 and 1803
The Enterprise and Education editions of Windows 10, version 1703 (the Creators Update) will reach end of service on October 8, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions of Windows 10, version 1803 (the April 2018 Update) will reach end of service on November 12, 2019. We recommend that you update devices running these versions and editions to the latest version of Windows 10—Windows 10, version 1903—as soon as possible to help keep them protected and your environments secure.
September 13, 2019
03:23 PM PT
September 2019 security update available for all supported versions of Windows
The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
September 10, 2019
09:34 AM PT
Status update: Windows 10, version 1903 \"D\" optional release available August 30th
The August optional monthly “D” release for Windows 10, version 1903 is now available. Follow @WindowsUpdate for the latest on the availability of this release.
August 30, 2019
08:00 AM PT
Feature update install notification on Windows 10, version 1809 (the October 2018 Update)
We've had reports on August 29th that some customers running Windows 10, version 1809 (the October 2018 Update) have received notification to install the latest feature update (version 1903) early. Updating remains in your control. To install the update, you must select one of the following options: \"Pick a Time\", \"Restart Tonight,\" or \"Restart Now\". If you are not ready to update at this time, simply dismiss the notification by clicking the arrow in the top right corner. If you have updated to Windows 10, version 1903 and would like to go back to your previous version, see the instructions here.
August 29, 2019
04:39 PM PT
Take Action: Internet Explorer 11 now available on Windows Update/WSUS for Windows Server 2012 and Windows Embedded 8 Standard
Internet Explorer 11 (KB 4492872) is now available via Windows Update (WU) and Windows Server Update Services (WSUS) for commercial customers running Windows Server 2012 and Windows Embedded 8 Standard. For details about these changes and end of support for IE10, please refer to the IT Pro blog
August 29, 2019
08:00 AM PT
Windows 10, version 1903 rollout begins
The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.		May 21, 2019
10:00 AM PT
+ Message 1Date 1 + " \ No newline at end of file From 6a9772b872c901ed863539ad4874bdc9f1d35cf9 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 18:46:54 -0700 Subject: [PATCH 063/338] test3 --- windows/deployment/index.yml | 10 --- windows/deployment/index2.yml | 103 +++++++++++++++++++++++++++++ windows/deployment/index3.yml | 120 ++++++++++++++++++++++++++++++++++ 3 files changed, 223 insertions(+), 10 deletions(-) create mode 100644 windows/deployment/index2.yml create mode 100644 windows/deployment/index3.yml diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index 522cb55b03..2300f7acdb 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -93,15 +93,5 @@ landingContent: - text: Article6c url: file1.md - # Table - - title: Recent ammouncements - - items: - - type: markdown - text: " - - - -
MessageDate
Message 1Date 1
- " \ No newline at end of file diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml new file mode 100644 index 0000000000..2a8037d23a --- /dev/null +++ b/windows/deployment/index2.yml @@ -0,0 +1,103 @@ +### YamlMime:Landing + +title: Windows 10 deployment resources and documentation # < 60 chars +summary: Learn about deploying and and keeping Windows 10 up to date. # < 160 chars + +metadata: + title: Windows 10 deployment resources and documentation # Required; page title displayed in search results. Include the brand. < 60 chars. + description: Learn about deploying Windows 10 and keeping it up to date in your organization. # Required; article description that is displayed in search results. < 160 chars. + services: windows-10 + ms.service: windows-10 #Required; service per approved list. service slug assigned to your service by ACOM. + ms.subservice: subservice + ms.topic: landing-page # Required + ms.collection: windows-10 + author: greg-lindsay #Required; your GitHub user alias, with correct capitalization. + ms.author: greglin #Required; microsoft alias of author; optional team alias. + ms.date: 09/13/2019 #Required; mm/dd/yyyy format. + localization_priority: medium + +# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new + +landingContent: +# Cards and links should be based on top customer tasks or top subjects +# Start card title with a verb + # Card (optional) + - title: Title1 + linkLists: + - linkListType: overview + links: + - text: Article1a + url: file1.md + - text: Article1b + url: file1.md + - text: Article1c + url: file1.md + + # Card (optional) + - title: Title2 + linkLists: + - linkListType: overview + links: + - text: Article2a + url: file1.md + - text: Article2b + url: file1.md + - text: Article2c + url: file1.md + + # Card (optional) + - title: Title3 + linkLists: + - linkListType: overview + links: + - text: Article3a + url: file1.md + - text: Article3b + url: file1.md + - text: Article3c + url: file1.md + + # Card + - title: Title4 + linkLists: + - linkListType: overview + links: + - text: Article4a + url: file1.md + - text: Article4b + url: file1.md + - text: Article4c + url: file1.md + + # Card + - title: Title5 + linkLists: + - linkListType: overview + links: + - text: Article5a + url: file1.md + - text: Article5b + url: file1.md + - text: Article5c + url: file1.md + + # Card (optional) + - title: Title6 + linkLists: + - linkListType: overview + links: + - text: Article6a + url: file1.md + - text: Article6b + url: file1.md + - text: Article6c + url: file1.md + +summary: " + + + +
MessageDate
Message 1Date 1
+ " + + \ No newline at end of file diff --git a/windows/deployment/index3.yml b/windows/deployment/index3.yml new file mode 100644 index 0000000000..624d771007 --- /dev/null +++ b/windows/deployment/index3.yml @@ -0,0 +1,120 @@ +### YamlMime:Landing + +title: Windows 10 deployment resources and documentation # < 60 chars +summary: Learn about deploying and and keeping Windows 10 up to date. # < 160 chars + +metadata: + title: Windows 10 deployment resources and documentation # Required; page title displayed in search results. Include the brand. < 60 chars. + description: Learn about deploying Windows 10 and keeping it up to date in your organization. # Required; article description that is displayed in search results. < 160 chars. + services: windows-10 + ms.service: windows-10 #Required; service per approved list. service slug assigned to your service by ACOM. + ms.subservice: subservice + ms.topic: landing-page # Required + ms.collection: windows-10 + author: greg-lindsay #Required; your GitHub user alias, with correct capitalization. + ms.author: greglin #Required; microsoft alias of author; optional team alias. + ms.date: 09/13/2019 #Required; mm/dd/yyyy format. + localization_priority: medium + +# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new + +sections: + +- items: +- title: Recent announcements +- items: + - type: markdown + text: " + + + +
MessageDate
Message 1Date 1
+ + +landingContent: +# Cards and links should be based on top customer tasks or top subjects +# Start card title with a verb + # Card (optional) + - title: Title1 + linkLists: + - linkListType: overview + links: + - text: Article1a + url: file1.md + - text: Article1b + url: file1.md + - text: Article1c + url: file1.md + + # Card (optional) + - title: Title2 + linkLists: + - linkListType: overview + links: + - text: Article2a + url: file1.md + - text: Article2b + url: file1.md + - text: Article2c + url: file1.md + + # Card (optional) + - title: Title3 + linkLists: + - linkListType: overview + links: + - text: Article3a + url: file1.md + - text: Article3b + url: file1.md + - text: Article3c + url: file1.md + + # Card + - title: Title4 + linkLists: + - linkListType: overview + links: + - text: Article4a + url: file1.md + - text: Article4b + url: file1.md + - text: Article4c + url: file1.md + + # Card + - title: Title5 + linkLists: + - linkListType: overview + links: + - text: Article5a + url: file1.md + - text: Article5b + url: file1.md + - text: Article5c + url: file1.md + + # Card (optional) + - title: Title6 + linkLists: + - linkListType: overview + links: + - text: Article6a + url: file1.md + - text: Article6b + url: file1.md + - text: Article6c + url: file1.md + + # Table + - title: Recent ammouncements + - items: + - type: markdown + text: " + + + +
MessageDate
Message 1Date 1
+ " + + \ No newline at end of file From 4de3aa70b8a84539d1284c41ee26a5ba3f0e68b5 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 19:04:09 -0700 Subject: [PATCH 064/338] test4 --- windows/deployment/index3.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/windows/deployment/index3.yml b/windows/deployment/index3.yml index 624d771007..f2bf7c85b1 100644 --- a/windows/deployment/index3.yml +++ b/windows/deployment/index3.yml @@ -106,15 +106,5 @@ landingContent: - text: Article6c url: file1.md - # Table - - title: Recent ammouncements - - items: - - type: markdown - text: " - - - -
MessageDate
Message 1Date 1
- " \ No newline at end of file From 542614c92a386321a650b95b38bad73e0afdfd9f Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 19:18:21 -0700 Subject: [PATCH 065/338] test5 --- windows/deployment/index3.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/index3.yml b/windows/deployment/index3.yml index f2bf7c85b1..3ccf91d6f3 100644 --- a/windows/deployment/index3.yml +++ b/windows/deployment/index3.yml @@ -28,7 +28,7 @@ sections: -
MessageDate
Message 1Date 1
+ " landingContent: From 3baa06b96ef1add3636e3c6dcd0e31e5ec9280a1 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 19:22:59 -0700 Subject: [PATCH 066/338] index2 only --- windows/deployment/index3.yml | 110 ---------------------------------- 1 file changed, 110 deletions(-) delete mode 100644 windows/deployment/index3.yml diff --git a/windows/deployment/index3.yml b/windows/deployment/index3.yml deleted file mode 100644 index 3ccf91d6f3..0000000000 --- a/windows/deployment/index3.yml +++ /dev/null @@ -1,110 +0,0 @@ -### YamlMime:Landing - -title: Windows 10 deployment resources and documentation # < 60 chars -summary: Learn about deploying and and keeping Windows 10 up to date. # < 160 chars - -metadata: - title: Windows 10 deployment resources and documentation # Required; page title displayed in search results. Include the brand. < 60 chars. - description: Learn about deploying Windows 10 and keeping it up to date in your organization. # Required; article description that is displayed in search results. < 160 chars. - services: windows-10 - ms.service: windows-10 #Required; service per approved list. service slug assigned to your service by ACOM. - ms.subservice: subservice - ms.topic: landing-page # Required - ms.collection: windows-10 - author: greg-lindsay #Required; your GitHub user alias, with correct capitalization. - ms.author: greglin #Required; microsoft alias of author; optional team alias. - ms.date: 09/13/2019 #Required; mm/dd/yyyy format. - localization_priority: medium - -# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new - -sections: - -- items: -- title: Recent announcements -- items: - - type: markdown - text: " - - - -
MessageDate
Message 1Date 1
" - - -landingContent: -# Cards and links should be based on top customer tasks or top subjects -# Start card title with a verb - # Card (optional) - - title: Title1 - linkLists: - - linkListType: overview - links: - - text: Article1a - url: file1.md - - text: Article1b - url: file1.md - - text: Article1c - url: file1.md - - # Card (optional) - - title: Title2 - linkLists: - - linkListType: overview - links: - - text: Article2a - url: file1.md - - text: Article2b - url: file1.md - - text: Article2c - url: file1.md - - # Card (optional) - - title: Title3 - linkLists: - - linkListType: overview - links: - - text: Article3a - url: file1.md - - text: Article3b - url: file1.md - - text: Article3c - url: file1.md - - # Card - - title: Title4 - linkLists: - - linkListType: overview - links: - - text: Article4a - url: file1.md - - text: Article4b - url: file1.md - - text: Article4c - url: file1.md - - # Card - - title: Title5 - linkLists: - - linkListType: overview - links: - - text: Article5a - url: file1.md - - text: Article5b - url: file1.md - - text: Article5c - url: file1.md - - # Card (optional) - - title: Title6 - linkLists: - - linkListType: overview - links: - - text: Article6a - url: file1.md - - text: Article6b - url: file1.md - - text: Article6c - url: file1.md - - - \ No newline at end of file From 1f2c7618b0e939f6fa6acfb7fb64879b20d07c1b Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 19:23:33 -0700 Subject: [PATCH 067/338] index3 only --- windows/deployment/{index2.yml => index3.yml} | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) rename windows/deployment/{index2.yml => index3.yml} (91%) diff --git a/windows/deployment/index2.yml b/windows/deployment/index3.yml similarity index 91% rename from windows/deployment/index2.yml rename to windows/deployment/index3.yml index 2a8037d23a..3ccf91d6f3 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index3.yml @@ -18,6 +18,19 @@ metadata: # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new +sections: + +- items: +- title: Recent announcements +- items: + - type: markdown + text: " + + + +
MessageDate
Message 1Date 1
" + + landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb @@ -93,11 +106,5 @@ landingContent: - text: Article6c url: file1.md -summary: " - - - -
MessageDate
Message 1Date 1
- " \ No newline at end of file From d8b958609e09eac1b47eb101c3b5960b17fbb5e9 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 19:53:01 -0700 Subject: [PATCH 068/338] index2 only --- windows/deployment/{index3.yml => index2.yml} | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) rename windows/deployment/{index3.yml => index2.yml} (91%) diff --git a/windows/deployment/index3.yml b/windows/deployment/index2.yml similarity index 91% rename from windows/deployment/index3.yml rename to windows/deployment/index2.yml index 3ccf91d6f3..2a8037d23a 100644 --- a/windows/deployment/index3.yml +++ b/windows/deployment/index2.yml @@ -18,19 +18,6 @@ metadata: # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new -sections: - -- items: -- title: Recent announcements -- items: - - type: markdown - text: " - - - -
MessageDate
Message 1Date 1
" - - landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb @@ -106,5 +93,11 @@ landingContent: - text: Article6c url: file1.md +summary: " + + + +
MessageDate
Message 1Date 1
+ " \ No newline at end of file From cf41556c0030ed460ed72e5193f44bf50bc5ee2e Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 21:21:09 -0700 Subject: [PATCH 069/338] index2 only --- windows/deployment/index2.yml | 134 +++++++++------------------------- 1 file changed, 36 insertions(+), 98 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index 2a8037d23a..c62fab82e7 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -1,103 +1,41 @@ -### YamlMime:Landing +### YamlMime:Hub -title: Windows 10 deployment resources and documentation # < 60 chars -summary: Learn about deploying and and keeping Windows 10 up to date. # < 160 chars +title: Sample page +summary: Summary metadata: - title: Windows 10 deployment resources and documentation # Required; page title displayed in search results. Include the brand. < 60 chars. - description: Learn about deploying Windows 10 and keeping it up to date in your organization. # Required; article description that is displayed in search results. < 160 chars. - services: windows-10 - ms.service: windows-10 #Required; service per approved list. service slug assigned to your service by ACOM. - ms.subservice: subservice - ms.topic: landing-page # Required - ms.collection: windows-10 - author: greg-lindsay #Required; your GitHub user alias, with correct capitalization. - ms.author: greglin #Required; microsoft alias of author; optional team alias. - ms.date: 09/13/2019 #Required; mm/dd/yyyy format. - localization_priority: medium - -# linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new + title: Sample page + description: Example hub page + ms.service: help + ms.topic: hub-page + author: greg-lindsay + ms.author: greglin + ms.date: 4/9/2020 -landingContent: -# Cards and links should be based on top customer tasks or top subjects -# Start card title with a verb - # Card (optional) - - title: Title1 - linkLists: - - linkListType: overview - links: - - text: Article1a - url: file1.md - - text: Article1b - url: file1.md - - text: Article1c - url: file1.md +additionalContent: + sections: + - items: + # Card + - title: Item 1 + summary: Summary 1 + url: https://www.microsoft.com + # Card + - title: Item 2 + summary: Summary 2 + url: https://www.microsoft.com + # Card + - title: Item 3 + summary: Summary 3 + url: https://www.microsoft.com + # Card + - title: Item 4 + summary: Summary 4 + url: https://www.microsoft.com - # Card (optional) - - title: Title2 - linkLists: - - linkListType: overview - links: - - text: Article2a - url: file1.md - - text: Article2b - url: file1.md - - text: Article2c - url: file1.md - - # Card (optional) - - title: Title3 - linkLists: - - linkListType: overview - links: - - text: Article3a - url: file1.md - - text: Article3b - url: file1.md - - text: Article3c - url: file1.md - - # Card - - title: Title4 - linkLists: - - linkListType: overview - links: - - text: Article4a - url: file1.md - - text: Article4b - url: file1.md - - text: Article4c - url: file1.md - - # Card - - title: Title5 - linkLists: - - linkListType: overview - links: - - text: Article5a - url: file1.md - - text: Article5b - url: file1.md - - text: Article5c - url: file1.md - - # Card (optional) - - title: Title6 - linkLists: - - linkListType: overview - links: - - text: Article6a - url: file1.md - - text: Article6b - url: file1.md - - text: Article6c - url: file1.md - -summary: " - - - -
MessageDate
Message 1Date 1
- " - - \ No newline at end of file +footer: +- items: + - type: markdown + text: " + +
ItemDate
14-9-2020
+ " \ No newline at end of file From f384ffd09fa90a92f4d59079f001ca23b531dd90 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 21:32:53 -0700 Subject: [PATCH 070/338] index2 only --- windows/deployment/index2.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index c62fab82e7..58341a9818 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -32,10 +32,10 @@ additionalContent: summary: Summary 4 url: https://www.microsoft.com -footer: -- items: - - type: markdown - text: " - -
ItemDate
14-9-2020
- " \ No newline at end of file + footer: + - items: + - type: markdown + text: " + +
ItemDate
14-9-2020
+ " \ No newline at end of file From 81c948f1f4dbcb52dbbccfa52112316befe4f981 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 21:58:07 -0700 Subject: [PATCH 071/338] index2 footer --- windows/deployment/index2.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index 58341a9818..f585de455d 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -32,10 +32,10 @@ additionalContent: summary: Summary 4 url: https://www.microsoft.com - footer: - - items: - - type: markdown - text: " - -
ItemDate
14-9-2020
- " \ No newline at end of file + - footer: + - items: + - type: markdown + text: " + +
ItemDate
14-9-2020
+ " \ No newline at end of file From 36764369c274d35dd7ca0bc43c4ff2d42aff3968 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 23:21:59 -0700 Subject: [PATCH 072/338] index2 footer --- windows/deployment/index2.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index f585de455d..c7e5f378c2 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -13,6 +13,13 @@ metadata: ms.date: 4/9/2020 additionalContent: + footer: + - items: + - type: markdown + text: " + +
ItemDate
14-9-2020
+ " sections: - items: # Card @@ -32,10 +39,3 @@ additionalContent: summary: Summary 4 url: https://www.microsoft.com - - footer: - - items: - - type: markdown - text: " - -
ItemDate
14-9-2020
- " \ No newline at end of file From 74ff383c5fa841f22365eea4a62a2e1c2ce280da Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 23:42:16 -0700 Subject: [PATCH 073/338] index2 footer --- windows/deployment/index2.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index c7e5f378c2..e3f3737bb4 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -13,13 +13,7 @@ metadata: ms.date: 4/9/2020 additionalContent: - footer: - - items: - - type: markdown - text: " - -
ItemDate
14-9-2020
- " + sections: - items: # Card @@ -38,4 +32,7 @@ additionalContent: - title: Item 4 summary: Summary 4 url: https://www.microsoft.com - + footer: " + +
ItemDate
14-9-2020
+ " From 36be5114caf7b3263a278c7007f592a8f83930c8 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 23:49:26 -0700 Subject: [PATCH 074/338] index2 footer --- windows/deployment/index2.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index e3f3737bb4..f879a63205 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -32,7 +32,12 @@ additionalContent: - title: Item 4 summary: Summary 4 url: https://www.microsoft.com - footer: " - -
ItemDate
14-9-2020
- " + - type: markdown + text: " + Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + + +
Current status as of January 21, 2020:
Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
 
We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.
 
Note follow @WindowsUpdate on Twitter to find out when new content is published to the release information dashboard.
+
+ + " From 2263640e87a6b00f23b84230d5cf30d561d6f30a Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Thu, 9 Apr 2020 23:50:43 -0700 Subject: [PATCH 075/338] index2 footer --- windows/deployment/index2.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index f879a63205..f812788b47 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -32,12 +32,12 @@ additionalContent: - title: Item 4 summary: Summary 4 url: https://www.microsoft.com - - type: markdown - text: " - Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). + - type: markdown + text: " + Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). - -
Current status as of January 21, 2020:
Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
 
We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.
 
Note follow @WindowsUpdate on Twitter to find out when new content is published to the release information dashboard.
-
+ +
Current status as of January 21, 2020:
Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
 
We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.
 
Note follow @WindowsUpdate on Twitter to find out when new content is published to the release information dashboard.
+
- " + " From 88ea25b818809438cf1359ce7a53850a8ec7af7d Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Fri, 10 Apr 2020 00:14:31 -0700 Subject: [PATCH 076/338] index2 working? --- windows/deployment/index2.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index f812788b47..8af9a63a8f 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -32,12 +32,9 @@ additionalContent: - title: Item 4 summary: Summary 4 url: https://www.microsoft.com - - type: markdown - text: " - Find information on known issues and the status of the rollout for Windows 10, version 1909 and Windows Server, version 1909. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). - - -
Current status as of January 21, 2020:
Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
 
We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.
 
Note follow @WindowsUpdate on Twitter to find out when new content is published to the release information dashboard.
-
+ footer: " + +
Current status as of January 21, 2020:
Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
 
We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.
 
Note follow @WindowsUpdate on Twitter to find out when new content is published to the release information dashboard.
+
- " + " From 8dd9c733e3c7b0dadeb4dcd40c62fce1665c0ff1 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Fri, 10 Apr 2020 02:05:30 -0700 Subject: [PATCH 077/338] index2 working? --- windows/deployment/index2.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml index 8af9a63a8f..f60c6cd9be 100644 --- a/windows/deployment/index2.yml +++ b/windows/deployment/index2.yml @@ -33,7 +33,8 @@ additionalContent: summary: Summary 4 url: https://www.microsoft.com footer: " - +
+
Current status as of January 21, 2020:
Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
 
We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.
 
Note follow @WindowsUpdate on Twitter to find out when new content is published to the release information dashboard.
From bf38c6567ff9bef3bf409afffd41fb986e6bda01 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 21 Apr 2020 09:48:14 -0700 Subject: [PATCH 078/338] remove index2 --- windows/deployment/index2.yml | 41 ----------------------------------- 1 file changed, 41 deletions(-) delete mode 100644 windows/deployment/index2.yml diff --git a/windows/deployment/index2.yml b/windows/deployment/index2.yml deleted file mode 100644 index f60c6cd9be..0000000000 --- a/windows/deployment/index2.yml +++ /dev/null @@ -1,41 +0,0 @@ -### YamlMime:Hub - -title: Sample page -summary: Summary - -metadata: - title: Sample page - description: Example hub page - ms.service: help - ms.topic: hub-page - author: greg-lindsay - ms.author: greglin - ms.date: 4/9/2020 - -additionalContent: - - sections: - - items: - # Card - - title: Item 1 - summary: Summary 1 - url: https://www.microsoft.com - # Card - - title: Item 2 - summary: Summary 2 - url: https://www.microsoft.com - # Card - - title: Item 3 - summary: Summary 3 - url: https://www.microsoft.com - # Card - - title: Item 4 - summary: Summary 4 - url: https://www.microsoft.com - footer: " - - -
Current status as of January 21, 2020:
Windows 10, version 1909 is available for any user on a recent version of Windows 10 who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.
 
We are starting the next phase in our controlled approach to automatically initiate a feature update for an increased number of devices running the October 2018 Update (Windows 10, version 1809) Home and Pro editions, keeping those devices supported and receiving the monthly updates that are critical to device security and ecosystem health. Our rollout process starts several months in advance of the end of service date to provide adequate time for a smooth update process.

For information on how users running Windows 10, version 1903 can update to Windows 10, version 1909 in a new, streamlined way, see this post.
 
Note follow @WindowsUpdate on Twitter to find out when new content is published to the release information dashboard.
-
- - " From ca5bb40238ebd10d4342c2a96b6e22a1290b722b Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 21 Apr 2020 13:56:48 -0700 Subject: [PATCH 079/338] changes --- windows/deployment/TOC.yml | 7 ++++--- windows/deployment/{ => get-started}/deploy-whats-new.md | 0 2 files changed, 4 insertions(+), 3 deletions(-) rename windows/deployment/{ => get-started}/deploy-whats-new.md (100%) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 7ef810630d..9aa0afe749 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -3,10 +3,9 @@ items: - name: Get started items: - - name: Learn about Windows 10 (new) - href: file1.md - - name: What's new in Windows 10 deployment + - name: Learn about Windows 10 href: file1.md + - name: Windows 10 upgrade paths href: file1.md - name: Windows 10 edition upgrade @@ -15,6 +14,8 @@ href: file1.md - name: Deployment process posters href: file1.md + - name: What's new in Windows 10 deployment + href: file1.md - name: Windows as a service items: - name: Recommended calendar of operations (new) diff --git a/windows/deployment/deploy-whats-new.md b/windows/deployment/get-started/deploy-whats-new.md similarity index 100% rename from windows/deployment/deploy-whats-new.md rename to windows/deployment/get-started/deploy-whats-new.md From f41488c81d4248883a8ab62088b991d865502245 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 21 Apr 2020 16:35:57 -0700 Subject: [PATCH 080/338] lots of changes --- windows/deployment/TOC.yml | 110 ++++++++++-------- .../{get-started => }/deploy-whats-new.md | 0 2 files changed, 59 insertions(+), 51 deletions(-) rename windows/deployment/{get-started => }/deploy-whats-new.md (100%) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 9aa0afe749..1b6fcc45ff 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -5,34 +5,77 @@ items: - name: Learn about Windows 10 href: file1.md - - - name: Windows 10 upgrade paths + - name: Windows 10 deployment scenarios href: file1.md - - name: Windows 10 edition upgrade + - name: Windows update fundamentals href: file1.md - - name: Deployment tools and methods + - name: What is Windows as a service? href: file1.md - - name: Deployment process posters + - name: Types of Windows updates href: file1.md - - name: What's new in Windows 10 deployment + - name: Servicing Windows 10 operating systems href: file1.md - - name: Windows as a service - items: - - name: Recommended calendar of operations (new) - href: file1.md - name: Deployment test lab items: - - name: Windows 10 deployment test lab + - name: Demonstrate Autopilot deployment on a VM + href: file1.md + - name: Deploy Windows 10 in a test lab href: file1.md - name: Deploy Windows 10 in a test lab using MDT href: file1.md - name: Deploy Windows 10 in a test lab using Configuration Manager + href: file1.md + + - name: Plan + items: + - name: Plan your Windows 10 deployment + items: + - name: Windows 10 upgrade paths + href: file1.md + - name: Windows 10 edition upgrade + href: file1.md + - name: Windows 10 compatibility + href: file1.md + - name: Windows 10 deployment considerations + href: file1.md + - name: Windows 10 volume license media + href: file1.md + - name: Plan for volume activation + href: file1.md + - name: Features removed or planned for replacement + items: + - name: Windows 10 features lifecycle + href: file1.md + - name: Features we're no longer developing + href: file1.md + - name: Features we removed + href: file1.md + - name: Plan your update strategy + items: + - name: Plan cloud management + items: + - name: Designate rings, channels, and policies + href: file1.md + - name: Chooose a delivery optimization strategy + href: file1.md + - name: Choose a monitoring approach + href: file1.md + - name: Assess apps (new) + items: + - name: With Desktop Analytics + href: file1.md + - name: By other means (new) + href: file1.md + - name: Other prep activities (new) + href: file1.md + - name: Plan image-based management href: file1.md - name: Prepare items: - name: Prepare for Windows 10 deployment items: + - name: Windows 10 compatibility href: file1.md - name: Windows 10 infrastructure requirements @@ -68,51 +111,16 @@ - name: Plan image-based management href: file1.md - - name: Plan - items: - - name: Plan your Windows 10 deployment - items: - - name: Windows 10 compatibility - href: file1.md - - name: Windows 10 infrastructure requirements - href: file1.md - - name: Windows 10 volume license media - href: file1.md - - name: Plan for volume activation - href: file1.md - - name: Features removed or planned for replacement - items: - - name: Windows 10 features lifecycle - href: file1.md - - name: Features we're no longer developing - href: file1.md - - name: Features we removed - href: file1.md - - name: Plan your update strategy - items: - - name: Plan cloud management - items: - - name: Designate rings, channels, and policies - href: file1.md - - name: Chooose a delivery optimization strategy - href: file1.md - - name: Choose a monitoring approach - href: file1.md - - name: Assess apps (new) - items: - - name: With Desktop Analytics - href: file1.md - - name: By other means (new) - href: file1.md - - name: Other prep activities (new) - href: file1.md - - name: Plan image-based management - href: file1.md + - name: Deploy items: - name: Deploy Windows 10 items: + - name: What's new in Windows 10 deployment + href: file1.md + - name: Deployment process posters + href: file1.md - name: Deploy Windows 10 with Autopilot items: - name: Windows Autopilot overview diff --git a/windows/deployment/get-started/deploy-whats-new.md b/windows/deployment/deploy-whats-new.md similarity index 100% rename from windows/deployment/get-started/deploy-whats-new.md rename to windows/deployment/deploy-whats-new.md From 9ab74935c0de00d21add55abce9b6d572b8184dc Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 22 Apr 2020 12:54:47 -0700 Subject: [PATCH 081/338] toc changes --- windows/deployment/TOC.yml | 127 +++++++++++++------------------------ 1 file changed, 43 insertions(+), 84 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 1b6fcc45ff..7cb9f1934b 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -5,110 +5,69 @@ items: - name: Learn about Windows 10 href: file1.md - - name: Windows 10 deployment scenarios + - name: What is Windows as a service? href: file1.md - name: Windows update fundamentals href: file1.md - - name: What is Windows as a service? - href: file1.md - name: Types of Windows updates href: file1.md - name: Servicing Windows 10 operating systems href: file1.md - - name: Deployment test lab + - name: Windows 10 deployment scenarios + href: file1.md + - name: Deployment test labs items: - name: Demonstrate Autopilot deployment on a VM href: file1.md - - name: Deploy Windows 10 in a test lab - href: file1.md - - name: Deploy Windows 10 in a test lab using MDT - href: file1.md - - name: Deploy Windows 10 in a test lab using Configuration Manager - href: file1.md + - name: Deploy Windows 10 with MDT and Configuration Manager + items: + - name: 'Step by step guide: Configure a test lab to deploy Windows 10' + href: file1.md + - name: Deploy Windows 10 in a test lab using MDT + href: file1.md + - name: Deploy Windows 10 in a test lab using Configuration Manager + href: file1.md - name: Plan items: - - name: Plan your Windows 10 deployment + - name: Plan for Windows 10 deployment + href: file1.md + - name: Windows 10 deployment considerations + href: file1.md + - name: Create a deployment plan + href: file1.md + - name: Evaluate infrastructure and tools + href: file1.md + - name: Determine application readiness + href: file1.md + - name: Define your servicing strategy + href: file1.md + - name: Plan for volume activation + href: file1.md + - name: Features removed or planned for replacement items: - - name: Windows 10 upgrade paths + - name: Windows 10 features lifecycle href: file1.md - - name: Windows 10 edition upgrade - href: file1.md - - name: Windows 10 compatibility - href: file1.md - - name: Windows 10 deployment considerations - href: file1.md - - name: Windows 10 volume license media - href: file1.md - - name: Plan for volume activation - href: file1.md - - name: Features removed or planned for replacement - items: - - name: Windows 10 features lifecycle - href: file1.md - - name: Features we're no longer developing - href: file1.md - - name: Features we removed - href: file1.md - - name: Plan your update strategy - items: - - name: Plan cloud management - items: - - name: Designate rings, channels, and policies - href: file1.md - - name: Chooose a delivery optimization strategy - href: file1.md - - name: Choose a monitoring approach - href: file1.md - - name: Assess apps (new) - items: - - name: With Desktop Analytics - href: file1.md - - name: By other means (new) - href: file1.md - - name: Other prep activities (new) - href: file1.md - - name: Plan image-based management + - name: Features we're no longer developing href: file1.md + - name: Features we removed + href: file1.md - name: Prepare items: - - name: Prepare for Windows 10 deployment + - name: Prepare to deploy Windows 10 + href: file1.md + - name: Evaluate and update infrastructure + href: file1.md + - name: Evaluate and update deployment processes + href: file1.md + - name: Prepare deployment tools items: - - - name: Windows 10 compatibility - href: file1.md - - name: Windows 10 infrastructure requirements - href: file1.md - - name: Plan for volume activation - href: file1.md - - name: Features removed or planned for replacement - items: - - name: Windows 10 features lifecycle - href: file1.md - - name: Features we're no longer developing - href: file1.md - - name: Features we removed - href: file1.md - - name: Prepare your update strategy - items: - - name: Plan cloud management - items: - - name: Designate rings, channels, and policies - href: file1.md - - name: Chooose a delivery optimization strategy - href: file1.md - - name: Choose a monitoring approach - href: file1.md - - name: Assess apps (new) - items: - - name: With Desktop Analytics - href: file1.md - - name: By other means (new) - href: file1.md - - name: Other prep activities (new) - href: file1.md - - name: Plan image-based management + - name: Register devices for deployment with Windows Autopilot + href: file1.md + - name: Prepare for deployment with MDT + href: file1.md + - name: Prepare for deployment with Configuration Manager href: file1.md From ad01c6ed8b170faf845db97acfc0de3e8fd99861 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 22 Apr 2020 13:40:14 -0700 Subject: [PATCH 082/338] some changes --- windows/deployment/TOC.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 7cb9f1934b..37e6fcf586 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -1,6 +1,8 @@ - name: Deploy and update Windows 10 href: index.yml items: + - name: What's new in Windows 10 deployment + href: file1.md - name: Get started items: - name: Learn about Windows 10 @@ -70,14 +72,10 @@ - name: Prepare for deployment with Configuration Manager href: file1.md - - - name: Deploy items: - name: Deploy Windows 10 items: - - name: What's new in Windows 10 deployment - href: file1.md - name: Deployment process posters href: file1.md - name: Deploy Windows 10 with Autopilot From 72de163720cff5b5c09671bb40a761e0466c0934 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 22 Apr 2020 13:45:34 -0700 Subject: [PATCH 083/338] some changes --- windows/deployment/TOC.yml | 45 +++++++++++++++++++------------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 37e6fcf586..c608c81b7a 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -100,6 +100,29 @@ - name: Deploy updates with WSUS - name: Deploy updates with Group Policy + - name: Troubleshoot + items: + - name: Resolve upgrade errors + items: + - name: Resolve Windows 10 upgrade errors + href: file1.md + - name: Quick fixes + href: file1.md + - name: SetupDiag + href: file1.md + - name: Troubleshooting upgrade errors + href: file1.md + - name: Windows error reporting + href: file1.md + - name: Upgrade error codes + href: file1.md + - name: Log files + href: file1.md + - name: Resolution procedures + href: file1.md + - name: Submit Windows 10 upgrade errors + href: file1.md + - name: Reference items: - name: Windows 10 volume license media @@ -128,28 +151,6 @@ href: file1.md - name: Deploy Windows 10 Enterprise licenses href: file1.md - - name: Resolve upgrade errors - items: - - name: Resolve Windows 10 upgrade errors - href: file1.md - - name: Quick fixes - href: file1.md - - name: SetupDiag - href: file1.md - - name: Troubleshooting upgrade errors - href: file1.md - - name: Windows error reporting - href: file1.md - - name: Upgrade error codes - href: file1.md - - name: Log files - href: file1.md - - name: Resolution procedures - href: file1.md - - name: Submit Windows 10 upgrade errors - href: file1.md - - - name: Windows 10 deployment tools items: - name: Windows 10 deployment scenarios and tools From bd2e0d2b6673efd29386cf302d3fdb5d155163f5 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 22 Apr 2020 13:53:52 -0700 Subject: [PATCH 084/338] change --- windows/deployment/TOC.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index c608c81b7a..9dd845c0d0 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -1,10 +1,10 @@ - name: Deploy and update Windows 10 href: index.yml items: - - name: What's new in Windows 10 deployment - href: file1.md - name: Get started items: + - name: What's new in Windows 10 deployment + href: file1.md - name: Learn about Windows 10 href: file1.md - name: What is Windows as a service? From bf620ebc451cf2b686fdb473bbed46c805d5cf83 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 22 Apr 2020 13:55:16 -0700 Subject: [PATCH 085/338] change --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 9dd845c0d0..eda2cf8aab 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -17,7 +17,7 @@ href: file1.md - name: Windows 10 deployment scenarios href: file1.md - - name: Deployment test labs + - name: Proof of concept items: - name: Demonstrate Autopilot deployment on a VM href: file1.md From 42c281b868d9f18d3fa298df1097572466206546 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 22 Apr 2020 15:31:26 -0700 Subject: [PATCH 086/338] change --- windows/deployment/TOC.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index eda2cf8aab..d0cdb62ddf 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -3,11 +3,11 @@ items: - name: Get started items: - - name: What's new in Windows 10 deployment + - name: What's new in Windows 10 deployment href: file1.md - - name: Learn about Windows 10 + - name: *Learn about Windows 10 href: file1.md - - name: What is Windows as a service? + - name: What is Windows as a service? href: file1.md - name: Windows update fundamentals href: file1.md From 9fb4935dacd01c759a4ad741cc68c897fe327fcf Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 22 Apr 2020 15:36:22 -0700 Subject: [PATCH 087/338] change --- windows/deployment/TOC.yml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index d0cdb62ddf..4af55491fd 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -3,11 +3,11 @@ items: - name: Get started items: - - name: What's new in Windows 10 deployment + - name: What's new in Windows 10 deployment href: file1.md - - name: *Learn about Windows 10 + - name: Learn about Windows 10 href: file1.md - - name: What is Windows as a service? + - name: What is Windows as a service? href: file1.md - name: Windows update fundamentals href: file1.md @@ -99,10 +99,7 @@ - name: Deploy updates with Intune - name: Deploy updates with WSUS - name: Deploy updates with Group Policy - - - name: Troubleshoot - items: - - name: Resolve upgrade errors + - name: Troubleshoot items: - name: Resolve Windows 10 upgrade errors href: file1.md From e25231e6ffc23ef6109b9a9bd5e791902c95f6d6 Mon Sep 17 00:00:00 2001 From: illfated Date: Sat, 25 Apr 2020 19:59:46 +0200 Subject: [PATCH 088/338] WDDG & WDCG HW readiness tool: typo & Arch Locale Description: As pointed out in ticket #5972 (closed) and #6574 (my ticket), the script on this page stops working in localized versions of Windows (Dutch mentioned in ticket #5972 specifically). This is caused by the difference in how the strings "64-bit" and "32-bit" occur in non-English localized versions of Windows. Thanks to RvdHout (Ruud van den Hout) for suggesting the regex solution. Changes proposed: - $OSArch.Contains("64-bit") -> $OSArch -match ("64\-?\s?bits?") - $OSArch.Contains("32-bit") -> $OSArch -match ("32\-?\s?bits?") - Readiness Tool Version updated to 3.7.2 (thanks to RvdHout) - Typo "archictecture" corrected to architecture (2 occurrences) - Remove all redundant end-of-line (EOL) whitespace (blanks) - Reduce number of blank lines before the signature block, from 3 to 2 - Add back a blank line between the metadata section and the page title Ticket closure or reference: Closes #6574 Ref. #5690 #5723 #6054 #6055 Ref. #5972 (closed) --- .../credential-guard/dg-readiness-tool.md | 159 +++++++++--------- 1 file changed, 80 insertions(+), 79 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/dg-readiness-tool.md b/windows/security/identity-protection/credential-guard/dg-readiness-tool.md index 6c12907b28..a537e86251 100644 --- a/windows/security/identity-protection/credential-guard/dg-readiness-tool.md +++ b/windows/security/identity-protection/credential-guard/dg-readiness-tool.md @@ -12,13 +12,15 @@ ms.author: stsyfuhs manager: dansimp ms.collection: M365-identity-device-management ms.topic: article -ms.reviewer: +ms.reviewer: --- + # Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool ```powershell -# Script to find out if machine is Device Guard compliant -# requires driver verifier on system. +# Script to find out if a machine is Device Guard compliant. +# The script requires a driver verifier present on the system. + param([switch]$Capable, [switch]$Ready, [switch]$Enable, [switch]$Disable, $SIPolicyPath, [switch]$AutoReboot, [switch]$DG, [switch]$CG, [switch]$HVCI, [switch]$HLK, [switch]$Clear, [switch]$ResetVerifier) $path = "C:\DGLogs\" @@ -36,7 +38,7 @@ $DGVerifySuccess = New-Object System.Text.StringBuilder $Sys32Path = "$env:windir\system32" $DriverPath = "$env:windir\system32\drivers" -#generated by certutil -encode +#generated by certutil -encode $SIPolicy_Encoded = "BQAAAA43RKLJRAZMtVH2AW5WMHbk9wcuTBkgTbfJb0SmxaI0BACNkAgAAAAAAAAA HQAAAAIAAAAAAAAAAAAKAEAAAAAMAAAAAQorBgEEAYI3CgMGDAAAAAEKKwYBBAGC NwoDBQwAAAABCisGAQQBgjc9BAEMAAAAAQorBgEEAYI3PQUBDAAAAAEKKwYBBAGC @@ -114,7 +116,7 @@ function LogAndConsoleSuccess($message) function LogAndConsoleError($message) { - Write-Host $message -foregroundcolor "Red" + Write-Host $message -foregroundcolor "Red" Log $message } @@ -132,16 +134,16 @@ function IsExempted([System.IO.FileInfo] $item) Log $cert.ToString() return 0 } -} +} function CheckExemption($_ModName) { $mod1 = Get-ChildItem $Sys32Path $_ModName $mod2 = Get-ChildItem $DriverPath $_ModName if($mod1) - { + { Log "NonDriver module" + $mod1.FullName - return IsExempted($mod1) + return IsExempted($mod1) } elseif($mod2) { @@ -184,15 +186,15 @@ function CheckFailedDriver($_ModName, $CIStats) } if($Result.Contains("PASS")) { - $CompatibleModules.AppendLine($_ModName.Trim()) | Out-Null + $CompatibleModules.AppendLine($_ModName.Trim()) | Out-Null } elseif($FailingStat.Trim().Contains("execute-write")) { - $FailingExecuteWriteCheck.AppendLine("Module: "+ $_ModName.Trim() + "`r`n`tReason: " + $FailingStat.Trim() ) | Out-Null + $FailingExecuteWriteCheck.AppendLine("Module: "+ $_ModName.Trim() + "`r`n`tReason: " + $FailingStat.Trim() ) | Out-Null } else { - $FailingModules.AppendLine("Module: "+ $_ModName.Trim() + "`r`n`tReason: " + $FailingStat.Trim() ) | Out-Null + $FailingModules.AppendLine("Module: "+ $_ModName.Trim() + "`r`n`tReason: " + $FailingStat.Trim() ) | Out-Null } Log "Result: " $Result } @@ -204,7 +206,7 @@ function ListCIStats($_ModName, $str1) { Log "String := " $str1 Log "Warning! CI Stats are missing for " $_ModName - return + return } $temp_str1 = $str1.Substring($i1) $CIStats = $temp_str1.Substring(0).Trim() @@ -245,7 +247,7 @@ function ListDrivers($str) } $DriverScanCompletedMessage = "Completed scan. List of Compatible Modules can be found at " + $LogFile - LogAndConsole $DriverScanCompletedMessage + LogAndConsole $DriverScanCompletedMessage if($FailingModules.Length -gt 0 -or $FailingExecuteWriteCheck.Length -gt 0 ) { @@ -254,7 +256,7 @@ function ListDrivers($str) { LogAndConsoleError $WarningMessage } - else + else { LogAndConsoleWarning $WarningMessage } @@ -321,7 +323,7 @@ function ListSummary() } else { - LogAndConsoleSuccess "Machine is Device Guard / Credential Guard Ready.`n" + LogAndConsoleSuccess "Machine is Device Guard / Credential Guard Ready.`n" if(!$HVCI -and !$DG) { ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Capabilities\" /v "CG_Capable" /t REG_DWORD /d 2 /f ' @@ -336,56 +338,56 @@ function ListSummary() function Instantiate-Kernel32 { - try + try { Add-Type -TypeDefinition @" using System; using System.Diagnostics; using System.Runtime.InteropServices; - + public static class Kernel32 { [DllImport("kernel32", SetLastError=true, CharSet = CharSet.Ansi)] public static extern IntPtr LoadLibrary( [MarshalAs(UnmanagedType.LPStr)]string lpFileName); - + [DllImport("kernel32", CharSet=CharSet.Ansi, ExactSpelling=true, SetLastError=true)] public static extern IntPtr GetProcAddress( IntPtr hModule, string procName); } - + "@ } catch { - Log $_.Exception.Message + Log $_.Exception.Message LogAndConsole "Instantiate-Kernel32 failed" } } function Instantiate-HSTI { - try + try { Add-Type -TypeDefinition @" using System; using System.Diagnostics; using System.Runtime.InteropServices; using System.Net; - + public static class HstiTest3 { [DllImport("hstitest.dll", CharSet = CharSet.Unicode)] - public static extern int QueryHSTIdetails( - ref HstiOverallError pHstiOverallError, + public static extern int QueryHSTIdetails( + ref HstiOverallError pHstiOverallError, [In, Out] HstiProviderErrorDuple[] pHstiProviderErrors, ref uint pHstiProviderErrorsCount, byte[] hstiPlatformSecurityBlob, ref uint pHstiPlatformSecurityBlobBytes); [DllImport("hstitest.dll", CharSet = CharSet.Unicode)] - public static extern int QueryHSTI(ref bool Pass); - + public static extern int QueryHSTI(ref bool Pass); + [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] public struct HstiProviderErrorDuple { @@ -397,7 +399,7 @@ function Instantiate-HSTI { [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 4096)] internal string ErrorString; } - + [FlagsAttribute] public enum HstiProviderErrors : int { @@ -425,8 +427,8 @@ function Instantiate-HSTI { BlobVersionMismatch = 0x00000080, PlatformSecurityVersionMismatch = 0x00000100, ProviderError = 0x00000200 - } - + } + } "@ @@ -434,9 +436,9 @@ function Instantiate-HSTI { $FuncHandle = [Kernel32]::GetProcAddress($LibHandle, "QueryHSTIdetails") $FuncHandle2 = [Kernel32]::GetProcAddress($LibHandle, "QueryHSTI") - if ([System.IntPtr]::Size -eq 8) + if ([System.IntPtr]::Size -eq 8) { - #assuming 64 bit + #assuming 64 bit Log "`nKernel32::LoadLibrary 64bit --> 0x$("{0:X16}" -f $LibHandle.ToInt64())" Log "HstiTest2::QueryHSTIdetails 64bit --> 0x$("{0:X16}" -f $FuncHandle.ToInt64())" } @@ -450,7 +452,7 @@ function Instantiate-HSTI { $hr = [HstiTest3]::QueryHSTIdetails([ref] $overallError, $null, [ref] $providerErrorDupleCount, $null, [ref] $blobByteSize) [byte[]]$blob = New-Object byte[] $blobByteSize - [HstiTest3+HstiProviderErrorDuple[]]$providerErrors = New-Object HstiTest3+HstiProviderErrorDuple[] $providerErrorDupleCount + [HstiTest3+HstiProviderErrorDuple[]]$providerErrors = New-Object HstiTest3+HstiProviderErrorDuple[] $providerErrorDupleCount $hr = [HstiTest3]::QueryHSTIdetails([ref] $overallError, $providerErrors, [ref] $providerErrorDupleCount, $blob, [ref] $blobByteSize) $string = $null $blob | foreach { $string = $string + $_.ToString("X2")+"," } @@ -479,7 +481,7 @@ function Instantiate-HSTI { LogAndConsoleError $ErrorMessage $DGVerifyCrit.AppendLine($ErrorMessage) | Out-Null } - else + else { LogAndConsoleWarning $ErrorMessage $DGVerifyWarn.AppendLine("HSTI is absent") | Out-Null @@ -487,9 +489,9 @@ function Instantiate-HSTI { } } - catch + catch { - LogAndConsoleError $_.Exception.Message + LogAndConsoleError $_.Exception.Message LogAndConsoleError "Instantiate-HSTI failed" } } @@ -613,10 +615,10 @@ function ExecuteCommandAndLog($_cmd) $CmdOutput = Invoke-Expression $_cmd | Out-String Log "Output: $CmdOutput" } - catch + catch { Log "Exception while exectuing $_cmd" - Log $_.Exception.Message + Log $_.Exception.Message } @@ -676,7 +678,7 @@ function CheckDriverCompat verifier.exe /flags 0x02000000 /all /log.code_integrity LogAndConsole "Enabling Driver Verifier and Rebooting system" - Log $verifier_state + Log $verifier_state LogAndConsole "Please re-execute this script after reboot...." if($AutoReboot) { @@ -692,7 +694,7 @@ function CheckDriverCompat else { LogAndConsole "Driver verifier already enabled" - Log $verifier_state + Log $verifier_state ListDrivers($verifier_state.Trim().ToLowerInvariant()) } } @@ -700,23 +702,23 @@ function IsDomainController { $_isDC = 0 $CompConfig = Get-WmiObject Win32_ComputerSystem - foreach ($ObjItem in $CompConfig) + foreach ($ObjItem in $CompConfig) { $Role = $ObjItem.DomainRole Log "Role=$Role" - Switch ($Role) + Switch ($Role) { 0 { Log "Standalone Workstation" } 1 { Log "Member Workstation" } 2 { Log "Standalone Server" } 3 { Log "Member Server" } - 4 + 4 { Log "Backup Domain Controller" $_isDC=1 break } - 5 + 5 { Log "Primary Domain Controller" $_isDC=1 @@ -735,7 +737,7 @@ function CheckOSSKU Log "OSNAME:$osname" $SKUarray = @("Enterprise", "Education", "IoT", "Windows Server", "Pro", "Home") $HLKAllowed = @("microsoft windows 10 pro") - foreach ($SKUent in $SKUarray) + foreach ($SKUent in $SKUarray) { if($osname.ToString().Contains($SKUent.ToLower())) { @@ -762,7 +764,7 @@ function CheckOSSKU } ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Capabilities\" /v "OSSKU" /t REG_DWORD /d 2 /f ' } - else + else { LogAndConsoleError "This PC edition is Unsupported for Device Guard" $DGVerifyCrit.AppendLine("OS SKU unsupported") | Out-Null @@ -773,14 +775,14 @@ function CheckOSSKU function CheckOSArchitecture { $OSArch = $(gwmi win32_operatingsystem).OSArchitecture.ToLower() - Log $OSArch - if($OSArch.Contains("64-bit")) + Log $OSArch + if($OSArch -match ("64\-?\s?bits?")) { - LogAndConsoleSuccess "64 bit archictecture" + LogAndConsoleSuccess "64 bit architecture" } - elseif($OSArch.Contains("32-bit")) + elseif($OSArch -match ("32\-?\s?bits?")) { - LogAndConsoleError "32 bit archictecture" + LogAndConsoleError "32 bit architecture" $DGVerifyCrit.AppendLine("32 Bit OS, OS Architecture failure.") | Out-Null } else @@ -878,7 +880,7 @@ function CheckTPM function CheckSecureMOR { $isSecureMOR = CheckDGFeatures(4) - Log "isSecureMOR= $isSecureMOR " + Log "isSecureMOR= $isSecureMOR " if($isSecureMOR -eq 1) { LogAndConsoleSuccess "Secure MOR is available" @@ -904,7 +906,7 @@ function CheckSecureMOR function CheckNXProtection { $isNXProtected = CheckDGFeatures(5) - Log "isNXProtected= $isNXProtected " + Log "isNXProtected= $isNXProtected " if($isNXProtected -eq 1) { LogAndConsoleSuccess "NX Protector is available" @@ -921,7 +923,7 @@ function CheckNXProtection function CheckSMMProtection { $isSMMMitigated = CheckDGFeatures(6) - Log "isSMMMitigated= $isSMMMitigated " + Log "isSMMMitigated= $isSMMMitigated " if($isSMMMitigated -eq 1) { LogAndConsoleSuccess "SMM Mitigation is available" @@ -938,15 +940,15 @@ function CheckSMMProtection function CheckHSTI { LogAndConsole "Copying HSTITest.dll" - try + try { $HSTITest_Decoded = [System.Convert]::FromBase64String($HSTITest_Encoded) [System.IO.File]::WriteAllBytes("$env:windir\System32\hstitest.dll",$HSTITest_Decoded) } - catch + catch { - LogAndConsole $_.Exception.Message + LogAndConsole $_.Exception.Message LogAndConsole "Copying and loading HSTITest.dll failed" } @@ -959,7 +961,7 @@ function PrintToolVersion LogAndConsole "" LogAndConsole "###########################################################################" LogAndConsole "" - LogAndConsole "Readiness Tool Version 3.7.1 Release. `nTool to check if your device is capable to run Device Guard and Credential Guard." + LogAndConsole "Readiness Tool Version 3.7.2 Release. `nTool to check if your device is capable to run Device Guard and Credential Guard." LogAndConsole "" LogAndConsole "###########################################################################" LogAndConsole "" @@ -1030,7 +1032,7 @@ if(!($Ready) -and !($Capable) -and !($Enable) -and !($Disable) -and !($Clear) -a } $user = [Security.Principal.WindowsIdentity]::GetCurrent(); -$TestForAdmin = (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) +$TestForAdmin = (New-Object Security.Principal.WindowsPrincipal $user).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator) if(!$TestForAdmin) { @@ -1065,7 +1067,7 @@ if($Ready) { Log "_CGState: $_CGState" PrintCGDetails $_CGState - + if($_CGState) { ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Capabilities\" /v "CG_Running" /t REG_DWORD /d 1 /f' @@ -1077,28 +1079,28 @@ if($Ready) } elseif($DG) { - Log "_HVCIState: $_HVCIState, _ConfigCIState: $_ConfigCIState" + Log "_HVCIState: $_HVCIState, _ConfigCIState: $_ConfigCIState" PrintHVCIDetails $_HVCIState - PrintConfigCIDetails $_ConfigCIState + PrintConfigCIDetails $_ConfigCIState if($_ConfigCIState -and $_HVCIState) { LogAndConsoleSuccess "HVCI, and Config-CI are enabled and running." - + ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Capabilities\" /v "DG_Running" /t REG_DWORD /d 1 /f' } else { LogAndConsoleWarning "Not all services are running." - + ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Capabilities\" /v "DG_Running" /t REG_DWORD /d 0 /f' } } - else + else { - Log "_CGState: $_CGState, _HVCIState: $_HVCIState, _ConfigCIState: $_ConfigCIState" - + Log "_CGState: $_CGState, _HVCIState: $_HVCIState, _ConfigCIState: $_ConfigCIState" + PrintCGDetails $_CGState PrintHVCIDetails $_HVCIState PrintConfigCIDetails $_ConfigCIState @@ -1147,7 +1149,7 @@ if($Enable) { ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "HypervisorEnforcedCodeIntegrity" /t REG_DWORD /d 1 /f' } - else + else { ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Enabled" /t REG_DWORD /d 1 /f' ExecuteCommandAndLog 'REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\HypervisorEnforcedCodeIntegrity" /v "Locked" /t REG_DWORD /d 0 /f' @@ -1158,8 +1160,8 @@ if($Enable) { if(!$HVCI -and !$CG) { - if(!$SIPolicyPath) - { + if(!$SIPolicyPath) + { Log "Writing Decoded SIPolicy.p7b" $SIPolicy_Decoded = [System.Convert]::FromBase64String($SIPolicy_Encoded) [System.IO.File]::WriteAllBytes("$env:windir\System32\CodeIntegrity\SIPolicy.p7b",$SIPolicy_Decoded) @@ -1270,7 +1272,7 @@ if($Disable) } #set of commands to run SecConfig.efi to delete UEFI variables if were set in pre OS - #these steps can be performed even if the UEFI variables were not set - if not set it will lead to No-Op but this can be run in general always + #these steps can be performed even if the UEFI variables were not set - if not set it will lead to No-Op but this can be run in general always #this requires a reboot and accepting the prompt in the Pre-OS which is self explanatory in the message that is displayed in pre-OS $FreeDrive = ls function:[s-z]: -n | ?{ !(test-path $_) } | random Log "FreeDrive=$FreeDrive" @@ -1314,7 +1316,7 @@ if($Capable) } $_StepCount = 1 if(!$CG) - { + { LogAndConsole " ====================== Step $_StepCount Driver Compat ====================== " $_StepCount++ CheckDriverCompat @@ -1323,15 +1325,15 @@ if($Capable) LogAndConsole " ====================== Step $_StepCount Secure boot present ====================== " $_StepCount++ CheckSecureBootState - + if(!$HVCI -and !$DG -and !$CG) - { + { #check only if sub-options are absent LogAndConsole " ====================== Step $_StepCount MS UEFI HSTI tests ====================== " $_StepCount++ CheckHSTI } - + LogAndConsole " ====================== Step $_StepCount OS Architecture ====================== " $_StepCount++ CheckOSArchitecture @@ -1345,11 +1347,11 @@ if($Capable) CheckVirtualization if(!$HVCI -and !$DG) - { + { LogAndConsole " ====================== Step $_StepCount TPM version ====================== " $_StepCount++ CheckTPM - + LogAndConsole " ====================== Step $_StepCount Secure MOR ====================== " $_StepCount++ CheckSecureMOR @@ -1358,11 +1360,11 @@ if($Capable) LogAndConsole " ====================== Step $_StepCount NX Protector ====================== " $_StepCount++ CheckNXProtection - + LogAndConsole " ====================== Step $_StepCount SMM Mitigation ====================== " $_StepCount++ CheckSMMProtection - + LogAndConsole " ====================== End Check ====================== " LogAndConsole " ====================== Summary ====================== " @@ -1371,7 +1373,6 @@ if($Capable) } - # SIG # Begin signature block ## REPLACE # SIG # End signature block From 28d77f25f372c99b90d022d632c327d99da7d205 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Sun, 26 Apr 2020 16:22:25 -0700 Subject: [PATCH 089/338] at it again --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 4af55491fd..66269905fa 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -13,7 +13,7 @@ href: file1.md - name: Types of Windows updates href: file1.md - - name: Servicing Windows 10 operating systems + - name: Servicing the Windows 10 operating systems href: file1.md - name: Windows 10 deployment scenarios href: file1.md From e0f889bc8d4169f877d429a1716443cd429ad002 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 27 Apr 2020 09:58:49 -0700 Subject: [PATCH 090/338] at it again --- windows/deployment/TOC.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 66269905fa..72abea01c0 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -13,11 +13,11 @@ href: file1.md - name: Types of Windows updates href: file1.md - - name: Servicing the Windows 10 operating systems + - name: Servicing the Windows 10 operating system href: file1.md - name: Windows 10 deployment scenarios href: file1.md - - name: Proof of concept + - name: Deployment proof of concept items: - name: Demonstrate Autopilot deployment on a VM href: file1.md From c8766851ce7050222dc6633946a66f50f7bd7127 Mon Sep 17 00:00:00 2001 From: illfated Date: Mon, 27 Apr 2020 23:04:09 +0200 Subject: [PATCH 091/338] Regex adjustment/improvement - Code cleanup by RvdHout - Supports at least Dutch & German OS --- .../identity-protection/credential-guard/dg-readiness-tool.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/dg-readiness-tool.md b/windows/security/identity-protection/credential-guard/dg-readiness-tool.md index a537e86251..6727a09859 100644 --- a/windows/security/identity-protection/credential-guard/dg-readiness-tool.md +++ b/windows/security/identity-protection/credential-guard/dg-readiness-tool.md @@ -776,11 +776,11 @@ function CheckOSArchitecture { $OSArch = $(gwmi win32_operatingsystem).OSArchitecture.ToLower() Log $OSArch - if($OSArch -match ("64\-?\s?bits?")) + if($OSArch -match ("^64\-?\s?bit")) { LogAndConsoleSuccess "64 bit architecture" } - elseif($OSArch -match ("32\-?\s?bits?")) + elseif($OSArch -match ("^32\-?\s?bit")) { LogAndConsoleError "32 bit architecture" $DGVerifyCrit.AppendLine("32 Bit OS, OS Architecture failure.") | Out-Null From 6dd00100f98c4ca480f7d60c51b7108194dde04d Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 12:31:26 -0700 Subject: [PATCH 092/338] test --- windows/deployment/TOC.md | 13 +++++++++++++ windows/deployment/{ => toctmpstorage}/TOC.yml | 0 2 files changed, 13 insertions(+) create mode 100644 windows/deployment/TOC.md rename windows/deployment/{ => toctmpstorage}/TOC.yml (100%) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md new file mode 100644 index 0000000000..5c9ee7dec2 --- /dev/null +++ b/windows/deployment/TOC.md @@ -0,0 +1,13 @@ +# Deploy and update Windows 10 + +## Get started +### [What's new in Windows 10 deployment](file1.md) +### text + +## Plan + +## Prepare + +## Deploy + +## Reference \ No newline at end of file diff --git a/windows/deployment/TOC.yml b/windows/deployment/toctmpstorage/TOC.yml similarity index 100% rename from windows/deployment/TOC.yml rename to windows/deployment/toctmpstorage/TOC.yml From d945e8fa93abb5d6d5bb0ca6143ff5699ecc6359 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 13:05:31 -0700 Subject: [PATCH 093/338] test --- windows/deployment/TOC.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 5c9ee7dec2..fb49cec595 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -2,12 +2,15 @@ ## Get started ### [What's new in Windows 10 deployment](file1.md) -### text +### test ## Plan +

A blue heading

## Prepare ## Deploy -## Reference \ No newline at end of file +## Reference + +

Test

\ No newline at end of file From 4555ebf0840bd4afea5616b26b9a5aa60e30ecd8 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 13:06:22 -0700 Subject: [PATCH 094/338] test --- windows/deployment/toctmpstorage/TOC.yml | 416 ----------------------- 1 file changed, 416 deletions(-) delete mode 100644 windows/deployment/toctmpstorage/TOC.yml diff --git a/windows/deployment/toctmpstorage/TOC.yml b/windows/deployment/toctmpstorage/TOC.yml deleted file mode 100644 index 72abea01c0..0000000000 --- a/windows/deployment/toctmpstorage/TOC.yml +++ /dev/null @@ -1,416 +0,0 @@ -- name: Deploy and update Windows 10 - href: index.yml - items: - - name: Get started - items: - - name: What's new in Windows 10 deployment - href: file1.md - - name: Learn about Windows 10 - href: file1.md - - name: What is Windows as a service? - href: file1.md - - name: Windows update fundamentals - href: file1.md - - name: Types of Windows updates - href: file1.md - - name: Servicing the Windows 10 operating system - href: file1.md - - name: Windows 10 deployment scenarios - href: file1.md - - name: Deployment proof of concept - items: - - name: Demonstrate Autopilot deployment on a VM - href: file1.md - - name: Deploy Windows 10 with MDT and Configuration Manager - items: - - name: 'Step by step guide: Configure a test lab to deploy Windows 10' - href: file1.md - - name: Deploy Windows 10 in a test lab using MDT - href: file1.md - - name: Deploy Windows 10 in a test lab using Configuration Manager - href: file1.md - - - name: Plan - items: - - name: Plan for Windows 10 deployment - href: file1.md - - name: Windows 10 deployment considerations - href: file1.md - - name: Create a deployment plan - href: file1.md - - name: Evaluate infrastructure and tools - href: file1.md - - name: Determine application readiness - href: file1.md - - name: Define your servicing strategy - href: file1.md - - name: Plan for volume activation - href: file1.md - - name: Features removed or planned for replacement - items: - - name: Windows 10 features lifecycle - href: file1.md - - name: Features we're no longer developing - href: file1.md - - name: Features we removed - href: file1.md - - - name: Prepare - items: - - name: Prepare to deploy Windows 10 - href: file1.md - - name: Evaluate and update infrastructure - href: file1.md - - name: Evaluate and update deployment processes - href: file1.md - - name: Prepare deployment tools - items: - - name: Register devices for deployment with Windows Autopilot - href: file1.md - - name: Prepare for deployment with MDT - href: file1.md - - name: Prepare for deployment with Configuration Manager - href: file1.md - - - name: Deploy - items: - - name: Deploy Windows 10 - items: - - name: Deployment process posters - href: file1.md - - name: Deploy Windows 10 with Autopilot - items: - - name: Windows Autopilot overview - - name: Deploy Windows 10 with Configuration Manager - items: - - name: Deploy to a new device - - name: Refresh a device - - name: Replace a device - - name: In-place upgrade - - name: Deploy Windows 10 with MDT - items: - - name: Deploy to a new device - - name: Refresh a device - - name: Replace a device - - name: In-place upgrade - - name: Deploy Windows 10 updates - items: - - name: Deploy updates with Configuration Manager - - name: Deploy updates with Intune - - name: Deploy updates with WSUS - - name: Deploy updates with Group Policy - - name: Troubleshoot - items: - - name: Resolve Windows 10 upgrade errors - href: file1.md - - name: Quick fixes - href: file1.md - - name: SetupDiag - href: file1.md - - name: Troubleshooting upgrade errors - href: file1.md - - name: Windows error reporting - href: file1.md - - name: Upgrade error codes - href: file1.md - - name: Log files - href: file1.md - - name: Resolution procedures - href: file1.md - - name: Submit Windows 10 upgrade errors - href: file1.md - - - name: Reference - items: - - name: Windows 10 volume license media - href: file1.md - - name: Deploy Windows 10 with Microsoft 365 - href: file1.md - - name: How Windows Update works (new) - href: file1.md - - name: Additional Windows Update settings - href: file1.md - - name: Delivery Optimization reference - href: file1.md - - name: Windows 10 in S mode - items: - - name: Windows 10 in S mode overview - href: file1.md - - name: Switch to Windows 10 Pro/Enterprise from S mode - href: file1.md - - name: Subscription Activation - items: - - name: Windows 10 Subscription Activation - href: file1.md - - name: Windows 10 Enterprise E3 in CSP - href: file1.md - - name: Configure VDA for Subscription Activation - href: file1.md - - name: Deploy Windows 10 Enterprise licenses - href: file1.md - - name: Windows 10 deployment tools - items: - - name: Windows 10 deployment scenarios and tools - items: - - name: Convert MBR partition to GPT - - name: Configure a PXE server to load Windows PE - - name: Windows ADK for Windows 10 scenarios for IT Pros - - name: Windows To Go - items: - - name: Deploy Windows To Go in your organization - href: file1.md - - name: Feature overview - items: - - name: "Windows To Go: feature overview" - href: file1.md - - name: Best practice recommendations for Windows To Go - href: file1.md - - name: Deployment considerations for Windows To Go - href: file1.md - - name: Prepare your organization for Windows To Go - href: file1.md - - name: Security and data protection considerations for Windows To Go - href: file1.md - - name: "Windows To Go: frequently asked questions" - href: file1.md - - - name: Volume Activation Management Tool (VAMT) technical reference - items: - - name: VAMT technical reference - href: file1.md - - name: Introduction to VAMT - href: file1.md - - name: Active Directory-Based Activation Overview - href: file1.md - - name: Install and Configure VAMT - href: file1.md - - name: VAMT Requirements - href: file1.md - - name: Install VAMT - href: file1.md - - name: Configure Client Computers - href: file1.md - - name: Add and Manage Products - href: file1.md - - name: Add and Remove Computers - href: file1.md - - name: Update Product Status - href: file1.md - - name: Remove Products - href: file1.md - - name: Manage Product Keys - href: file1.md - - name: Add and Remove a Product Key - href: file1.md - - name: Install a Product Key - href: file1.md - - name: Install a KMS Client Key - href: file1.md - - name: Manage Activations - href: file1.md - - name: Perform Online Activation - href: file1.md - - name: Perform Proxy Activation - href: file1.md - - name: Perform KMS Activation - href: file1.md - - name: Perform Local Reactivation - href: file1.md - - name: Activate an Active Directory Forest Online - href: file1.md - - name: Activate by Proxy an Active Directory Forest - href: file1.md - - name: Manage VAMT Data - href: file1.md - - name: Import and Export VAMT Data - href: file1.md - - name: Use VAMT in Windows PowerShell - href: file1.md - - name: VAMT Step-by-Step Scenarios - href: file1.md - - name: "Scenario 1: Online Activation" - href: file1.md - - name: "Scenario 2: Proxy Activation" - href: file1.md - - name: "Scenario 3: KMS Client Activation" - href: file1.md - - name: VAMT Known Issues - href: file1.md - - - name: User State Migration Tool (USMT) technical reference - items: - - name: USMT overview topics - items: - - name: USMT overview - href: file1.md - - name: Getting started with the USMT - href: file1.md - - name: Windows upgrade and migration considerations - href: file1.md - - name: USMT How-to topics - items: - - name: Exclude Files and Settings - href: file1.md - - name: Extract Files from a Compressed USMT Migration Store - href: file1.md - - name: Include Files and Settings - href: file1.md - - name: Migrate Application Settings - href: file1.md - - name: Migrate EFS Files and Certificates - href: file1.md - - name: Migrate User Accounts - href: file1.md - - name: Reroute Files and Settings - href: file1.md - - name: Verify the Condition of a Compressed Migration Store - href: file1.md - - name: USMT Troubleshooting - href: file1.md - - name: Common Issues - href: file1.md - - name: Frequently Asked Questions - href: file1.md - - name: Log Files - href: file1.md - - name: Return Codes - href: file1.md - - name: USMT Resources - href: file1.md - - - name: USMT Reference - items: - - name: USMT Requirements - href: file1.md - - name: USMT Best Practices - href: file1.md - - name: How USMT Works - href: file1.md - - name: Plan Your Migration - href: file1.md - - name: Common Migration Scenarios - href: file1.md - - name: What Does USMT Migrate? - href: file1.md - - name: Choose a Migration Store Type - href: file1.md - - name: Migration Store Types Overview - href: file1.md - - name: Estimate Migration Store Size - href: file1.md - - name: Hard-Link Migration Store - href: file1.md - - name: Migration Store Encryption - href: file1.md - - name: Determine What to Migrate - href: file1.md - - name: Determine What to Migrate - href: file1.md - - name: Identify Applications Settings - href: file1.md - - name: Identify Operating System Settings - href: file1.md - - name: Identify File Types, Files, and Folders - href: file1.md - - name: Test Your Migration - href: file1.md - - name: USMT Command-line Syntax - href: file1.md - - name: ScanState Syntax - href: file1.md - - name: LoadState Syntax - href: file1.md - - name: UsmtUtils Syntax - href: file1.md - - name: USMT XML Reference - href: file1.md - - name: Understanding Migration XML Files - href: file1.md - - name: Config.xml File - href: file1.md - - name: Customize USMT XML Files - href: file1.md - - name: Custom XML Examples - href: file1.md - - name: Conflicts and Precedence - href: file1.md - - name: General Conventions - href: file1.md - - name: XML File Requirements - href: file1.md - - name: Recognized Environment Variables - href: file1.md - - name: XML Elements Library - href: file1.md - - name: Offline Migration Reference - href: file1.md - - - name: Application Compatibility Toolkit (ACT) Technical Reference - items: - - name: SUA User's Guide - href: file1.md - - name: Using the SUA Wizard - href: file1.md - - name: Using the SUA Tool - href: file1.md - - name: Tabs on the SUA Tool Interface - href: file1.md - - name: Showing Messages Generated by the SUA Tool - href: file1.md - - name: Applying Filters to Data in the SUA Tool - href: file1.md - - name: Fixing Applications by Using the SUA Tool - href: file1.md - - name: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista - href: file1.md - - name: Compatibility Administrator User's Guide - href: file1.md - - name: Using the Compatibility Administrator Tool - href: file1.md - - name: Available Data Types and Operators in Compatibility Administrator - href: file1.md - - name: Searching for Fixed Applications in Compatibility Administrator - href: file1.md - - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator - href: file1.md - - name: Creating a Custom Compatibility Fix in Compatibility Administrator - href: file1.md - - name: Creating a Custom Compatibility Mode in Compatibility Administrator - href: file1.md - - name: Creating an AppHelp Message in Compatibility Administrator - href: file1.md - - name: Viewing the Events Screen in Compatibility Administrator - href: file1.md - - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator - href: file1.md - - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator - href: file1.md - - name: Managing Application-Compatibility Fixes and Custom Fix Databases - href: file1.md - - name: Understanding and Using Compatibility Fixes - href: file1.md - - name: Compatibility Fix Database Management Strategies and Deployment - href: file1.md - - name: Testing Your Application Mitigation Packages - href: file1.md - - name: Using the Sdbinst.exe Command-Line Tool - href: file1.md - - name: Volume Activation [client] - href: file1.md - - name: Plan for volume activation [client] - href: file1.md - - name: Activate using Key Management Service [client] - href: file1.md - - name: Activate using Active Directory-based activation [client] - href: file1.md - - name: Activate clients running Windows 10 - href: file1.md - - name: Monitor activation [client] - href: file1.md - - name: Use the Volume Activation Management Tool [client] - href: file1.md - - name: "Appendix: Information sent to Microsoft during activation [client]" - href: file1.md - - - name: Install fonts in Windows 10 - href: file1.md \ No newline at end of file From b0da6e19e9f3f20d57afc4723e57bd428c338c64 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 13:53:58 -0700 Subject: [PATCH 095/338] test --- windows/deployment/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index fb49cec595..8a96fbc9e6 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -5,7 +5,7 @@ ### test ## Plan -

A blue heading

+

A blue heading

## Prepare From 286534de5008daa6bc123ab26245e4e2d7b9e98a Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 14:09:21 -0700 Subject: [PATCH 096/338] test --- windows/deployment/TOC.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 8a96fbc9e6..7c0bb8a3ee 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -5,12 +5,9 @@ ### test ## Plan -

A blue heading

## Prepare ## Deploy ## Reference - -

Test

\ No newline at end of file From 9c49a3aedb8c1b93687a9797ffdcdf653f79bf60 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 15:18:25 -0700 Subject: [PATCH 097/338] test --- windows/deployment/TOC.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 7c0bb8a3ee..55992ad043 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -2,7 +2,12 @@ ## Get started ### [What's new in Windows 10 deployment](file1.md) -### test + +

test

+ +

test

+ +###
test
## Plan From 9b13ac8cf7d505f55dbb2443f65c32b9dadcf683 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 15:32:56 -0700 Subject: [PATCH 098/338] test --- windows/deployment/TOC.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 55992ad043..f380ed4b29 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -3,10 +3,6 @@ ## Get started ### [What's new in Windows 10 deployment](file1.md) -

test

- -

test

- ###
test
## Plan From 3bdf240e5828ed5c5344d4ec927f4ce63cd8b4f7 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 15:47:58 -0700 Subject: [PATCH 099/338] test --- windows/deployment/TOC.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index f380ed4b29..9a5d609025 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -1,9 +1,7 @@ # Deploy and update Windows 10 ## Get started -### [What's new in Windows 10 deployment](file1.md) - -###
test
+### [What's new in Windows 10 deployment](file1.md) ## Plan From 5c2fed6c112a15d05554892445766e08ac9f3921 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 15:50:03 -0700 Subject: [PATCH 100/338] test --- windows/deployment/TOC.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 9a5d609025..f2b1ef0d72 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -4,6 +4,7 @@ ### [What's new in Windows 10 deployment](file1.md) ## Plan +### [
Planning topic
](file1.md) ## Prepare From 0e8cefcdadf29a9ef5a1d660ea873ffb723bbda1 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 28 Apr 2020 16:22:52 -0700 Subject: [PATCH 101/338] replace --- windows/deployment/TOC.md | 13 -- windows/deployment/TOC.yml | 416 +++++++++++++++++++++++++++++++++++++ 2 files changed, 416 insertions(+), 13 deletions(-) delete mode 100644 windows/deployment/TOC.md create mode 100644 windows/deployment/TOC.yml diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md deleted file mode 100644 index f2b1ef0d72..0000000000 --- a/windows/deployment/TOC.md +++ /dev/null @@ -1,13 +0,0 @@ -# Deploy and update Windows 10 - -## Get started -### [What's new in Windows 10 deployment](file1.md) - -## Plan -### [
Planning topic
](file1.md) - -## Prepare - -## Deploy - -## Reference diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml new file mode 100644 index 0000000000..72abea01c0 --- /dev/null +++ b/windows/deployment/TOC.yml @@ -0,0 +1,416 @@ +- name: Deploy and update Windows 10 + href: index.yml + items: + - name: Get started + items: + - name: What's new in Windows 10 deployment + href: file1.md + - name: Learn about Windows 10 + href: file1.md + - name: What is Windows as a service? + href: file1.md + - name: Windows update fundamentals + href: file1.md + - name: Types of Windows updates + href: file1.md + - name: Servicing the Windows 10 operating system + href: file1.md + - name: Windows 10 deployment scenarios + href: file1.md + - name: Deployment proof of concept + items: + - name: Demonstrate Autopilot deployment on a VM + href: file1.md + - name: Deploy Windows 10 with MDT and Configuration Manager + items: + - name: 'Step by step guide: Configure a test lab to deploy Windows 10' + href: file1.md + - name: Deploy Windows 10 in a test lab using MDT + href: file1.md + - name: Deploy Windows 10 in a test lab using Configuration Manager + href: file1.md + + - name: Plan + items: + - name: Plan for Windows 10 deployment + href: file1.md + - name: Windows 10 deployment considerations + href: file1.md + - name: Create a deployment plan + href: file1.md + - name: Evaluate infrastructure and tools + href: file1.md + - name: Determine application readiness + href: file1.md + - name: Define your servicing strategy + href: file1.md + - name: Plan for volume activation + href: file1.md + - name: Features removed or planned for replacement + items: + - name: Windows 10 features lifecycle + href: file1.md + - name: Features we're no longer developing + href: file1.md + - name: Features we removed + href: file1.md + + - name: Prepare + items: + - name: Prepare to deploy Windows 10 + href: file1.md + - name: Evaluate and update infrastructure + href: file1.md + - name: Evaluate and update deployment processes + href: file1.md + - name: Prepare deployment tools + items: + - name: Register devices for deployment with Windows Autopilot + href: file1.md + - name: Prepare for deployment with MDT + href: file1.md + - name: Prepare for deployment with Configuration Manager + href: file1.md + + - name: Deploy + items: + - name: Deploy Windows 10 + items: + - name: Deployment process posters + href: file1.md + - name: Deploy Windows 10 with Autopilot + items: + - name: Windows Autopilot overview + - name: Deploy Windows 10 with Configuration Manager + items: + - name: Deploy to a new device + - name: Refresh a device + - name: Replace a device + - name: In-place upgrade + - name: Deploy Windows 10 with MDT + items: + - name: Deploy to a new device + - name: Refresh a device + - name: Replace a device + - name: In-place upgrade + - name: Deploy Windows 10 updates + items: + - name: Deploy updates with Configuration Manager + - name: Deploy updates with Intune + - name: Deploy updates with WSUS + - name: Deploy updates with Group Policy + - name: Troubleshoot + items: + - name: Resolve Windows 10 upgrade errors + href: file1.md + - name: Quick fixes + href: file1.md + - name: SetupDiag + href: file1.md + - name: Troubleshooting upgrade errors + href: file1.md + - name: Windows error reporting + href: file1.md + - name: Upgrade error codes + href: file1.md + - name: Log files + href: file1.md + - name: Resolution procedures + href: file1.md + - name: Submit Windows 10 upgrade errors + href: file1.md + + - name: Reference + items: + - name: Windows 10 volume license media + href: file1.md + - name: Deploy Windows 10 with Microsoft 365 + href: file1.md + - name: How Windows Update works (new) + href: file1.md + - name: Additional Windows Update settings + href: file1.md + - name: Delivery Optimization reference + href: file1.md + - name: Windows 10 in S mode + items: + - name: Windows 10 in S mode overview + href: file1.md + - name: Switch to Windows 10 Pro/Enterprise from S mode + href: file1.md + - name: Subscription Activation + items: + - name: Windows 10 Subscription Activation + href: file1.md + - name: Windows 10 Enterprise E3 in CSP + href: file1.md + - name: Configure VDA for Subscription Activation + href: file1.md + - name: Deploy Windows 10 Enterprise licenses + href: file1.md + - name: Windows 10 deployment tools + items: + - name: Windows 10 deployment scenarios and tools + items: + - name: Convert MBR partition to GPT + - name: Configure a PXE server to load Windows PE + - name: Windows ADK for Windows 10 scenarios for IT Pros + - name: Windows To Go + items: + - name: Deploy Windows To Go in your organization + href: file1.md + - name: Feature overview + items: + - name: "Windows To Go: feature overview" + href: file1.md + - name: Best practice recommendations for Windows To Go + href: file1.md + - name: Deployment considerations for Windows To Go + href: file1.md + - name: Prepare your organization for Windows To Go + href: file1.md + - name: Security and data protection considerations for Windows To Go + href: file1.md + - name: "Windows To Go: frequently asked questions" + href: file1.md + + - name: Volume Activation Management Tool (VAMT) technical reference + items: + - name: VAMT technical reference + href: file1.md + - name: Introduction to VAMT + href: file1.md + - name: Active Directory-Based Activation Overview + href: file1.md + - name: Install and Configure VAMT + href: file1.md + - name: VAMT Requirements + href: file1.md + - name: Install VAMT + href: file1.md + - name: Configure Client Computers + href: file1.md + - name: Add and Manage Products + href: file1.md + - name: Add and Remove Computers + href: file1.md + - name: Update Product Status + href: file1.md + - name: Remove Products + href: file1.md + - name: Manage Product Keys + href: file1.md + - name: Add and Remove a Product Key + href: file1.md + - name: Install a Product Key + href: file1.md + - name: Install a KMS Client Key + href: file1.md + - name: Manage Activations + href: file1.md + - name: Perform Online Activation + href: file1.md + - name: Perform Proxy Activation + href: file1.md + - name: Perform KMS Activation + href: file1.md + - name: Perform Local Reactivation + href: file1.md + - name: Activate an Active Directory Forest Online + href: file1.md + - name: Activate by Proxy an Active Directory Forest + href: file1.md + - name: Manage VAMT Data + href: file1.md + - name: Import and Export VAMT Data + href: file1.md + - name: Use VAMT in Windows PowerShell + href: file1.md + - name: VAMT Step-by-Step Scenarios + href: file1.md + - name: "Scenario 1: Online Activation" + href: file1.md + - name: "Scenario 2: Proxy Activation" + href: file1.md + - name: "Scenario 3: KMS Client Activation" + href: file1.md + - name: VAMT Known Issues + href: file1.md + + - name: User State Migration Tool (USMT) technical reference + items: + - name: USMT overview topics + items: + - name: USMT overview + href: file1.md + - name: Getting started with the USMT + href: file1.md + - name: Windows upgrade and migration considerations + href: file1.md + - name: USMT How-to topics + items: + - name: Exclude Files and Settings + href: file1.md + - name: Extract Files from a Compressed USMT Migration Store + href: file1.md + - name: Include Files and Settings + href: file1.md + - name: Migrate Application Settings + href: file1.md + - name: Migrate EFS Files and Certificates + href: file1.md + - name: Migrate User Accounts + href: file1.md + - name: Reroute Files and Settings + href: file1.md + - name: Verify the Condition of a Compressed Migration Store + href: file1.md + - name: USMT Troubleshooting + href: file1.md + - name: Common Issues + href: file1.md + - name: Frequently Asked Questions + href: file1.md + - name: Log Files + href: file1.md + - name: Return Codes + href: file1.md + - name: USMT Resources + href: file1.md + + - name: USMT Reference + items: + - name: USMT Requirements + href: file1.md + - name: USMT Best Practices + href: file1.md + - name: How USMT Works + href: file1.md + - name: Plan Your Migration + href: file1.md + - name: Common Migration Scenarios + href: file1.md + - name: What Does USMT Migrate? + href: file1.md + - name: Choose a Migration Store Type + href: file1.md + - name: Migration Store Types Overview + href: file1.md + - name: Estimate Migration Store Size + href: file1.md + - name: Hard-Link Migration Store + href: file1.md + - name: Migration Store Encryption + href: file1.md + - name: Determine What to Migrate + href: file1.md + - name: Determine What to Migrate + href: file1.md + - name: Identify Applications Settings + href: file1.md + - name: Identify Operating System Settings + href: file1.md + - name: Identify File Types, Files, and Folders + href: file1.md + - name: Test Your Migration + href: file1.md + - name: USMT Command-line Syntax + href: file1.md + - name: ScanState Syntax + href: file1.md + - name: LoadState Syntax + href: file1.md + - name: UsmtUtils Syntax + href: file1.md + - name: USMT XML Reference + href: file1.md + - name: Understanding Migration XML Files + href: file1.md + - name: Config.xml File + href: file1.md + - name: Customize USMT XML Files + href: file1.md + - name: Custom XML Examples + href: file1.md + - name: Conflicts and Precedence + href: file1.md + - name: General Conventions + href: file1.md + - name: XML File Requirements + href: file1.md + - name: Recognized Environment Variables + href: file1.md + - name: XML Elements Library + href: file1.md + - name: Offline Migration Reference + href: file1.md + + - name: Application Compatibility Toolkit (ACT) Technical Reference + items: + - name: SUA User's Guide + href: file1.md + - name: Using the SUA Wizard + href: file1.md + - name: Using the SUA Tool + href: file1.md + - name: Tabs on the SUA Tool Interface + href: file1.md + - name: Showing Messages Generated by the SUA Tool + href: file1.md + - name: Applying Filters to Data in the SUA Tool + href: file1.md + - name: Fixing Applications by Using the SUA Tool + href: file1.md + - name: Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista + href: file1.md + - name: Compatibility Administrator User's Guide + href: file1.md + - name: Using the Compatibility Administrator Tool + href: file1.md + - name: Available Data Types and Operators in Compatibility Administrator + href: file1.md + - name: Searching for Fixed Applications in Compatibility Administrator + href: file1.md + - name: Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator + href: file1.md + - name: Creating a Custom Compatibility Fix in Compatibility Administrator + href: file1.md + - name: Creating a Custom Compatibility Mode in Compatibility Administrator + href: file1.md + - name: Creating an AppHelp Message in Compatibility Administrator + href: file1.md + - name: Viewing the Events Screen in Compatibility Administrator + href: file1.md + - name: Enabling and Disabling Compatibility Fixes in Compatibility Administrator + href: file1.md + - name: Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator + href: file1.md + - name: Managing Application-Compatibility Fixes and Custom Fix Databases + href: file1.md + - name: Understanding and Using Compatibility Fixes + href: file1.md + - name: Compatibility Fix Database Management Strategies and Deployment + href: file1.md + - name: Testing Your Application Mitigation Packages + href: file1.md + - name: Using the Sdbinst.exe Command-Line Tool + href: file1.md + - name: Volume Activation [client] + href: file1.md + - name: Plan for volume activation [client] + href: file1.md + - name: Activate using Key Management Service [client] + href: file1.md + - name: Activate using Active Directory-based activation [client] + href: file1.md + - name: Activate clients running Windows 10 + href: file1.md + - name: Monitor activation [client] + href: file1.md + - name: Use the Volume Activation Management Tool [client] + href: file1.md + - name: "Appendix: Information sent to Microsoft during activation [client]" + href: file1.md + + - name: Install fonts in Windows 10 + href: file1.md \ No newline at end of file From 30ad35da6fcc9b52c406788b82cc95b71ef6f85e Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 29 Apr 2020 08:32:46 -0700 Subject: [PATCH 102/338] update toc --- windows/deployment/TOC.yml | 165 ++++++++++++++++++++++++++----------- 1 file changed, 118 insertions(+), 47 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 72abea01c0..e6a6899fd3 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -5,18 +5,21 @@ items: - name: What's new in Windows 10 deployment href: file1.md - - name: Learn about Windows 10 + - name: Windows 10 deployment scenarios (update) href: file1.md - - name: What is Windows as a service? - href: file1.md - - name: Windows update fundamentals - href: file1.md - - name: Types of Windows updates - href: file1.md - - name: Servicing the Windows 10 operating system - href: file1.md - - name: Windows 10 deployment scenarios + - name: Deployment process posters href: file1.md + - name: Learn about Windows 10 (new) + items: + - name: What is Windows as a service? (retitled, consolidated) + href: file1.md + - name: Windows update fundamentals + href: file1.md + - name: Types of Windows updates + href: file1.md + - name: Servicing the Windows 10 operating system (retitled) + href: file1.md + - name: Deployment proof of concept items: - name: Demonstrate Autopilot deployment on a VM @@ -32,17 +35,17 @@ - name: Plan items: - - name: Plan for Windows 10 deployment + - name: Create a deployment plan (new) href: file1.md - - name: Windows 10 deployment considerations + - name: Windows 10 deployment considerations (rewrite) href: file1.md - - name: Create a deployment plan + - name: Evaluate infrastructure and tools (new) href: file1.md - - name: Evaluate infrastructure and tools + - name: Determine application readiness (new) href: file1.md - - name: Determine application readiness - href: file1.md - - name: Define your servicing strategy + - name: Define your servicing strategy (new) + href: file1.md + - name: Best practices for feature updates on mission-critical devices href: file1.md - name: Plan for volume activation href: file1.md @@ -57,13 +60,17 @@ - name: Prepare items: - - name: Prepare to deploy Windows 10 + - name: Prepare to deploy Windows 10 (new) href: file1.md - - name: Evaluate and update infrastructure + - name: Evaluate and update infrastructure (new) href: file1.md - - name: Evaluate and update deployment processes + - name: Evaluate and update deployment processes (new) href: file1.md - - name: Prepare deployment tools + - name: Test and remediate your applications (new) + href: file1.md + - name: Configure BranchCache for Windows 10 updates + href: file1.md + - name: Prepare your deployment tools (new) items: - name: Register devices for deployment with Windows Autopilot href: file1.md @@ -71,60 +78,125 @@ href: file1.md - name: Prepare for deployment with Configuration Manager href: file1.md + - name: Build a successful servicing strategy + items: + - name: Build deployment rings for Windows 10 updates + href: file1.md + - name: Prepare updates using Windows Update for Business + href: file1.md + - name: Prepare updates using WSUS (retitle) + href: file1.md - name: Deploy items: - name: Deploy Windows 10 items: - - name: Deployment process posters - href: file1.md - name: Deploy Windows 10 with Autopilot - items: - - name: Windows Autopilot overview + href: file1.md - name: Deploy Windows 10 with Configuration Manager items: - name: Deploy to a new device + href: file1.md - name: Refresh a device + href: file1.md - name: Replace a device + href: file1.md - name: In-place upgrade + href: file1.md - name: Deploy Windows 10 with MDT items: - name: Deploy to a new device + href: file1.md - name: Refresh a device + href: file1.md - name: Replace a device + href: file1.md - name: In-place upgrade + href: file1.md - name: Deploy Windows 10 updates items: + - name: Assign devices to servicing channels (retitle) + href: file1.md - name: Deploy updates with Configuration Manager + href: file1.md - name: Deploy updates with Intune + href: file1.md - name: Deploy updates with WSUS + href: file1.md - name: Deploy updates with Group Policy - - name: Troubleshoot + href: file1.md + - name: Manage device restarts after updates + href: file1.md + - name: Manage additional Windows Update settings + href: file1.md + - name: Determine the source of Windows Updates + href: file1.md + - name: Update Windows 10 media with Dynamic Update + href: file1.md + - name: Deploy feature updates during maintenance windows + href: file1.md + - name: Deploy feature updates for user-initiated installations + href: file1.md + - name: Use Windows Update for Business items: - - name: Resolve Windows 10 upgrade errors + - name: Configure Windows Update for Business href: file1.md - - name: Quick fixes + - name: Enforcing compliance deadlines for updates href: file1.md - - name: SetupDiag + - name: Integrate Windows Update for Business with management solutions href: file1.md - - name: Troubleshooting upgrade errors + - name: 'Walkthrough: use Group Policy to configure Windows Update for Business' href: file1.md - - name: Windows error reporting + - name: 'Walkthrough: use Intune to configure Windows Update for Business' href: file1.md - - name: Upgrade error codes - href: file1.md - - name: Log files - href: file1.md - - name: Resolution procedures - href: file1.md - - name: Submit Windows 10 upgrade errors + - name: Monitor Windows 10 updates + items: + - name: Monitor Delivery Optimization href: file1.md + - name: Monitor Windows Updates with Update Compliance + items: + - name: Get started with Update Compliance + href: file1.md + - name: Use Update Compliance + href: file1.md + - name: Troubleshooting + items: + - name: Resolve upgrade errors + items: + - name: Resolve Windows 10 upgrade errors + href: file1.md + - name: Quick fixes + href: file1.md + - name: SetupDiag + href: file1.md + - name: Troubleshooting upgrade errors + href: file1.md + - name: Windows error reporting + href: file1.md + - name: Upgrade error codes + href: file1.md + - name: Log files + href: file1.md + - name: Resolution procedures + href: file1.md + - name: Submit Windows 10 upgrade errors + href: file1.md + - name: Troubleshoot Windows Update + items: + - name: How to troubleshoot Windows Update + href: file1.md + - name: Common Windows Update errors + href: file1.md + - name: Windows Update error code reference + href: file1.md - name: Reference items: - - name: Windows 10 volume license media + - name: How does Windows Update work? href: file1.md - - name: Deploy Windows 10 with Microsoft 365 + - name: Understanding the Unified Update Platform + href: file1.md + - name: Servicing stack updates href: file1.md - name: How Windows Update works (new) href: file1.md @@ -132,12 +204,8 @@ href: file1.md - name: Delivery Optimization reference href: file1.md - - name: Windows 10 in S mode - items: - - name: Windows 10 in S mode overview - href: file1.md - - name: Switch to Windows 10 Pro/Enterprise from S mode - href: file1.md + - name: Windows 10 in S mode (consolidate) + href: file1.md - name: Subscription Activation items: - name: Windows 10 Subscription Activation @@ -150,11 +218,14 @@ href: file1.md - name: Windows 10 deployment tools items: - - name: Windows 10 deployment scenarios and tools + - name: Windows 10 deployment scenarios and tools (retitle) items: - name: Convert MBR partition to GPT + href: file1.md - name: Configure a PXE server to load Windows PE + href: file1.md - name: Windows ADK for Windows 10 scenarios for IT Pros + href: file1.md - name: Windows To Go items: - name: Deploy Windows To Go in your organization From 77a9ea5ba467d46eb24a51e141cb2ed523103a55 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 29 Apr 2020 10:07:04 -0700 Subject: [PATCH 103/338] update toc --- windows/deployment/TOC.yml | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index e6a6899fd3..a2ea35ce8e 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -15,9 +15,9 @@ href: file1.md - name: Windows update fundamentals href: file1.md - - name: Types of Windows updates + - name: Types of Windows updates (consolidate) href: file1.md - - name: Servicing the Windows 10 operating system (retitled) + - name: Servicing the Windows 10 operating system (retitled, consolidate?) href: file1.md - name: Deployment proof of concept @@ -34,13 +34,13 @@ href: file1.md - name: Plan - items: - - name: Create a deployment plan (new) - href: file1.md + items: - name: Windows 10 deployment considerations (rewrite) - href: file1.md + href: file1.md + - name: Create a deployment plan (new) + href: file1.md - name: Evaluate infrastructure and tools (new) - href: file1.md + href: file1.md - name: Determine application readiness (new) href: file1.md - name: Define your servicing strategy (new) @@ -68,6 +68,8 @@ href: file1.md - name: Test and remediate your applications (new) href: file1.md + - name: Set up Delivery Optimization for Windows 10 updates + href: file1.md - name: Configure BranchCache for Windows 10 updates href: file1.md - name: Prepare your deployment tools (new) @@ -125,18 +127,18 @@ href: file1.md - name: Deploy updates with Group Policy href: file1.md - - name: Manage device restarts after updates - href: file1.md - - name: Manage additional Windows Update settings - href: file1.md - - name: Determine the source of Windows Updates - href: file1.md - name: Update Windows 10 media with Dynamic Update href: file1.md - - name: Deploy feature updates during maintenance windows - href: file1.md - - name: Deploy feature updates for user-initiated installations - href: file1.md + - name: Manage Windows 10 updates + items: + - name: Manage device restarts after updates + href: file1.md + - name: Manage additional Windows Update settings + href: file1.md + - name: Deploy feature updates during maintenance windows + href: file1.md + - name: Deploy feature updates for user-initiated installations + href: file1.md - name: Use Windows Update for Business items: - name: Configure Windows Update for Business @@ -185,6 +187,8 @@ items: - name: How to troubleshoot Windows Update href: file1.md + - name: Determine the source of Windows Updates (find this topic) + href: file1.md - name: Common Windows Update errors href: file1.md - name: Windows Update error code reference From 8acd1fa0bd5655d40f760a384f4376ae5292ef3d Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 29 Apr 2020 14:22:58 -0700 Subject: [PATCH 104/338] update toc --- windows/deployment/TOC.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index a2ea35ce8e..7146057090 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -115,6 +115,16 @@ href: file1.md - name: In-place upgrade href: file1.md + - name: Subscription Activation + items: + - name: Windows 10 Subscription Activation + href: file1.md + - name: Windows 10 Enterprise E3 in CSP + href: file1.md + - name: Configure VDA for Subscription Activation + href: file1.md + - name: Deploy Windows 10 Enterprise licenses + href: file1.md - name: Deploy Windows 10 updates items: - name: Assign devices to servicing channels (retitle) @@ -210,16 +220,6 @@ href: file1.md - name: Windows 10 in S mode (consolidate) href: file1.md - - name: Subscription Activation - items: - - name: Windows 10 Subscription Activation - href: file1.md - - name: Windows 10 Enterprise E3 in CSP - href: file1.md - - name: Configure VDA for Subscription Activation - href: file1.md - - name: Deploy Windows 10 Enterprise licenses - href: file1.md - name: Windows 10 deployment tools items: - name: Windows 10 deployment scenarios and tools (retitle) From cb1982376a8a7fe5968566c9cb7a62a1de6fa771 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Wed, 29 Apr 2020 15:37:59 -0700 Subject: [PATCH 105/338] update toc --- windows/deployment/TOC.yml | 38 ++++++++++++++++++++++++++++++++++---- 1 file changed, 34 insertions(+), 4 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 7146057090..9899e7321e 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -167,10 +167,40 @@ href: file1.md - name: Monitor Windows Updates with Update Compliance items: - - name: Get started with Update Compliance - href: file1.md - - name: Use Update Compliance - href: file1.md + - name: Get started + items: + - name: Get started with Update Compliance (consolidate) + href: file1.md + - name: Update Compliance configuration script + href: file1.md + - name: Manually configuring devices for Update Compliance + href: file1.md + - name: Update Compliance monitoring + items: + - name: Use Update Compliance + href: file1.md + - name: Need attention report + href: file1.md + - name: Security update status report + href: file1.md + - name: Feature update status report + href: file1.md + - name: Delivery Optimization in Update Compliance + href: file1.md + - name: Data handling and privacy in Update Compliance + href: file1.md + - name: Update Compliance schema reference + items: + - name: WaaSUpdateStatus + href: file1.md + - name: WaaSInsiderStatus + href: file1.md + - name: WaaSDepoymentStatus + href: file1.md + - name: WUDOStatus + href: file1.md + - name: WUDOAggregatedStatus + href: file1.md - name: Troubleshooting items: - name: Resolve upgrade errors From 320c9020dee72786d0e230d7ade940c5022bdafe Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 4 May 2020 09:09:49 -0700 Subject: [PATCH 106/338] update toc --- windows/deployment/TOC.yml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 9899e7321e..df7126d3eb 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -9,16 +9,14 @@ href: file1.md - name: Deployment process posters href: file1.md - - name: Learn about Windows 10 (new) - items: - - name: What is Windows as a service? (retitled, consolidated) - href: file1.md - - name: Windows update fundamentals - href: file1.md - - name: Types of Windows updates (consolidate) - href: file1.md - - name: Servicing the Windows 10 operating system (retitled, consolidate?) - href: file1.md + - name: What is Windows as a service? (retitled, consolidated) + href: file1.md + - name: Windows update fundamentals + href: file1.md + - name: Types of Windows updates (consolidate) + href: file1.md + - name: Servicing the Windows 10 operating system (retitled, consolidate?) + href: file1.md - name: Deployment proof of concept items: From 6a0954828e892e685bdebdc2ec89cc70e68c9afb Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 4 May 2020 09:36:21 -0700 Subject: [PATCH 107/338] update toc --- windows/deployment/TOC.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index df7126d3eb..f3fed776b4 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -13,10 +13,10 @@ href: file1.md - name: Windows update fundamentals href: file1.md - - name: Types of Windows updates (consolidate) - href: file1.md - - name: Servicing the Windows 10 operating system (retitled, consolidate?) - href: file1.md + - name: Types of Windows updates (consolidate) + href: file1.md + - name: Servicing the Windows 10 operating system (retitled, consolidate?) + href: file1.md - name: Deployment proof of concept items: From 9908578a6fe653008934135b967aa7fe08336370 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 4 May 2020 09:56:54 -0700 Subject: [PATCH 108/338] update toc --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index f3fed776b4..2e5f8b6640 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -115,7 +115,7 @@ href: file1.md - name: Subscription Activation items: - - name: Windows 10 Subscription Activation + - name: Windows 10 Subscription Activation (update) href: file1.md - name: Windows 10 Enterprise E3 in CSP href: file1.md From 3a4aae879c3289f9787bed589123b18c036a4c33 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 4 May 2020 10:25:26 -0700 Subject: [PATCH 109/338] update toc --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 2e5f8b6640..2923bb8c57 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -14,7 +14,7 @@ - name: Windows update fundamentals href: file1.md - name: Types of Windows updates (consolidate) - href: file1.md + href: file1.md - name: Servicing the Windows 10 operating system (retitled, consolidate?) href: file1.md From 3874c52d5f0871bb5f9284e011212b58fd348fb3 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 4 May 2020 13:18:32 -0700 Subject: [PATCH 110/338] update toc --- windows/deployment/TOC.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 2923bb8c57..318d86d3e1 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -498,21 +498,21 @@ href: file1.md - name: Using the Sdbinst.exe Command-Line Tool href: file1.md - - name: Volume Activation [client] + - name: Volume Activation href: file1.md - - name: Plan for volume activation [client] + - name: Plan for volume activation href: file1.md - - name: Activate using Key Management Service [client] + - name: Activate using Key Management Service href: file1.md - - name: Activate using Active Directory-based activation [client] + - name: Activate using Active Directory-based activation href: file1.md - name: Activate clients running Windows 10 href: file1.md - - name: Monitor activation [client] + - name: Monitor activation href: file1.md - - name: Use the Volume Activation Management Tool [client] + - name: Use the Volume Activation Management Tool href: file1.md - - name: "Appendix: Information sent to Microsoft during activation [client]" + - name: "Appendix: Information sent to Microsoft during activation " href: file1.md - name: Install fonts in Windows 10 From 4e888559dd37f0695942ec760fa84a02ef542fe3 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 4 May 2020 15:53:28 -0700 Subject: [PATCH 111/338] update toc --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 318d86d3e1..6b0a7ab46d 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -137,7 +137,7 @@ href: file1.md - name: Update Windows 10 media with Dynamic Update href: file1.md - - name: Manage Windows 10 updates + - name: Manage the Windows 10 update experience items: - name: Manage device restarts after updates href: file1.md From 7ee4dd349cd5a20d01bc5942b23dfe0009747c59 Mon Sep 17 00:00:00 2001 From: "Jeff Reeds (Aquent LLC)" Date: Tue, 5 May 2020 13:08:44 -0700 Subject: [PATCH 112/338] Changed Windows to Microsoft where needed --- ...overview-of-the-tools-in-dart-70-new-ia.md | 2 +- mdop/dart-v8/TOC.md | 2 +- .../dart-80-privacy-statement-dart-8.md | 6 +-- mdop/dart-v8/index.md | 2 +- ...overview-of-the-tools-in-dart-80-dart-8.md | 2 +- .../technical-reference-for-dart-80-new-ia.md | 4 +- ...ine-wdo-for-malware-protection-not-dart.md | 16 +++---- windows/client-management/mdm/defender-csp.md | 2 +- .../intelligence/rootkits-malware.md | 2 +- ...fline.md => microsoft-defender-offline.md} | 44 +++++++++---------- .../windows-defender-antivirus/oldTOC.md | 2 +- ...dows-defender-security-center-antivirus.md | 2 +- .../ltsc/whats-new-windows-10-2016.md | 2 +- .../whats-new-windows-10-version-1607.md | 2 +- .../whats-new-windows-10-version-1903.md | 2 +- 15 files changed, 46 insertions(+), 46 deletions(-) rename windows/security/threat-protection/windows-defender-antivirus/{windows-defender-offline.md => microsoft-defender-offline.md} (54%) diff --git a/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md b/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md index 30c1b4a4a7..a021c0fd09 100644 --- a/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md +++ b/mdop/dart-v7/overview-of-the-tools-in-dart-70-new-ia.md @@ -121,7 +121,7 @@ The **Search** tool opens a **File Search** window that you can use to find docu ### Standalone System Sweeper **Important**   -Environments with the Standalone System Sweeper deployed should instead use the Windows Defender Offline (WDO) protection image for malware detection. Because of how the Standalone System Sweeper tool integrates into DaRT, all supported DaRT version deployments cannot apply these anti-malware updates to their DaRT images. +Environments with the Standalone System Sweeper deployed should instead use the Microsoft Defender Offline (WDO) protection image for malware detection. Because of how the Standalone System Sweeper tool integrates into DaRT, all supported DaRT version deployments cannot apply these anti-malware updates to their DaRT images. diff --git a/mdop/dart-v8/TOC.md b/mdop/dart-v8/TOC.md index b2c907364b..1071a26cdd 100644 --- a/mdop/dart-v8/TOC.md +++ b/mdop/dart-v8/TOC.md @@ -39,5 +39,5 @@ #### [How to Use a PowerShell Script to Create the Recovery Image](how-to-use-a-powershell-script-to-create-the-recovery-image-dart-8.md) ## [Troubleshooting DaRT 8.0](troubleshooting-dart-80-dart-8.md) ## [Technical Reference for DaRT 8.0](technical-reference-for-dart-80-new-ia.md) -### [Use Windows Defender Offline (WDO) for malware protection, not DaRT ](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md) +### [Use Microsoft Defender Offline (WDO) for malware protection, not DaRT ](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md) diff --git a/mdop/dart-v8/dart-80-privacy-statement-dart-8.md b/mdop/dart-v8/dart-80-privacy-statement-dart-8.md index 73939a6af0..f49f70867f 100644 --- a/mdop/dart-v8/dart-80-privacy-statement-dart-8.md +++ b/mdop/dart-v8/dart-80-privacy-statement-dart-8.md @@ -82,12 +82,12 @@ For details about what information is collected and how it is used, see the Upda For details about controlling this feature, see the Update Services Privacy Statement at [https://go.microsoft.com/fwlink/?LinkId=244000](https://go.microsoft.com/fwlink/?LinkId=244400). -## Windows Defender Offline +## Microsoft Defender Offline **What This Feature Does:** -Windows Defender Offline (WDO) is included in the DaRT download. WDO helps protect your PC from malicious software (malware) such as viruses, spyware, and other potentially harmful software. +Microsoft Defender Offline (WDO) is included in the DaRT download. WDO helps protect your PC from malicious software (malware) such as viruses, spyware, and other potentially harmful software. **Information Collected, Processed, or Transmitted:** @@ -99,7 +99,7 @@ For details about what information is collected and how it is used, see the WDO **Choice/Control:** -For details about controlling this feature, see the Windows Defender Offline Privacy Statement at . +For details about controlling this feature, see the Microsoft Defender Offline Privacy Statement at . ## Related topics diff --git a/mdop/dart-v8/index.md b/mdop/dart-v8/index.md index d51694005d..403a88d542 100644 --- a/mdop/dart-v8/index.md +++ b/mdop/dart-v8/index.md @@ -38,7 +38,7 @@ DaRT 8.0 is an important part of the Microsoft Desktop Optimization Pack (MDOP), [Technical Reference for DaRT 8.0](technical-reference-for-dart-80-new-ia.md) -[Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Windows Defender Offline (WDO) for malware detection-->](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md) +[Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Microsoft Defender Offline (WDO) for malware detection-->](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md) [Troubleshooting DaRT 8.0](troubleshooting-dart-80-dart-8.md) diff --git a/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md b/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md index ec7b892511..46c8676819 100644 --- a/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md +++ b/mdop/dart-v8/overview-of-the-tools-in-dart-80-dart-8.md @@ -48,7 +48,7 @@ For more information about **Crash Analyzer**, see [Diagnosing System Failures w ### Defender **Important**   -Environments with the DaRT Defender deployed should instead use the Windows Defender Offline (WDO) protection image for malware detection. Because of how the Defender tool integrates into DaRT, all supported DaRT version deployments cannot apply these anti-malware updates to their DaRT images. For more information, see [Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Windows Defender Offline (WDO) for malware detection-->](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md). +Environments with the DaRT Defender deployed should instead use the Microsoft Defender Offline (WDO) protection image for malware detection. Because of how the Defender tool integrates into DaRT, all supported DaRT version deployments cannot apply these anti-malware updates to their DaRT images. For more information, see [Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Microsoft Defender Offline (WDO) for malware detection-->](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md). diff --git a/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md b/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md index 6fefab5848..356e206ffd 100644 --- a/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md +++ b/mdop/dart-v8/technical-reference-for-dart-80-new-ia.md @@ -22,9 +22,9 @@ This section includes technical reference information about Microsoft Diagnostic ## Technical reference -[Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Windows Defender Offline (WDO) for malware detection-->](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md) +[Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Microsoft Defender Offline (WDO) for malware detection-->](use-windows-defender-offline-wdo-for-malware-protection-not-dart.md) - Environments with the Microsoft Diagnostics and Recovery Toolset (DaRT) Defender tool deployed should instead use the Windows Defender Offline (WDO) protection image for malware detection. + Environments with the Microsoft Diagnostics and Recovery Toolset (DaRT) Defender tool deployed should instead use the Microsoft Defender Offline (WDO) protection image for malware detection. ## Other resources for DaRT 8.0 operations diff --git a/mdop/dart-v8/use-windows-defender-offline-wdo-for-malware-protection-not-dart.md b/mdop/dart-v8/use-windows-defender-offline-wdo-for-malware-protection-not-dart.md index 6265073d6b..02e1f3ee25 100644 --- a/mdop/dart-v8/use-windows-defender-offline-wdo-for-malware-protection-not-dart.md +++ b/mdop/dart-v8/use-windows-defender-offline-wdo-for-malware-protection-not-dart.md @@ -1,6 +1,6 @@ --- -title: Use Windows Defender Offline (WDO) for malware protection not DaRT -description: Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Windows Defender Offline (WDO) for malware detection +title: Use Microsoft Defender Offline (WDO) for malware protection not DaRT +description: Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Microsoft Defender Offline (WDO) for malware detection author: dansimp ms.assetid: 59678283-4b44-4d02-ba8f-0e7315efd5d1 ms.reviewer: @@ -14,19 +14,19 @@ ms.date: 09/25/2019 --- -# Use Windows Defender Offline (WDO) for malware protection, not DaRT. +# Microsoft Diagnostics and Recovery Toolset (DaRT) users should use Microsoft Defender Offline (WDO) for malware detection--> +# Use Microsoft Defender Offline (WDO) for malware protection, not DaRT. -Environments that have the Microsoft Diagnostics and Recovery Toolset (DaRT) Defender tool deployed should instead use the Windows Defender Offline (WDO) protection image for malware detection. This applies to all currently supported versions of DaRT. These versions include DaRT 7, DaRT 8, and DaRT 8.1, together with their service packs. +Environments that have the Microsoft Diagnostics and Recovery Toolset (DaRT) Defender tool deployed should instead use the Microsoft Defender Offline (WDO) protection image for malware detection. This applies to all currently supported versions of DaRT. These versions include DaRT 7, DaRT 8, and DaRT 8.1, together with their service packs. ## About Windows Defender -The Windows Defender tool distributes anti-malware updates more frequently than the DaRT Defender tool. Because of how the Defender tool integrates into DaRT, all supported DaRT version deployments cannot apply these anti-malware updates to their DaRT images. Without these updates, the DaRT Defender tool quickly becomes outdated. To make sure of up-to-date protection at scan time, you should download Windows Defender Offline to create a bootable image for scanning. +The Windows Defender tool distributes anti-malware updates more frequently than the DaRT Defender tool. Because of how the Defender tool integrates into DaRT, all supported DaRT version deployments cannot apply these anti-malware updates to their DaRT images. Without these updates, the DaRT Defender tool quickly becomes outdated. To make sure of up-to-date protection at scan time, you should download Microsoft Defender Offline to create a bootable image for scanning. -Currently deployed DaRT images do not have to be removed or updated. We recommend that you deploy the bootable image that is provided by Windows Defender Offline for all future malware scans. Using an outdated version of the DaRT Defender tool could result in undetected malware. +Currently deployed DaRT images do not have to be removed or updated. We recommend that you deploy the bootable image that is provided by Microsoft Defender Offline for all future malware scans. Using an outdated version of the DaRT Defender tool could result in undetected malware. -For more information about Windows Defender Offline downloads and FAQs, go to the following website: [What is Windows Defender Offline?](https://go.microsoft.com/fwlink/p/?LinkId=394127). +For more information about Microsoft Defender Offline downloads and FAQs, go to the following website: [What is Microsoft Defender Offline?](https://go.microsoft.com/fwlink/p/?LinkId=394127).   diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index 99080ed5f3..a9993b1e63 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -419,7 +419,7 @@ Node that can be used to perform signature updates for Windows Defender. Supported operations are Get and Execute. **OfflineScan** -Added in Windows 10, version 1803. OfflineScan action starts a Windows Defender offline scan on the computer where you run the command. After the next OS reboot, the device will start in Windows Defender offline mode to begin the scan. +Added in Windows 10, version 1803. OfflineScan action starts a Microsoft Defender Offline scan on the computer where you run the command. After the next OS reboot, the device will start in Microsoft Defender Offline mode to begin the scan. Supported operations are Get and Execute. diff --git a/windows/security/threat-protection/intelligence/rootkits-malware.md b/windows/security/threat-protection/intelligence/rootkits-malware.md index ffe4254e2b..3b66e178f2 100644 --- a/windows/security/threat-protection/intelligence/rootkits-malware.md +++ b/windows/security/threat-protection/intelligence/rootkits-malware.md @@ -55,7 +55,7 @@ For more general tips, see [prevent malware infection](prevent-malware-infection Microsoft security software includes a number of technologies designed specifically to remove rootkits. If you think you might have a rootkit on your device and your antimalware software isn’t detecting it, you might need an extra tool that lets you boot to a known trusted environment. -[Windows Defender Offline](https://support.microsoft.com/help/17466/windows-defender-offline-help-protect-my-pc) can be launched from Windows Security Center and has the latest anti-malware updates from Microsoft. It’s designed to be used on devices that aren't working correctly due to a possible malware infection. +[Microsoft Defender Offline](https://support.microsoft.com/help/17466/windows-defender-offline-help-protect-my-pc) can be launched from Windows Security Center and has the latest anti-malware updates from Microsoft. It’s designed to be used on devices that aren't working correctly due to a possible malware infection. [System Guard](https://cloudblogs.microsoft.com/microsoftsecure/2017/10/23/hardening-the-system-and-maintaining-integrity-with-windows-defender-system-guard/) in Windows 10 protects against rootkits and threats that impact system integrity. diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-offline.md similarity index 54% rename from windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md rename to windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-offline.md index b8fbc245ce..5c6ddacbc5 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-offline.md @@ -1,6 +1,6 @@ --- -title: Windows Defender Offline in Windows 10 -description: You can use Windows Defender Offline straight from the Windows Defender Antivirus app. You can also manage how it is deployed in your network. +title: Microsoft Defender Offline in Windows 10 +description: You can use Microsoft Defender Offline straight from the Windows Defender Antivirus app. You can also manage how it is deployed in your network. keywords: scan, defender, offline search.product: eADQiWindows 10XVcnh ms.pagetype: security @@ -16,21 +16,21 @@ ms.reviewer: manager: dansimp --- -# Run and review the results of a Windows Defender Offline scan +# Run and review the results of a Microsoft Defender Offline scan **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Windows Defender Offline is an antimalware scanning tool that lets you boot and run a scan from a trusted environment. The scan runs from outside the normal Windows kernel so it can target malware that attempts to bypass the Windows shell, such as viruses and rootkits that infect or overwrite the master boot record (MBR). +Microsoft Defender Offline is an antimalware scanning tool that lets you boot and run a scan from a trusted environment. The scan runs from outside the normal Windows kernel so it can target malware that attempts to bypass the Windows shell, such as viruses and rootkits that infect or overwrite the master boot record (MBR). -You can use Windows Defender Offline if you suspect a malware infection, or you want to confirm a thorough clean of the endpoint after a malware outbreak. +You can use Microsoft Defender Offline if you suspect a malware infection, or you want to confirm a thorough clean of the endpoint after a malware outbreak. -In Windows 10, Windows Defender Offline can be run with one click directly from the [Windows Security app](windows-defender-security-center-antivirus.md). In previous versions of Windows, a user had to install Windows Defender Offline to bootable media, restart the endpoint, and load the bootable media. +In Windows 10, Microsoft Defender Offline can be run with one click directly from the [Windows Security app](windows-defender-security-center-antivirus.md). In previous versions of Windows, a user had to install Microsoft Defender Offline to bootable media, restart the endpoint, and load the bootable media. ## prerequisites and requirements -Windows Defender Offline in Windows 10 has the same hardware requirements as Windows 10. +Microsoft Defender Offline in Windows 10 has the same hardware requirements as Windows 10. For more information about Windows 10 requirements, see the following topics: @@ -39,13 +39,13 @@ For more information about Windows 10 requirements, see the following topics: - [Hardware component guidelines](https://msdn.microsoft.com/library/windows/hardware/dn915049(v=vs.85).aspx) > [!NOTE] -> Windows Defender Offline is not supported on machines with ARM processors, or on Windows Server Stock Keeping Units. +> Microsoft Defender Offline is not supported on machines with ARM processors, or on Windows Server Stock Keeping Units. -To run Windows Defender Offline from the endpoint, the user must be logged in with administrator privileges. +To run Microsoft Defender Offline from the endpoint, the user must be logged in with administrator privileges. -## Windows Defender Offline updates +## Microsoft Defender Offline updates -Windows Defender Offline uses the most recent protection updates available on the endpoint; it's updated whenever Windows Defender Antivirus is updated. +Microsoft Defender Offline uses the most recent protection updates available on the endpoint; it's updated whenever Windows Defender Antivirus is updated. > [!NOTE] > Before running an offline scan, you should attempt to update Windows Defender AV protection. You can either force an update with Group Policy or however you normally deploy updates to endpoints, or you can manually download and install the latest protection updates from the [Microsoft Malware Protection Center](https://www.microsoft.com/security/portal/definitions/adl.aspx). @@ -54,37 +54,37 @@ See the [Manage Windows Defender Antivirus Security intelligence updates](manag ## Usage scenarios -In Windows 10, version 1607, you can manually force an offline scan. Alternatively, if Windows Defender determines that Windows Defender Offline needs to run, it will prompt the user on the endpoint. +In Windows 10, version 1607, you can manually force an offline scan. Alternatively, if Windows Defender determines that Microsoft Defender Offline needs to run, it will prompt the user on the endpoint. The need to perform an offline scan will also be revealed in Microsoft Endpoint Configuration Manager if you're using it to manage your endpoints. The prompt can occur via a notification, similar to the following: -![Windows notification showing the requirement to run Windows Defender Offline](images/defender/notification.png) +![Windows notification showing the requirement to run Microsoft Defender Offline](images/defender/notification.png) The user will also be notified within the Windows Defender client: -![Windows Defender showing the requirement to run Windows Defender Offline](images/defender/client.png) +![Windows Defender showing the requirement to run Microsoft Defender Offline](images/defender/client.png) In Configuration Manager, you can identify the status of endpoints by navigating to **Monitoring > Overview > Security > Endpoint Protection Status > System Center Endpoint Protection Status**. -Windows Defender Offline scans are indicated under **Malware remediation status** as **Offline scan required**. +Microsoft Defender Offline scans are indicated under **Malware remediation status** as **Offline scan required**. -![Microsoft Endpoint Configuration Manager indicating a Windows Defender Offline scan is required](images/defender/sccm-wdo.png) +![Microsoft Endpoint Configuration Manager indicating a Microsoft Defender Offline scan is required](images/defender/sccm-wdo.png) ## Configure notifications -Windows Defender Offline notifications are configured in the same policy setting as other Windows Defender AV notifications. +Microsoft Defender Offline notifications are configured in the same policy setting as other Windows Defender AV notifications. For more information about notifications in Windows Defender, see the [Configure the notifications that appear on endpoints](configure-notifications-windows-defender-antivirus.md) topic. ## Run a scan > [!IMPORTANT] -> Before you use Windows Defender Offline, make sure you save any files and shut down running programs. The Windows Defender Offline scan takes about 15 minutes to run. It will restart the endpoint when the scan is complete. The scan is performed outside of the usual Windows operating environment. The user interface will appear different to a normal scan performed by Windows Defender. After the scan is completed, the endpoint will be restarted and Windows will load normally. +> Before you use Microsoft Defender Offline, make sure you save any files and shut down running programs. The Microsoft Defender Offline scan takes about 15 minutes to run. It will restart the endpoint when the scan is complete. The scan is performed outside of the usual Windows operating environment. The user interface will appear different to a normal scan performed by Windows Defender. After the scan is completed, the endpoint will be restarted and Windows will load normally. -You can run a Windows Defender Offline scan with the following: +You can run a Microsoft Defender Offline scan with the following: - PowerShell - Windows Management Instrumentation (WMI) @@ -106,7 +106,7 @@ See [Use PowerShell cmdlets to configure and run Windows Defender Antivirus](use Use the [**MSFT_MpWDOScan**](https://msdn.microsoft.com/library/dn455323(v=vs.85).aspx) class to run an offline scan. -The following WMI script snippet will immediately run a Windows Defender Offline scan, which will cause the endpoint to restart, run the offline scan, and then restart and boot into Windows. +The following WMI script snippet will immediately run a Microsoft Defender Offline scan, which will cause the endpoint to restart, run the offline scan, and then restart and boot into Windows. ```WMI wmic /namespace:\\root\Microsoft\Windows\Defender path MSFT_MpWDOScan call Start @@ -123,7 +123,7 @@ See the following for more information: 2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Advanced scan** label: -3. Select **Windows Defender Offline scan** and click **Scan now**. +3. Select **Microsoft Defender Offline scan** and click **Scan now**. > [!NOTE] @@ -132,7 +132,7 @@ See the following for more information: ## Review scan results -Windows Defender Offline scan results will be listed in the [Scan history section of the Windows Security app](windows-defender-security-center-antivirus.md#detection-history). +Microsoft Defender Offline scan results will be listed in the [Scan history section of the Windows Security app](windows-defender-security-center-antivirus.md#detection-history). ## Related articles diff --git a/windows/security/threat-protection/windows-defender-antivirus/oldTOC.md b/windows/security/threat-protection/windows-defender-antivirus/oldTOC.md index f9457d3f21..301332c5d8 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/oldTOC.md +++ b/windows/security/threat-protection/windows-defender-antivirus/oldTOC.md @@ -51,7 +51,7 @@ ### [Configure scheduled scans](scheduled-catch-up-scans-windows-defender-antivirus.md) ### [Configure and run scans](run-scan-windows-defender-antivirus.md) ### [Review scan results](review-scan-results-windows-defender-antivirus.md) -### [Run and review the results of a Windows Defender Offline scan](windows-defender-offline.md) +### [Run and review the results of a Microsoft Defender Offline scan](windows-defender-offline.md) ## [Review event logs and error codes to troubleshoot issues](troubleshoot-windows-defender-antivirus.md) diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md index 75d23d70dd..3efc7377c3 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md @@ -59,7 +59,7 @@ Item | Windows 10, before version 1703 | Windows 10, version 1703 and later | De 1 | **Update** tab | **Protection updates** | Update the protection (Security intelligence) 2 | **History** tab | **Scan history** | Review threats that were quarantined, removed, or allowed 3 | **Settings** (links to **Windows Settings**) | **Virus & threat protection settings** | Enable various features, including Real-time protection, Cloud-delivered protection, Advanced notifications, and Automatic ample submission -4 | **Scan options** | **Advanced scan** | Run a full scan, custom scan, or a Windows Defender Offline scan +4 | **Scan options** | **Advanced scan** | Run a full scan, custom scan, or a Microsoft Defender Offline scan 5 | Run a scan (based on the option chosen under **Scan options** | **Quick scan** | In Windows 10, version 1703 and later, you can run custom and full scans under the **Advanced scan** option ## Common tasks diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2016.md b/windows/whats-new/ltsc/whats-new-windows-10-2016.md index 727cc608be..6abe9d8dfc 100644 --- a/windows/whats-new/ltsc/whats-new-windows-10-2016.md +++ b/windows/whats-new/ltsc/whats-new-windows-10-2016.md @@ -117,7 +117,7 @@ Windows Information Protection (WIP) helps to protect against this potential dat Several new features and management options have been added to Windows Defender in this version of Windows 10. -- [Windows Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media. +- [Microsoft Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media. - [Use PowerShell cmdlets for Windows Defender](/windows/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus) to configure options and run scans. - [Enable the Block at First Sight feature in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware. - [Configure enhanced notifications for Windows Defender in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus) to see more information about threat detections and removal. diff --git a/windows/whats-new/whats-new-windows-10-version-1607.md b/windows/whats-new/whats-new-windows-10-version-1607.md index f27cc65739..0107a9c65a 100644 --- a/windows/whats-new/whats-new-windows-10-version-1607.md +++ b/windows/whats-new/whats-new-windows-10-version-1607.md @@ -103,7 +103,7 @@ Windows Information Protection (WIP) helps to protect against this potential dat ### Windows Defender Several new features and management options have been added to Windows Defender in Windows 10, version 1607. -- [Windows Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media. +- [Microsoft Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media. - [Use PowerShell cmdlets for Windows Defender](/windows/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus) to configure options and run scans. - [Enable the Block at First Sight feature in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware. - [Configure enhanced notifications for Windows Defender in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus) to see more information about threat detections and removal. diff --git a/windows/whats-new/whats-new-windows-10-version-1903.md b/windows/whats-new/whats-new-windows-10-version-1903.md index ec640e3eea..922caa1d3b 100644 --- a/windows/whats-new/whats-new-windows-10-version-1903.md +++ b/windows/whats-new/whats-new-windows-10-version-1903.md @@ -137,7 +137,7 @@ This new feature is displayed under the Device Security page with the string “ ### Security management - [Windows Defender Firewall now supports Windows Subsystem for Linux (WSL)](https://blogs.windows.com/windowsexperience/2018/04/19/announcing-windows-10-insider-preview-build-17650-for-skip-ahead/#II14f7VlSBcZ0Gs4.97): Lets you add rules for WSL process, just like for Windows processes. -- [Windows Security app](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center) improvements now include Protection history, including detailed and easier to understand information about threats and available actions, Controlled Folder Access blocks are now in the Protection history, Windows Defender Offline Scanning tool actions, and any pending recommendations. +- [Windows Security app](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center) improvements now include Protection history, including detailed and easier to understand information about threats and available actions, Controlled Folder Access blocks are now in the Protection history, Microsoft Defender Offline Scanning tool actions, and any pending recommendations. - [Tamper Protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection) lets you prevent others from tampering with important security features. ## Microsoft Edge From d75105fc957f813d7e0465997d3459fb27783b41 Mon Sep 17 00:00:00 2001 From: "Jeff Reeds (Aquent LLC)" Date: Wed, 6 May 2020 12:29:57 -0700 Subject: [PATCH 113/338] Changed Windows to Microsoft Also wd-app to md-app and windows-defender to microsoft-defender --- .../TOC.md | 7 ++ .../configure-md-app-guard.md | 66 ++++++++++++++++++ .../faq-md-app-guard.md} | 20 +++--- .../images/MDAG-EndpointMgr-newprofile.jpg | Bin .../appguard-gp-allow-camera-and-mic.png | Bin .../appguard-gp-allow-root-certificates.png | Bin ...s-to-trust-files-that-open-in-appguard.png | Bin .../images/appguard-gp-clipboard.png | Bin .../images/appguard-gp-download.png | Bin .../appguard-gp-network-isolation-neutral.png | Bin .../images/appguard-gp-network-isolation.png | Bin .../images/appguard-gp-persistence.png | Bin .../images/appguard-gp-print.png | Bin .../images/appguard-gp-turn-on.png | Bin .../images/appguard-gp-vgpu.png | Bin .../images/appguard-hardware-isolation.png | Bin .../images/appguard-new-window.png | Bin .../appguard-security-center-settings.png | Bin .../appguard-turned-on-with-trusted-site.png | Bin .../images/appguard-visual-cues.png | Bin .../application-guard-container-v-host.png | Bin .../host-screen-no-application-guard.png | Bin .../images/turn-windows-features-on.png | Bin .../install-md-app-guard.md} | 22 +++--- .../md-app-guard-overview.md} | 18 ++--- .../reqs-md-app-guard.md} | 14 ++-- .../test-scenarios-md-app-guard.md} | 28 ++++---- .../windows-defender-application-guard/TOC.md | 7 -- .../configure-wd-app-guard.md | 66 ------------------ 29 files changed, 124 insertions(+), 124 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-application-guard/TOC.md create mode 100644 windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md rename windows/security/threat-protection/{windows-defender-application-guard/faq-wd-app-guard.md => microsoft-defender-application-guard/faq-md-app-guard.md} (75%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/MDAG-EndpointMgr-newprofile.jpg (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-allow-camera-and-mic.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-allow-root-certificates.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-allow-users-to-trust-files-that-open-in-appguard.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-clipboard.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-download.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-network-isolation-neutral.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-network-isolation.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-persistence.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-print.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-turn-on.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-gp-vgpu.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-hardware-isolation.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-new-window.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-security-center-settings.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-turned-on-with-trusted-site.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/appguard-visual-cues.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/application-guard-container-v-host.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/host-screen-no-application-guard.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard => microsoft-defender-application-guard}/images/turn-windows-features-on.png (100%) rename windows/security/threat-protection/{windows-defender-application-guard/install-wd-app-guard.md => microsoft-defender-application-guard/install-md-app-guard.md} (74%) rename windows/security/threat-protection/{windows-defender-application-guard/wd-app-guard-overview.md => microsoft-defender-application-guard/md-app-guard-overview.md} (63%) rename windows/security/threat-protection/{windows-defender-application-guard/reqs-wd-app-guard.md => microsoft-defender-application-guard/reqs-md-app-guard.md} (78%) rename windows/security/threat-protection/{windows-defender-application-guard/test-scenarios-wd-app-guard.md => microsoft-defender-application-guard/test-scenarios-md-app-guard.md} (85%) delete mode 100644 windows/security/threat-protection/windows-defender-application-guard/TOC.md delete mode 100644 windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/TOC.md b/windows/security/threat-protection/microsoft-defender-application-guard/TOC.md new file mode 100644 index 0000000000..35f40da2a5 --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-application-guard/TOC.md @@ -0,0 +1,7 @@ +# [Microsoft Defender Application Guard](md-app-guard-overview.md) + +## [System requirements](reqs-md-app-guard.md) +## [Install WDAG](install-md-app-guard.md) +## [Configure WDAG policies](configure-md-app-guard.md) +## [Test scenarios](test-scenarios-md-app-guard.md) +## [FAQ](faq-md-app-guard.md) \ No newline at end of file diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md new file mode 100644 index 0000000000..121ed70fbe --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md @@ -0,0 +1,66 @@ +--- +title: Configure the Group Policy settings for Microsoft Defender Application Guard (Windows 10) +description: Learn about the available Group Policy settings for Microsoft Defender Application Guard. +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +ms.pagetype: security +ms.localizationpriority: medium +author: denisebmsft +ms.author: deniseb +ms.date: 10/17/2017 +ms.reviewer: +manager: dansimp +ms.custom: asr +--- + +# Configure Microsoft Defender Application Guard policy settings + +**Applies to:** +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +Microsoft Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain. + +Application Guard uses both network isolation and application-specific settings. + +## Network isolation settings + +These settings, located at **Computer Configuration\Administrative Templates\Network\Network Isolation**, help you define and manage your company's network boundaries. Application Guard uses this information to automatically transfer any requests to access the non-corporate resources into the Application Guard container. + +>[!NOTE] +>You must configure either the Enterprise resource domains hosted in the cloud or Private network ranges for apps settings on your employee devices to successfully turn on Application Guard using enterprise mode. Proxy servers must be a neutral resource listed in the "Domains categorized as both work and personal" policy. + + + +|Policy name|Supported versions|Description| +|-----------|------------------|-----------| +|Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.| +|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| +|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| + +## Network isolation settings wildcards + +|Value|Number of dots to the left|Meaning| +|-----|--------------------------|-------| +|`contoso.com`|0|Trust only the literal value of `contoso.com`.| +|`www.contoso.com`|0|Trust only the literal value of `www.contoso.com`.| +|`.contoso.com`|1|Trust any domain that ends with the text `contoso.com`. Matching sites include `spearphishingcontoso.com`, `contoso.com`, and `www.contoso.com`.| +|`..contoso.com`|2|Trust all levels of the domain hierarchy that are to the left of the dot. Matching sites include `shop.contoso.com`, `us.shop.contoso.com`, `www.us.shop.contoso.com`, but NOT `contoso.com` itself.| + +## Application-specific settings +These settings, located at **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard**, can help you to manage your company's implementation of Application Guard. + +|Name|Supported versions|Description|Options| +|-----------|------------------|-----------|-------| +|Configure Microsoft Defender Application Guard clipboard settings|Windows 10 Enterprise, 1709 or higher

Windows 10 Pro, 1803 or higher|Determines whether Application Guard can use the clipboard functionality.|**Enabled.** Turns On the clipboard functionality and lets you choose whether to additionally:
-Disable the clipboard functionality completely when Virtualization Security is enabled.
- Enable copying of certain content from Application Guard into Microsoft Edge.
- Enable copying of certain content from Microsoft Edge into Application Guard. **Important:** Allowing copied content to go from Microsoft Edge into Application Guard can cause potential security risks and isn't recommended.

**Disabled or not configured.** Completely turns Off the clipboard functionality for Application Guard.| +|Configure Microsoft Defender Application Guard print settings|Windows 10 Enterprise, 1709 or higher

Windows 10 Pro, 1803 or higher|Determines whether Application Guard can use the print functionality.|**Enabled.** Turns On the print functionality and lets you choose whether to additionally:
- Enable Application Guard to print into the XPS format.
- Enable Application Guard to print into the PDF format.
- Enable Application Guard to print to locally attached printers.
- Enable Application Guard to print from previously connected network printers. Employees can't search for additional printers.

**Disabled or not configured.** Completely turns Off the print functionality for Application Guard.| +|Block enterprise websites to load non-enterprise content in IE and Edge|Windows 10 Enterprise, 1709 or higher|Determines whether to allow Internet access for apps not included on the **Allowed Apps** list.|**Enabled.** Prevents network traffic from both Internet Explorer and Microsoft Edge to non-enterprise sites that can't render in the Application Guard container. **Note:** This may also block assets cached by CDNs and references to analytics sites. Please add them to the trusted enterprise resources to avoid broken pages.

**Disabled or not configured.** Prevents Microsoft Edge to render network traffic to non-enterprise sites that can't render in Application Guard. | +|Allow Persistence|Windows 10 Enterprise, 1709 or higher

Windows 10 Pro, 1803 or higher|Determines whether data persists across different sessions in Microsoft Defender Application Guard.|**Enabled.** Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.

**Disabled or not configured.** All user data within Application Guard is reset between sessions.

**Note**
If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.
**To reset the container:**
1. Open a command-line program and navigate to `Windows/System32`.
2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.
3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.| +|Turn on Microsoft Defender Application Guard in Managed Mode|Windows 10 Enterprise, 1809 or higher|Determines whether to turn on Application Guard for Microsoft Edge and Microsoft Office.|**Enabled.** Turns on Application Guard for Microsoft Edge and/or Microsoft Office, honoring the network isolation settings, rendering non-enterprise domains in the Application Guard container. Be aware that Application Guard won't actually be turned On unless the required prerequisites and network isolation settings are already set on the device. Available options:
- Enable Microsoft Defender Application Guard only for Microsoft Edge
- Enable Microsoft Defender Application Guard only for Microsoft Office
- Enable Microsoft Defender Application Guard for both Microsoft Edge and Microsoft Office

**Disabled.** Turns Off Application Guard, allowing all apps to run in Microsoft Edge and Microsoft Office.| +|Allow files to download to host operating system|Windows 10 Enterprise, 1803 or higher|Determines whether to save downloaded files to the host operating system from the Microsoft Defender Application Guard container.|**Enabled.** Allows users to save downloaded files from the Microsoft Defender Application Guard container to the host operating system.

**Disabled or not configured.** Users are not able to saved downloaded files from Application Guard to the host operating system.| +|Allow hardware-accelerated rendering for Microsoft Defender Application Guard|Windows 10 Enterprise, 1803 or higher

Windows 10 Pro, 1803 or higher|Determines whether Microsoft Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Be aware that enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.

**Disabled or not configured.** Microsoft Defender Application Guard uses software-based (CPU) rendering and won’t load any third-party graphics drivers or interact with any connected graphics hardware.| +|Allow camera and microphone access in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher

Windows 10 Pro, 1809 or higher|Determines whether to allow camera and microphone access inside Microsoft Defender Application Guard.|**Enabled.** Applications inside Microsoft Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Be aware that enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.

**Disabled or not configured.** Applications inside Microsoft Defender Application Guard are unable to access the camera and microphone on the user's device.| +|Allow Microsoft Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise, 1809 or higher

Windows 10 Pro, 1809 or higher|Determines whether Root Certificates are shared with Microsoft Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.

**Disabled or not configured.** Certificates are not shared with Microsoft Defender Application Guard.| +|Allow users to trust files that open in Microsoft Defender Application Guard|Windows 10 Enterprise, 1809 or higher|Determines whether users are able to manually trust untrusted files to open them on the host.|**Enabled.** Users are able to manually trust files or trust files after an antivirus check.

**Disabled or not configured.** Users are unable to manually trust files and files continue to open in Microsoft Defender Application Guard.| + + diff --git a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md similarity index 75% rename from windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md rename to windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md index 1e8839b354..cc79291b60 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.md @@ -1,6 +1,6 @@ --- -title: FAQ - Windows Defender Application Guard (Windows 10) -description: Learn about the commonly asked questions and answers for Windows Defender Application Guard. +title: FAQ - Microsoft Defender Application Guard (Windows 10) +description: Learn about the commonly asked questions and answers for Microsoft Defender Application Guard. ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library @@ -14,11 +14,11 @@ manager: dansimp ms.custom: asr --- -# Frequently asked questions - Windows Defender Application Guard +# Frequently asked questions - Microsoft Defender Application Guard **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Answering frequently asked questions about Windows Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration. +Answering frequently asked questions about Microsoft Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration. ## Frequently Asked Questions @@ -49,13 +49,13 @@ To help keep the Application Guard Edge session secure and isolated from the hos Currently, the Application Guard Edge session doesn't support Extensions. However, we're closely monitoring your feedback about this. -### How do I configure Windows Defender Application Guard to work with my network proxy (IP-Literal Addresses)? +### How do I configure Microsoft Defender Application Guard to work with my network proxy (IP-Literal Addresses)? -Windows Defender Application Guard requires proxies to have a symbolic name, not just an IP address. IP-Literal proxy settings such as `192.168.1.4:81` can be annotated as `itproxy:81` or using a record such as `P19216810010` for a proxy with an IP address of `192.168.100.10`. This applies to Windows 10 Enterprise edition 1709 or higher. These would be for the proxy policies under Network Isolation in Group Policy or Intune. +Microsoft Defender Application Guard requires proxies to have a symbolic name, not just an IP address. IP-Literal proxy settings such as `192.168.1.4:81` can be annotated as `itproxy:81` or using a record such as `P19216810010` for a proxy with an IP address of `192.168.100.10`. This applies to Windows 10 Enterprise edition 1709 or higher. These would be for the proxy policies under Network Isolation in Group Policy or Intune. ### Which Input Method Editors (IME) in 19H1 are not supported? -The following Input Method Editors (IME) introduced in Windows 10, version 1903 are currently not supported in Windows Defender Application Guard. +The following Input Method Editors (IME) introduced in Windows 10, version 1903 are currently not supported in Microsoft Defender Application Guard. - Vietnam Telex keyboard - Vietnam number key-based keyboard - Hindi phonetic keyboard @@ -83,12 +83,12 @@ To trust a subdomain, you must precede your domain with two dots, for example: ` ### Are there differences between using Application Guard on Windows Pro vs Windows Enterprise? -When using Windows Pro or Windows Enterprise, you will have access to using Application Guard's Standalone Mode. However, when using Enterprise you will have access to Application Guard's Enterprise-Managed Mode. This mode has some extra features that the Standalone Mode does not. For more information, see [Prepare to install Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard). +When using Windows Pro or Windows Enterprise, you will have access to using Application Guard's Standalone Mode. However, when using Enterprise you will have access to Application Guard's Enterprise-Managed Mode. This mode has some extra features that the Standalone Mode does not. For more information, see [Prepare to install Microsoft Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard). ### Is there a size limit to the domain lists that I need to configure? Yes, both the Enterprise Resource domains hosted in the cloud and the Domains categorized as both work and personal have a 16383B limit. -### Why does my encryption driver break Windows Defender Application Guard? +### Why does my encryption driver break Microsoft Defender Application Guard? -Windows Defender Application Guard accesses files from a VHD mounted on the host that needs to be written during setup. If an encryption driver prevents a VHD from being mounted or from being written to, WDAG will not work and result in an error message ("0x80070013 ERROR_WRITE_PROTECT"). +Microsoft Defender Application Guard accesses files from a VHD mounted on the host that needs to be written during setup. If an encryption driver prevents a VHD from being mounted or from being written to, WDAG will not work and result in an error message ("0x80070013 ERROR_WRITE_PROTECT"). diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/MDAG-EndpointMgr-newprofile.jpg b/windows/security/threat-protection/microsoft-defender-application-guard/images/MDAG-EndpointMgr-newprofile.jpg similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/MDAG-EndpointMgr-newprofile.jpg rename to windows/security/threat-protection/microsoft-defender-application-guard/images/MDAG-EndpointMgr-newprofile.jpg diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-allow-camera-and-mic.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-allow-camera-and-mic.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-allow-camera-and-mic.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-allow-camera-and-mic.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-allow-root-certificates.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-allow-root-certificates.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-allow-root-certificates.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-allow-root-certificates.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-allow-users-to-trust-files-that-open-in-appguard.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-allow-users-to-trust-files-that-open-in-appguard.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-allow-users-to-trust-files-that-open-in-appguard.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-allow-users-to-trust-files-that-open-in-appguard.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-clipboard.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-clipboard.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-clipboard.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-clipboard.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-download.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-download.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-download.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-download.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-network-isolation-neutral.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-network-isolation-neutral.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-network-isolation-neutral.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-network-isolation-neutral.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-network-isolation.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-network-isolation.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-network-isolation.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-network-isolation.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-persistence.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-persistence.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-persistence.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-persistence.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-print.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-print.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-print.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-print.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-turn-on.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-turn-on.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-turn-on.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-turn-on.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-vgpu.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-vgpu.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-gp-vgpu.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-gp-vgpu.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-hardware-isolation.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-hardware-isolation.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-hardware-isolation.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-hardware-isolation.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-new-window.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-new-window.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-new-window.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-new-window.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-security-center-settings.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-security-center-settings.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-security-center-settings.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-security-center-settings.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-turned-on-with-trusted-site.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-turned-on-with-trusted-site.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-turned-on-with-trusted-site.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-turned-on-with-trusted-site.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/appguard-visual-cues.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-visual-cues.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/appguard-visual-cues.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/appguard-visual-cues.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/application-guard-container-v-host.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/application-guard-container-v-host.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/application-guard-container-v-host.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/application-guard-container-v-host.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/host-screen-no-application-guard.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/host-screen-no-application-guard.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/host-screen-no-application-guard.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/host-screen-no-application-guard.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/images/turn-windows-features-on.png b/windows/security/threat-protection/microsoft-defender-application-guard/images/turn-windows-features-on.png similarity index 100% rename from windows/security/threat-protection/windows-defender-application-guard/images/turn-windows-features-on.png rename to windows/security/threat-protection/microsoft-defender-application-guard/images/turn-windows-features-on.png diff --git a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md similarity index 74% rename from windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md rename to windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md index cdf47d7a4a..88c45443eb 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md @@ -1,6 +1,6 @@ --- title: Enable hardware-based isolation for Microsoft Edge (Windows 10) -description: Learn about the Windows Defender Application Guard modes (Standalone or Enterprise-managed) and how to install Application Guard in your enterprise. +description: Learn about the Microsoft Defender Application Guard modes (Standalone or Enterprise-managed) and how to install Application Guard in your enterprise. ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library @@ -14,19 +14,19 @@ manager: dansimp ms.custom: asr --- -# Prepare to install Windows Defender Application Guard +# Prepare to install Microsoft Defender Application Guard **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) ## Review system requirements -See [System requirements for Windows Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard) to review the hardware and software installation requirements for Windows Defender Application Guard. +See [System requirements for Microsoft Defender Application Guard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard) to review the hardware and software installation requirements for Microsoft Defender Application Guard. >[!NOTE] ->Windows Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host. +>Microsoft Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host. -## Prepare for Windows Defender Application Guard -Before you can install and use Windows Defender Application Guard, you must determine which way you intend to use it in your enterprise. You can use Application Guard in either **Standalone** or **Enterprise-managed** mode. +## Prepare for Microsoft Defender Application Guard +Before you can install and use Microsoft Defender Application Guard, you must determine which way you intend to use it in your enterprise. You can use Application Guard in either **Standalone** or **Enterprise-managed** mode. ### Standalone mode @@ -34,7 +34,7 @@ Applies to: - Windows 10 Enterprise edition, version 1709 or higher - Windows 10 Pro edition, version 1803 -Employees can use hardware-isolated browsing sessions without any administrator or management policy configuration. In this mode, you must install Application Guard and then the employee must manually start Microsoft Edge in Application Guard while browsing untrusted sites. For an example of how this works, see the [Application Guard in standalone mode](test-scenarios-wd-app-guard.md) testing scenario. +Employees can use hardware-isolated browsing sessions without any administrator or management policy configuration. In this mode, you must install Application Guard and then the employee must manually start Microsoft Edge in Application Guard while browsing untrusted sites. For an example of how this works, see the [Application Guard in standalone mode](test-scenarios-md-app-guard.md) testing scenario. ## Enterprise-managed mode @@ -54,9 +54,9 @@ Application Guard functionality is turned off by default. However, you can quick 1. Open the **Control Panel**, click **Programs,** and then click **Turn Windows features on or off**. - ![Windows Features, turning on Windows Defender Application Guard](images/turn-windows-features-on.png) + ![Windows Features, turning on Microsoft Defender Application Guard](images/turn-windows-features-on.png) -2. Select the check box next to **Windows Defender Application Guard** and then click **OK**. +2. Select the check box next to **Microsoft Defender Application Guard** and then click **OK**. Application Guard and its underlying dependencies are all installed. @@ -83,7 +83,7 @@ Application Guard functionality is turned off by default. However, you can quick ### To install by using Intune > [!IMPORTANT] -> Make sure your organization's devices meet [requirements](reqs-wd-app-guard.md) and are [enrolled in Intune](https://docs.microsoft.com/mem/intune/enrollment/device-enrollment). +> Make sure your organization's devices meet [requirements](reqs-md-app-guard.md) and are [enrolled in Intune](https://docs.microsoft.com/mem/intune/enrollment/device-enrollment). :::image type="complex" source="images/MDAG-EndpointMgr-newprofile.jpg" alt-text="Endpoint protection profile"::: @@ -121,5 +121,5 @@ Application Guard functionality is turned off by default. However, you can quick c. Click **Save**. -After the profile is created, any devices to which the policy should apply will have Windows Defender Application Guard enabled. Users might have to restart their devices in order for protection to be in place. +After the profile is created, any devices to which the policy should apply will have Microsoft Defender Application Guard enabled. Users might have to restart their devices in order for protection to be in place. diff --git a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md similarity index 63% rename from windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md rename to windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md index 390bee5992..652cc3b40b 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md @@ -1,6 +1,6 @@ --- -title: Windows Defender Application Guard (Windows 10) -description: Learn about Windows Defender Application Guard and how it helps to combat malicious content and malware out on the Internet. +title: Microsoft Defender Application Guard (Windows 10) +description: Learn about Microsoft Defender Application Guard and how it helps to combat malicious content and malware out on the Internet. ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library @@ -14,11 +14,11 @@ manager: dansimp ms.custom: asr --- -# Windows Defender Application Guard overview +# Microsoft Defender Application Guard overview **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Windows Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete. +Microsoft Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by making current attack methods obsolete. ## What is Application Guard and how does it work? @@ -44,8 +44,8 @@ Application Guard has been created to target several types of systems: |Article |Description | |------|------------| -|[System requirements for Windows Defender Application Guard](reqs-wd-app-guard.md) |Specifies the prerequisites necessary to install and use Application Guard.| -|[Prepare and install Windows Defender Application Guard](install-wd-app-guard.md) |Provides instructions about determining which mode to use, either Standalone or Enterprise-managed, and how to install Application Guard in your organization.| -|[Configure the Group Policy settings for Windows Defender Application Guard](configure-wd-app-guard.md) |Provides info about the available Group Policy and MDM settings.| -|[Testing scenarios using Windows Defender Application Guard in your business or organization](test-scenarios-wd-app-guard.md)|Provides a list of suggested testing scenarios that you can use to test Application Guard in your organization.| -|[Frequently asked questions - Windows Defender Application Guard](faq-wd-app-guard.md)|Provides answers to frequently asked questions about Application Guard features, integration with the Windows operating system, and general configuration.| \ No newline at end of file +|[System requirements for Microsoft Defender Application Guard](reqs-md-app-guard.md) |Specifies the prerequisites necessary to install and use Application Guard.| +|[Prepare and install Microsoft Defender Application Guard](install-md-app-guard.md) |Provides instructions about determining which mode to use, either Standalone or Enterprise-managed, and how to install Application Guard in your organization.| +|[Configure the Group Policy settings for Microsoft Defender Application Guard](configure-md-app-guard.md) |Provides info about the available Group Policy and MDM settings.| +|[Testing scenarios using Microsoft Defender Application Guard in your business or organization](test-scenarios-md-app-guard.md)|Provides a list of suggested testing scenarios that you can use to test Application Guard in your organization.| +|[Frequently asked questions - Microsoft Defender Application Guard](faq-md-app-guard.md)|Provides answers to frequently asked questions about Application Guard features, integration with the Windows operating system, and general configuration.| \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md similarity index 78% rename from windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md rename to windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md index ca449ea92c..5757f18c10 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md @@ -1,6 +1,6 @@ --- -title: System requirements for Windows Defender Application Guard (Windows 10) -description: Learn about the system requirements for installing and running Windows Defender Application Guard. +title: System requirements for Microsoft Defender Application Guard (Windows 10) +description: Learn about the system requirements for installing and running Microsoft Defender Application Guard. ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library @@ -14,17 +14,17 @@ manager: dansimp ms.custom: asr --- -# System requirements for Windows Defender Application Guard +# System requirements for Microsoft Defender Application Guard **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Windows Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive. +The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Microsoft Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive. >[!NOTE] ->Windows Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host. +>Microsoft Defender Application Guard is not supported on VMs and VDI environment. For testing and automation on non-production machines, you may enable WDAG on a VM by enabling Hyper-V nested virtualization on the host. ## Hardware requirements -Your environment needs the following hardware to run Windows Defender Application Guard. +Your environment needs the following hardware to run Microsoft Defender Application Guard. |Hardware|Description| |--------|-----------| @@ -35,7 +35,7 @@ Your environment needs the following hardware to run Windows Defender Applicatio |Input/Output Memory Management Unit (IOMMU) support|Not required, but strongly recommended| ## Software requirements -Your environment needs the following software to run Windows Defender Application Guard. +Your environment needs the following software to run Microsoft Defender Application Guard. |Software|Description| |--------|-----------| diff --git a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md similarity index 85% rename from windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md rename to windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md index a5eebdf2a2..e2a6d3e0ec 100644 --- a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md @@ -1,6 +1,6 @@ --- -title: Testing scenarios with Windows Defender Application Guard (Windows 10) -description: Suggested testing scenarios for Windows Defender Application Guard, showing how it works in both Standalone and Enterprise-managed mode. +title: Testing scenarios with Microsoft Defender Application Guard (Windows 10) +description: Suggested testing scenarios for Microsoft Defender Application Guard, showing how it works in both Standalone and Enterprise-managed mode. ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library @@ -29,7 +29,7 @@ You can see how an employee would use standalone mode with Application Guard. ### To test Application Guard in Standalone mode -1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard). +1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard). 2. Restart the device, start Microsoft Edge, and then click **New Application Guard window** from the menu. @@ -52,7 +52,7 @@ How to install, set up, turn on, and configure Application Guard for Enterprise- Before you can use Application Guard in enterprise mode, you must install Windows 10 Enterprise edition, version 1709, which includes the functionality. Then, you must use Group Policy to set up the required settings. -1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-guard/install-wd-app-guard#install-application-guard). +1. [Install Application Guard](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard#install-application-guard). 2. Restart the device and then start Microsoft Edge. @@ -72,7 +72,7 @@ Before you can use Application Guard in enterprise mode, you must install Window ![Group Policy editor with Neutral resources setting](images/appguard-gp-network-isolation-neutral.png) -4. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Turn on Windows Defender Application Guard in Enterprise Mode** setting. +4. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Turn on Microsoft Defender Application Guard in Enterprise Mode** setting. 5. Click **Enabled**, choose Option **1**, and click **OK**. @@ -113,7 +113,7 @@ You have the option to change each of these settings to work with your enterpris #### Copy and paste options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Configure Windows Defender Application Guard clipboard settings**. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Configure Microsoft Defender Application Guard clipboard settings**. 2. Click **Enabled** and click **OK**. @@ -139,7 +139,7 @@ You have the option to change each of these settings to work with your enterpris #### Print options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Configure Windows Defender Application Guard print** settings. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Configure Microsoft Defender Application Guard print** settings. 2. Click **Enabled** and click **OK**. @@ -151,7 +151,7 @@ You have the option to change each of these settings to work with your enterpris #### Data persistence options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Allow data persistence for Windows Defender Application Guard** setting. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Allow data persistence for Microsoft Defender Application Guard** setting. 2. Click **Enabled** and click **OK**. @@ -176,7 +176,7 @@ You have the option to change each of these settings to work with your enterpris #### Download options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Allow files to download and save to the host operating system from Windows Defender Application Guard** setting. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Allow files to download and save to the host operating system from Microsoft Defender Application Guard** setting. 2. Click **Enabled** and click **OK**. @@ -184,13 +184,13 @@ You have the option to change each of these settings to work with your enterpris 3. Log out and back on to your device, opening Microsoft Edge in Application Guard again. -4. Download a file from Windows Defender Application Guard. +4. Download a file from Microsoft Defender Application Guard. 5. Check to see the file has been downloaded into This PC > Downloads > Untrusted files. #### Hardware acceleration options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Allow hardware-accelerated rendering for Windows Defender Application Guard** setting. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Allow hardware-accelerated rendering for Microsoft Defender Application Guard** setting. 2. Click **Enabled** and click **OK**. @@ -206,7 +206,7 @@ You have the option to change each of these settings to work with your enterpris #### File trust options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Allow users to trust files that open in Windows Defender Application Guard** setting. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Allow users to trust files that open in Microsoft Defender Application Guard** setting. 2. Click **Enabled**, set **Options** to 2, and click **OK**. @@ -220,7 +220,7 @@ You have the option to change each of these settings to work with your enterpris #### Camera and microphone options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Allow camera and microphone access in Windows Defender Application Guard** setting. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Allow camera and microphone access in Microsoft Defender Application Guard** setting. 2. Click **Enabled** and click **OK**. @@ -234,7 +234,7 @@ You have the option to change each of these settings to work with your enterpris #### Root certificate sharing options -1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard\Allow Windows Defender Application Guard to use Root Certificate Authorities from the user's device** setting. +1. Go to the **Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard\Allow Microsoft Defender Application Guard to use Root Certificate Authorities from the user's device** setting. 2. Click **Enabled**, copy the thumbprint of each certificate to share, separated by a comma, and click **OK**. diff --git a/windows/security/threat-protection/windows-defender-application-guard/TOC.md b/windows/security/threat-protection/windows-defender-application-guard/TOC.md deleted file mode 100644 index 9e42b2b691..0000000000 --- a/windows/security/threat-protection/windows-defender-application-guard/TOC.md +++ /dev/null @@ -1,7 +0,0 @@ -# [Windows Defender Application Guard](wd-app-guard-overview.md) - -## [System requirements](reqs-wd-app-guard.md) -## [Install WDAG](install-wd-app-guard.md) -## [Configure WDAG policies](configure-wd-app-guard.md) -## [Test scenarios](test-scenarios-wd-app-guard.md) -## [FAQ](faq-wd-app-guard.md) \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md deleted file mode 100644 index 7826641e1f..0000000000 --- a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md +++ /dev/null @@ -1,66 +0,0 @@ ---- -title: Configure the Group Policy settings for Windows Defender Application Guard (Windows 10) -description: Learn about the available Group Policy settings for Windows Defender Application Guard. -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: medium -author: denisebmsft -ms.author: deniseb -ms.date: 10/17/2017 -ms.reviewer: -manager: dansimp -ms.custom: asr ---- - -# Configure Windows Defender Application Guard policy settings - -**Applies to:** -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -Windows Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain. - -Application Guard uses both network isolation and application-specific settings. - -## Network isolation settings - -These settings, located at **Computer Configuration\Administrative Templates\Network\Network Isolation**, help you define and manage your company's network boundaries. Application Guard uses this information to automatically transfer any requests to access the non-corporate resources into the Application Guard container. - ->[!NOTE] ->You must configure either the Enterprise resource domains hosted in the cloud or Private network ranges for apps settings on your employee devices to successfully turn on Application Guard using enterprise mode. Proxy servers must be a neutral resource listed in the "Domains categorized as both work and personal" policy. - - - -|Policy name|Supported versions|Description| -|-----------|------------------|-----------| -|Private network ranges for apps|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of IP address ranges that are in your corporate network. Included endpoints or endpoints that are included within a specified IP address range, are rendered using Microsoft Edge and won't be accessible from the Application Guard environment.| -|Enterprise resource domains hosted in the cloud|At least Windows Server 2012, Windows 8, or Windows RT|A pipe-separated (\|) list of your domain cloud resources. Included endpoints are rendered using Microsoft Edge and won't be accessible from the Application Guard environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| -|Domains categorized as both work and personal|At least Windows Server 2012, Windows 8, or Windows RT|A comma-separated list of domain names used as both work or personal resources. Included endpoints are rendered using Microsoft Edge and will be accessible from the Application Guard and regular Edge environment. Note: This list supports the wildcards detailed in the [Network isolation settings wildcards](#network-isolation-settings-wildcards) table.| - -## Network isolation settings wildcards - -|Value|Number of dots to the left|Meaning| -|-----|--------------------------|-------| -|`contoso.com`|0|Trust only the literal value of `contoso.com`.| -|`www.contoso.com`|0|Trust only the literal value of `www.contoso.com`.| -|`.contoso.com`|1|Trust any domain that ends with the text `contoso.com`. Matching sites include `spearphishingcontoso.com`, `contoso.com`, and `www.contoso.com`.| -|`..contoso.com`|2|Trust all levels of the domain hierarchy that are to the left of the dot. Matching sites include `shop.contoso.com`, `us.shop.contoso.com`, `www.us.shop.contoso.com`, but NOT `contoso.com` itself.| - -## Application-specific settings -These settings, located at **Computer Configuration\Administrative Templates\Windows Components\Windows Defender Application Guard**, can help you to manage your company's implementation of Application Guard. - -|Name|Supported versions|Description|Options| -|-----------|------------------|-----------|-------| -|Configure Windows Defender Application Guard clipboard settings|Windows 10 Enterprise, 1709 or higher

Windows 10 Pro, 1803 or higher|Determines whether Application Guard can use the clipboard functionality.|**Enabled.** Turns On the clipboard functionality and lets you choose whether to additionally:
-Disable the clipboard functionality completely when Virtualization Security is enabled.
- Enable copying of certain content from Application Guard into Microsoft Edge.
- Enable copying of certain content from Microsoft Edge into Application Guard. **Important:** Allowing copied content to go from Microsoft Edge into Application Guard can cause potential security risks and isn't recommended.

**Disabled or not configured.** Completely turns Off the clipboard functionality for Application Guard.| -|Configure Windows Defender Application Guard print settings|Windows 10 Enterprise, 1709 or higher

Windows 10 Pro, 1803 or higher|Determines whether Application Guard can use the print functionality.|**Enabled.** Turns On the print functionality and lets you choose whether to additionally:
- Enable Application Guard to print into the XPS format.
- Enable Application Guard to print into the PDF format.
- Enable Application Guard to print to locally attached printers.
- Enable Application Guard to print from previously connected network printers. Employees can't search for additional printers.

**Disabled or not configured.** Completely turns Off the print functionality for Application Guard.| -|Block enterprise websites to load non-enterprise content in IE and Edge|Windows 10 Enterprise, 1709 or higher|Determines whether to allow Internet access for apps not included on the **Allowed Apps** list.|**Enabled.** Prevents network traffic from both Internet Explorer and Microsoft Edge to non-enterprise sites that can't render in the Application Guard container. **Note:** This may also block assets cached by CDNs and references to analytics sites. Please add them to the trusted enterprise resources to avoid broken pages.

**Disabled or not configured.** Prevents Microsoft Edge to render network traffic to non-enterprise sites that can't render in Application Guard. | -|Allow Persistence|Windows 10 Enterprise, 1709 or higher

Windows 10 Pro, 1803 or higher|Determines whether data persists across different sessions in Windows Defender Application Guard.|**Enabled.** Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.

**Disabled or not configured.** All user data within Application Guard is reset between sessions.

**Note**
If you later decide to stop supporting data persistence for your employees, you can use our Windows-provided utility to reset the container and to discard any personal data.
**To reset the container:**
1. Open a command-line program and navigate to `Windows/System32`.
2. Type `wdagtool.exe cleanup`. The container environment is reset, retaining only the employee-generated data.
3. Type `wdagtool.exe cleanup RESET_PERSISTENCE_LAYER`. The container environment is reset, including discarding all employee-generated data.| -|Turn on Windows Defender Application Guard in Managed Mode|Windows 10 Enterprise, 1809 or higher|Determines whether to turn on Application Guard for Microsoft Edge and Microsoft Office.|**Enabled.** Turns on Application Guard for Microsoft Edge and/or Microsoft Office, honoring the network isolation settings, rendering non-enterprise domains in the Application Guard container. Be aware that Application Guard won't actually be turned On unless the required prerequisites and network isolation settings are already set on the device. Available options:
- Enable Windows Defender Application Guard only for Microsoft Edge
- Enable Windows Defender Application Guard only for Microsoft Office
- Enable Windows Defender Application Guard for both Microsoft Edge and Microsoft Office

**Disabled.** Turns Off Application Guard, allowing all apps to run in Microsoft Edge and Microsoft Office.| -|Allow files to download to host operating system|Windows 10 Enterprise, 1803 or higher|Determines whether to save downloaded files to the host operating system from the Windows Defender Application Guard container.|**Enabled.** Allows users to save downloaded files from the Windows Defender Application Guard container to the host operating system.

**Disabled or not configured.** Users are not able to saved downloaded files from Application Guard to the host operating system.| -|Allow hardware-accelerated rendering for Windows Defender Application Guard|Windows 10 Enterprise, 1803 or higher

Windows 10 Pro, 1803 or higher|Determines whether Windows Defender Application Guard renders graphics using hardware or software acceleration.|**Enabled.** Windows Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Windows Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If this setting is enabled without connecting any high-security rendering graphics hardware, Windows Defender Application Guard will automatically revert to software-based (CPU) rendering. **Important:** Be aware that enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.

**Disabled or not configured.** Windows Defender Application Guard uses software-based (CPU) rendering and won’t load any third-party graphics drivers or interact with any connected graphics hardware.| -|Allow camera and microphone access in Windows Defender Application Guard|Windows 10 Enterprise, 1809 or higher

Windows 10 Pro, 1809 or higher|Determines whether to allow camera and microphone access inside Windows Defender Application Guard.|**Enabled.** Applications inside Windows Defender Application Guard are able to access the camera and microphone on the user's device. **Important:** Be aware that enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user's knowledge.

**Disabled or not configured.** Applications inside Windows Defender Application Guard are unable to access the camera and microphone on the user's device.| -|Allow Windows Defender Application Guard to use Root Certificate Authorities from a user's device|Windows 10 Enterprise, 1809 or higher

Windows 10 Pro, 1809 or higher|Determines whether Root Certificates are shared with Windows Defender Application Guard.|**Enabled.** Certificates matching the specified thumbprint are transferred into the container. Use a comma to separate multiple certificates.

**Disabled or not configured.** Certificates are not shared with Windows Defender Application Guard.| -|Allow users to trust files that open in Windows Defender Application Guard|Windows 10 Enterprise, 1809 or higher|Determines whether users are able to manually trust untrusted files to open them on the host.|**Enabled.** Users are able to manually trust files or trust files after an antivirus check.

**Disabled or not configured.** Users are unable to manually trust files and files continue to open in Windows Defender Application Guard.| - - From 8d30edefb86faf612723550c0c8d9e76de70a8eb Mon Sep 17 00:00:00 2001 From: Evan Miller Date: Thu, 7 May 2020 08:53:10 -0700 Subject: [PATCH 114/338] Add AUMIDs Adding AUMIDs for File Explorer and Store. Even though they are not recommended we have promised to provide them. --- devices/hololens/hololens-kiosk.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index c08a6c076b..1bbd7ddefd 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -98,7 +98,9 @@ If you use a Mobile Device Management (MDM) system or a provisioning package to |Dynamics 365 Guides |Microsoft.Dynamics365.Guides\_8wekyb3d8bbwe\!MicrosoftGuides | |Dynamics 365 Remote Assist |Microsoft.MicrosoftRemoteAssist\_8wekyb3d8bbwe\!Microsoft.RemoteAssist | |Feedback Hub |Microsoft.WindowsFeedbackHub\_8wekyb3d8bbwe\!App | -|Mail |c5e2524a-ea46-4f67-841f-6a9465d9d515\_cw5n1h2txyewy\!App | +|File Explorer |c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy!App | +|Mail |microsoft.windowscommunicationsapps_8wekyb3d8bbwe!microsoft.windowslive.mail | +|Microsoft Store |Microsoft.WindowsStore_8wekyb3d8bbwe!App | |Miracast4 |  | |Movies & TV |Microsoft.ZuneVideo\_8wekyb3d8bbwe\!Microsoft.ZuneVideo | |OneDrive |microsoft.microsoftskydrive\_8wekyb3d8bbwe\!App | From 622be6d6f36018fbc8b307b1bb28af0ec78635d4 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Tue, 12 May 2020 08:18:03 +0500 Subject: [PATCH 115/338] Update hello-cert-trust-validate-pki.md --- .../hello-for-business/hello-cert-trust-validate-pki.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md index 067d2d3504..3fc4c88711 100644 --- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-validate-pki.md @@ -150,7 +150,7 @@ Domain controllers automatically request a certificate from the domain controlle 7. Expand **Windows Settings**, **Security Settings**, and click **Public Key Policies**. 8. In the details pane, right-click **Certificate Services Client – Auto-Enrollment** and select **Properties**. 9. Select **Enabled** from the **Configuration Model** list. -10. Select the **Renew expired certificates**, **update pending certificates**, and **remove revoked certificates** check box. +10. Select the **Renew expired certificates, update pending certificates, and remove revoked certificates** check box. 11. Select the **Update certificates that use certificate templates** check box. 12. Click **OK**. Close the **Group Policy Management Editor**. From 41a481e208bceba6bc46743788fbaef3c0c6f8b6 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Tue, 12 May 2020 08:49:26 +0500 Subject: [PATCH 116/338] Update hello-hybrid-key-trust-prereqs.md --- .../hello-for-business/hello-hybrid-key-trust-prereqs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index cfe007b704..1e8f8cd42c 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -71,7 +71,7 @@ The minimum required Enterprise certificate authority that can be used with Wind * Optionally, the certificate Basic Constraints section should contain: [Subject Type=End Entity, Path Length Constraint=None]. * The certificate Enhanced Key Usage section must contain Client Authentication (1.3.6.1.5.5.7.3.2), Server Authentication (1.3.6.1.5.5.7.3.1), and KDC Authentication (1.3.6.1.5.2.3.5). * The certificate Subject Alternative Name section must contain the Domain Name System (DNS) name. -* The certificate template must have an extension that has the value "DomainController", encoded as a [BMPstring](https://docs.microsoft.com/windows/win32/seccertenroll/about-bmpstring). +* The certificate template must have an extension that has the value "DomainController", encoded as a [BMPstring](https://docs.microsoft.com/windows/win32/seccertenroll/about-bmpstring). If you are using Windows Server Enterprise Certificate Authority, this extension is already included in Domain Controller certificate template. * The domain controller certificate must be installed in the local computer's certificate store. From 5758cb7036f3d8d001eeeedfe38748bc953ec102 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Wed, 13 May 2020 15:09:37 +0500 Subject: [PATCH 117/338] Update windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../hello-for-business/hello-hybrid-key-trust-prereqs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index 1e8f8cd42c..4bb50799f0 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -71,7 +71,7 @@ The minimum required Enterprise certificate authority that can be used with Wind * Optionally, the certificate Basic Constraints section should contain: [Subject Type=End Entity, Path Length Constraint=None]. * The certificate Enhanced Key Usage section must contain Client Authentication (1.3.6.1.5.5.7.3.2), Server Authentication (1.3.6.1.5.5.7.3.1), and KDC Authentication (1.3.6.1.5.2.3.5). * The certificate Subject Alternative Name section must contain the Domain Name System (DNS) name. -* The certificate template must have an extension that has the value "DomainController", encoded as a [BMPstring](https://docs.microsoft.com/windows/win32/seccertenroll/about-bmpstring). If you are using Windows Server Enterprise Certificate Authority, this extension is already included in Domain Controller certificate template. +* The certificate template must have an extension that has the value "DomainController", encoded as a [BMPstring](https://docs.microsoft.com/windows/win32/seccertenroll/about-bmpstring). If you are using Windows Server Enterprise Certificate Authority, this extension is already included in the domain controller certificate template. * The domain controller certificate must be installed in the local computer's certificate store. From 8c10a037e5fb5e2ab28e96744d40aa4aae5f08b3 Mon Sep 17 00:00:00 2001 From: v-miegge <49650192+v-miegge@users.noreply.github.com> Date: Thu, 14 May 2020 14:10:41 -0700 Subject: [PATCH 118/338] CI 113553 - Created file, images, updated TOC --- devices/surface/TOC.md | 1 + .../manage-surface-driver-updates-1.png | Bin 0 -> 29651 bytes .../manage-surface-driver-updates-2.png | Bin 0 -> 5930 bytes .../manage-surface-driver-updates-3.png | Bin 0 -> 8879 bytes .../manage-surface-driver-updates-4.png | Bin 0 -> 69349 bytes ...age-surface-driver-and-firmware-updates.md | 41 ++-- ...ce-driver-updates-configuration-manager.md | 197 ++++++++++++++++++ 7 files changed, 215 insertions(+), 24 deletions(-) create mode 100644 devices/surface/images/manage-surface-driver-updates-1.png create mode 100644 devices/surface/images/manage-surface-driver-updates-2.png create mode 100644 devices/surface/images/manage-surface-driver-updates-3.png create mode 100644 devices/surface/images/manage-surface-driver-updates-4.png create mode 100644 devices/surface/manage-surface-driver-updates-configuration-manager.md diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md index 92801e4289..af55a15296 100644 --- a/devices/surface/TOC.md +++ b/devices/surface/TOC.md @@ -43,6 +43,7 @@ ## Manage ### [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) +### [Manage Surface driver updates in Configuration Manager](manage-surface-driver-updates-configuration-manager.md) ### [Optimize Wi-Fi connectivity for Surface devices](surface-wireless-connect.md) ### [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md) ### [Surface Dock Firmware Update](surface-dock-firmware-update.md) diff --git a/devices/surface/images/manage-surface-driver-updates-1.png b/devices/surface/images/manage-surface-driver-updates-1.png new file mode 100644 index 0000000000000000000000000000000000000000..58cec90ea06f708f04b12a96c781300ed8108bef GIT binary patch literal 29651 zcmV*UKwH0wP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!~g&e!~vBn4jTXfb7)CKK~#8N?frLG zBU!#DdY^d@cdc1#{+#!4XRT+}Gc(W3x#xBtS8c1hySl3?JxP*yZzP0~goKfV_uhN& zy#Rqg0%Q=#fxPzu1Ty(-8L~*yR90n@4LZM1MJXdfVRnQBDAX(# ziva)t?x*wf^I()A{!p{q?Z5iful_Fp0Jw+#%YXSVxw*N)L__?chH?%)k&uwk2LJ%~ z&42&z|NW1D{9`cDkRL-0Jr^9M)#(oehwtnZN~Oo+2~Gw80CxdOv=4=v%jFuMnBHWv zHnw)wH@E2<%$2pRCHm&v(pqI>PgmcN&1MVC2mkFHT-|By_flq>xm>Irry z3gw|l+BYz4u~-5#0sz35=5RRdc6(?b09CX8rZ~aOv}f#`^hO7Uj+kOQ@iTcW>XQ?> z9xdGEFiH-kwu^T(etq5xjZ~~O*u9|n=|?@T^HVKV?6FNm6*S=MrZ6CSkJ#$W8CMybYGRicV^S>ZLF;WM22h zh5L<}d|t=F#+KZ66@T7y@!s0*k;?8owVSmj$F(56P3{XTZ;P$Ao(Ib7vuPz;>$@6* zdVh1{P;UBVh46aLq?}!m3Wd1$!gcY^zX1T;DJaM^S}k*X+iJC<;9@eFMw96efB3^k zg_`-yWwhGGQkh616H8>$W5p(Oe{_8EdZ_7-_f{EPi_?W_Xv9iwQ zYqTe;BZH$0>r$;1jbyH`Gf}O|>UgtxxB%G^7!UU*EZ z<71V{sFd>e_BJ-ww)iJ{_0dFU&lF={AIP-}tBgV4vHlpXzH^I`y~$WxUz2E^9=BD@ z;qkb;o7;P`ljCj1>iVAe^zvMFcpwn)w$|yq6NA_1F{#DO^|kdaw#I&GH>wWz_O~|I z=`4Zm+&4kIhqZqw z*C~(pnJm6oVKON9wis(0n-Z<{)L{|__thp#ZE<-n(7xJRTVWi@bT*@syS>d|tc(rx zjW05!D%FWVWIj8$XrxrB?6#bJ~3SnKN>LY3M5g>oB!kK*-uH5$$0($XrOZZetB z82=fyj|sJ9lZ#=!dgi8Za2$Bdt9krE!>(}VX4##E{~_TpBdHCosH$y4W33NT3uks4Q3gC zXLWUxy@O^J*2b7S{NZ8L~B=q#fD;jren=59;&Uu*6g`SvcV9dTnX_yxbzjC%xu;kZ)~vjR@K7b z%%NO!w6ie7I4~O&8}q9&tC_bvM`ue6x|5ByZLLwoTw$E(ED8Z@izCsTaOdWkTAh-K z>W^B3n8jG#*xB7$-4I9wTdS+vM|!nrWo1WcP;D=+iBK{8En%NcCs~`P^A9+i8_Z*! zSW^K~hT*=Yy@-jdC>8hk2kVS&g~8@}vjz^pU4SBMeqmvGWhEF#9~){K zonEIm9H2M;m94&9|ia0w=uFU20Y6V+7x%zO6!Izm_C_$DO zD(e}l0_^SWa`!k~_CANZyC*m?Xiv78EY|iWV~eX+Nwygr%Y{?KUSFhdABsg%wJFdX z^6Dl0J)RVWnoTF&+Td#RitW{H-Pxs8dBon`7aa*WM;f==ak#T7I944W>~HVxZ_()o z3blBT$ve@V+LSAkb36P)k>o^g_gA%0s4-_|H}?f6GOf$!v8e=W>w+_%&ny@03B|Gl zf2b)AS!{vo(qr3SUX@ym9Q0@nH9s#L8paAk7rc7e=kZ=xb{5uA<wfVm?)b)N}0 z8G;iPXKfi(8jnOGna&{EW^g6?bC-#|vMJYTcUL#%=F?E~Qzu!OS>ELfRXU6N)uo)r z+U3ig=LQy?DKj};b_0KZ=U64*rtj#_FVUv$?s0`2*8CzvAQnrN8npyf)D9h&fo8kR zaO%*aP?M?UD^v5VgCqaGGFw&0qFwejUv7eCDY!dcpGQNFTCFyCe(j?|jj^?Ne4;#& zsiabwB+!Y(C+m#eH$u(pvFc<(F>0x8GuV8cLcmzxJ`xGGH`#KtMYy@aJ3*ml-CbT{ z36&13p1nFn=b{>&aGkz-ptR`Zg0+q9{oSoK21lioFgH-BxpY#_3VmB3l*qN{UGIN0 zISsOnRXT@vz}{Nl6DsW{#oEjQTOizJZgGWbgYsy7ZIgG%S)QHch~?a!&22Vka~V~g z)F&L~I*Y3{YB&t~=DtvJEDJQ;g6GuM+j6+}E+!ITrBC$wobx8L%m>kg&m%YtCvYx6KbDM93 z+UlxMYviHk@y@{^e|ux|!0a%v>GZt=;XZ4dFIDSK4z{+1r=GJT#>Rn6FBj~rZtjW1 z5~aZ)L@mr;df?RK52j>RI0OlvToojDA8^QHg9+^I$;MGHYSwP2|Eyl$&j;a`bNb9U)I zwJ0~|SN9KvQklwm>GNKmY2^~3^jM+LTAgPOlUj_@SEjU{o}b(FQt7eLadBodhz^g? zJJk>fGOx#F)aaa7)eryj^$N5`x!Q<|dulb9tj@sWsn2(5(r6u*Ub{hYBvk~`BruD| zrIjC}Sy0(8d_MQN^;jrGtF^kk9`~tMp>uh>=MIy>?DW0zShQN3%XzT6!rVtyAd%jF ziR!jzsG=oAB~qPTdR$J6!DvH!%&ON}oEPp3he9eo5(;HHGa7?-tlQ%bpF*8}yc|&y~GSv(aEd+vK}Ev&h6Ev{$WX7f!Qca{=wEBdJ_{idO4!>6ItK zqa%q@XS0~}daK*#JGJN}$0tUc&7{?zc|B)VeQ;mtjV3vIbwo1DS*VH%z+GUo+1_X@ z`g|zhe*NoT|3s*bPfl|_}j(9vDJ;9{=v!V*|G6S+nX1O_?LR^Vvg(m zuf1zr&^sr;u}HtGF}_o?g1Ne*J9odjHo^6&LlXvF_4-HNSmK+0>iIWT5%k6^*9YFQ zoHJBkJJdK(TRk))G{-w84S4T!@1NzG(A++!NyenJ^lyG%9D4G)H-`fg1joGY0pL#i ziBCVhUav~6-rMKw?QwSZILtt|ySLBY^>-&SIhr6a(?N~l{Q6~M_ki21(OA#F z@VP0U+vPN9jjnsPuK@Vj{AbiY5Nbhzzt-;-ngRd-?uL&FH2?s(FCf$a0AU3}4FC{U z-WzH?Jw0xZ{|09_007({zyJO3-yLdgZLKzk(`NU7v&WZY0|0f}&vqLS|A7FDhou{X#PKP}-#m7PKRsUR0$LBg(7i>?32K)jycLkPiv)NI9 zaO`zx{KuBsW=EyuI>qyR)_hRvrS*z zH@x|(qe4h|jHUGh^Xp^GVm2BBw}jnfQ619D@p)KmHo3ZuB~A)PW{@t(HQR=Fsq)&?cjF2@PC> zR(&JX%o@>XOC?%e{m{D3{O)zVL-0t$+&t0*><#+%k?}n*hTW{9&#!QV3bd8}VVhOL zV=k`q^lyDa@^+}%EV|vrK{5_QE^p?Z7=LjTU1v}pPEM>V48NomX3PmC7{fesF zgqj}$0gXPA^NaFC+XV6a(35B^U_`l+^$oY~!7Y)^d|AD>dX%Gqh9QE`~K*re3KO%7wIE;%U@L+w2={rKDS zKZY85Jyg3T7!0+xtE;gDm)9jX+k)E_tQZCMybTSi4;Qns^%9dcu$6%t2YRgo6FJPv zss7$&_6e#t`A1xwSAwM6-gK_B^$|cW7d4s3b3^ zWA4Bj*i2La)n0#UcDKS3+AIED8rl)Bx9`RaVRIS;#ki8WT?tyzRXP0y{jofOtqU&3 z{|pjXn7>XKeES7P`{%wIKyQEatiLZXJ~+|q^52h8vssOsBc)lSCW%U?R;Xqsx>xx! zt$2T8tf{@NudxzOF00);F&^)))fW)R)M};}{e?yQ+rn9B&cc;)PBdDz&R|e&PWKk( z5$d`pnhIlo_kChc`lH`|pD{Q+H8njqF*eawM=mI)E^`$p0!9O+FgusnIRX|N~{ zU)4G(H|Up#>InqG7(*B=%-f+xE}ZA-oxy&qYzB)T5{a0V#N7CZKYgE3-=3fTA|<(y zI=D3575CluImIYKmQvoz6^S<|=UE)d@=$Yj(u=RYevwbi zCst3=mwRdD4Hbp>@#UR~o(gh#874k;U}<}Gw!OHzyDlR>Dlw_NdO~h+z9-c7N{Q6z zb%AhimXt>AnHX-WtnTR_Y^g3SD5zT#sPr;UR~0oQ@%h(J@#9N$u0*X@9?eWMPLxNJ zjnxD^zNNP}7|J z;pUFk?%J~4lA5+7ja9fkSCOArT-nSGyrh96tt_j+f25&f#%NYEM!E}gvuiphM?0&q z*#$+U?8>fLxmrmd>m=n88wcnry=rZ&vk;f`?_Wn%c8#oT9hyw)&E=Ke=F-BNDFK&W zTTCvbwXh^w|GPSHTwV_~G)}@A!KLHZ4i$QhR>)(`E$!+|I{wba!oosdM_XATp{!x@ zL~l6SoT3p3w3^=CgZ-h7_WJUg)|Of#nbbbRR-N#AYD$U3(&=rnPVVo|N{;;96Eg3Z zH&|azBv8lJI86FdZ(C&nF~4(eSEoOjZLK5Z<+V?4YSrSg)@nk2(ZDhvy-27?7R7dU zaxv>zZ8mCVTPrJTI;NKP3>FiYxxO$~mxSpSiq51{ z_lBC?W{?Z|8%TLM*%cj=+uO|H?lxLsc4_OFRHb4}b{FR1u;lv5`GsW$-)K@Z>1*4p z-HA>Lnx59!d!$ga7YB>;a?`b4w5E~|!2U_vzFTVL>L~Um;g@~=`8mc0uS2y)GR}?n1FDcRMW3!p{ zl7Xt+n5Plx#U1pek?feLwDjbMKfFwikBm&CHk4ssq?8Q~G#2FLzkKqnu(q{^mQSka zYN2HnmN!*Va+32atFqFg6Jpact2TwIVA0-PQ$wM4>JPQ-A7UOpPHO0EE5v0`x`ylW zlS*pZskqo!+9Yp#v@kC_{^jG?RNRAysblLKjhN_{Ntr3p&oSjwI-A`eYKv9B{{MdU z>_vPDts*grNTC$ewRfSyC1qfqJ$zZw-HZA5QBn?;K${Mh;O$VGEUW0-mU&;jIyGt7 zt8E$h=GI(dMf31z7wLIc%ku1ae@}f*T-GRkd30#7jF3$$D@eysaXDq{{QYW5Wo0FW z*0SKdaGS&u=F|`cS2;4$m7I(tQ%fqk)|neaR7xeDP{oz$_ttv~3QO>$X8wsmuro@n z99UnP>F=z=V~RG9jjvDR-KeSIUwrq6Z+?i1NpI{KC`?VvM=wHtN=|WgO>urwY5Qag zF^^o?QkM7ilQd#s$>@eqC0N8{l=gR1h~&z?zNW&|td|kbNzIef_0$&;&y$nzDBpvr zb~Dth7R~WaOWhHCSYOL~^)+N*NYpMUemmo0t$g}IoPp%H3MYD4=#1C`V^ z$PB(Kjp~EeBL9(wtsYrlXh#L=8R#s}EiB22dm5A5(_5F4S~%F-k{U|a!KXwmH0nI6OpbZogLS|ijNR)=bfi^)l8m4`aB)u2@>QLEp-C^VN@uaO?ElQQtc?BqXu z^+S4YPI^jiF@;R7nO>i3FRq$cU+5&};?uJz455lc@5AR1F*wTFq4Hp30AJWL+F3)y zWAgDe%wzPI)?b#lLQU3JP}sG=wL1(OLyg#|jO3g~saZ$wDUFZArDazh>Gj(ab=bo8 zJ{l=KH7gL-=vK&Y*@B&Ii^ijsJLDKmjUp%AG> zxxf8izfH&IWu<4gPfRruu(^4e<#iLPKw;hvHO=k}2A7*xK*+(SSC$r~=XVZKNa;i( zHtE5iV$1ug3sSN(V`DPAx>_))$tmbyEF)vEw7mTCHST_0S>43aWJ6(20s7;ZLF(`8 zFGxzq=coShuP;ayg-Oo|O>NcGhS8CR+|0Dhw4A)Q@qTJ?EALo;$Qq+i+gqvm3CW2m zsd(nG;e9nVS{|uqYEvja(aQHL3n-KH_4?xC(M_?OGnI~Vj7%O{7pVmc>B)E!xfq3- z`e-RLnNVC@(7kl%blT+ny{3xNfn^?NWvG~l%g!cGv8C?`HJiy|F=}K-teK?e#M$Y# zr2OJaN`6OQZDM+}(rlPQE$32lVtRwp=CEkhDs|xeS>Q-BhmN!ya#3zc`@LVM2`5) z*OAGY*vw2?%aq*Yud2NrYN*UcgI*?NHIY}=;3Q}rD&2WEJdRp~RUtK;fHx*OC6sh(X zJ97!u<)jQ+V`pnaVS091Ls==cf|eGQFtRN|$0I7tjSmW}76ZMfh+11eKR1c0Ie1E0 z%5&V{_y`IkQe$@=A-TSPh>{!gBD<6pomo3DSVc(sAt^64Hh*?yr9Lmdtb1gzxvsu# zMe7KKT3Y^)-f1_TFw$f4ii-*54b8at_|~EEMrvhuUvF`KVO1F}E{Q78`&a&UsJ-%> z%X#aQlaq_?R&@pnOrbZ=D=GZ4Thr_Dol%Y`D*c+|QC6v~6HWsH+ zn+EIi@YLF_dct3yV{3|vC}r)V-KF10;oDn?1;w?~(}OicY9219q+)cUy@o`s%#V9s zJ-QXB0No5VlTI<%UE4e`xiZ!fpG@63*(XH&`6aG)pV^(5)ul9R$D2xM^{shn>D^=V zy|ooRquZ#acI`;(N=zoTb(iAvsZ(>~^`x>wVjiV+)oc(HVGCQDsJU3;&{%&txxTl% zGB<}fGT8VG)f#A2LU#G&R98%F8Wx|2FKM7+lgpdBI_m42(J>h~xNkN;EoS!0U|Dm= z{Oo8^9)UoqAf*)!O%39+)8o^!6JO#-#sqNP7C7@40W zWF_R6cF$ettFd9Xb#G<--8roY!Q+=7K*%T^`h$)?z>PbvYBT~wUiG<#v*4Wqt ze0do;FS}=A0H2L3DlIRhg2~M;kMr|P>D?hKi8MW5uN{HDQJie@H>R8F`EiJ_1ur0%j^odR? zxnqktTTI9yPu&m8}`6N$>;jw`yuu z?a4t;9TAg>E3F?pRG!RslxLzkS5akqQ$@tXmswdkrR`HEMm>Lhq%b3!L}{iow?@a; z)OzJYcV$LSe#`i}T(;juA>(kQ!KHnrbi1LLkd>E5YnTY^w<26Nv1e*+b#Z!=D>JDN zhX?1Ss)NCb5?nT>VPHj}77kZYahUwJ@hx58D75IrBLlO?{!dQLV%F^7==2!csBCO@ zVa3GMcxV5HM8c@c!{cy;lbgc*#a>(vI@*V%ns=U4v)awd$(9Oi76y}z-XMd`hd4V=HUC?&lb3{$UmEZ6q-D6g@OgG%I+WQKgh18MT3DU zET-eJs=~PE&!eJ}o0oY0Wuo@T)hmR&9cupBLTfQA_{(MG12Ua4uy{YK|8h$tu<#K7 zMw-n22?Dd3(Q~0C`Ex3`F8>(+%KaY$1+>=-1(M#%o(f!Z*XY(&906lm8y@c3o{%ceGubx4()LWd8-6+ub zTY$km96Dx#`}XEB3{#6HN_CFOUVG!zn^Mwdaj%En% z89IPDzY<@+^T+w<|M--s=7(T+NHBk4GEjnJH0EBVw~l=|Y|V8o=N* z!M*3-4}rDaB;viQ?J?SASRNCDUqy6~hm(n2kD>TKC0{ zrOySu1n++5zL&*hP>TfUJ$E3LtKT=9*{GEW1ZWz`iR$$q^>;#V&o6Miz4pOSyZV+6 z1dT)os7xkPzlSFD?`=Vc9TFON6Z$)VUbE1^-y13nij3giyqi#{p+B4GI182dHlbrC z)b}p8eaw73RL(E6L;hYq@Xmd&_rK$=`Iu?c==jZ3YJk-!1`M?MO0JtkqF8y?<-T0sYLJa_LXMJ3#wFW}X z7W$w7LJa_LXZ_5Y8iX1E;BNbI zUs6*Gv{!AR8GrPyai7yKS@=iK^Uf^-0Nf297izD6p*`TEL(Oi|DR}#P+=Iibuc-60 z*&J%wp+GD%q2AEA&&g&rsg)|d>G} zx4=}0|1mTQ0Pv-JRH(K3&#C>~OFC>;^YKJ=VPbULi^!Pv8NLC{A7C|~G-F=kt7>M~ z_*zs048HS&5B|sCRM&f7|9j zM%b-}{iUArrX|yHw$_D0;y8S z-{*^zuQ&R~39b+L`%rJ-9{|AT@Ufxx^RH90>m>`=SkkscC1h``ZyoCNDgk$2Ae2e= zM$;k+21e^+5=u7tLg}%>XftW#8WXBv$rNg(?C^lIzqfa+P;1mG@zJ5=L?#s-q6*)M z3e}`g0sLPYsL>jOH8Pc2DG?rW_W3fE9+gpfEM{+v;xfr|J4fOp?*2YUA~_hXC+ASd zv{tKHCg$vM#3!m?ke~;h@`Sg)FO-P3rkZjolX9hy%h~7h4>U%LNpsBO@k9!p*`Pf- z;2sFYCxWfMj;55y*okHO#KfxHXjF-gxE!uTsW<60hkUd)v~Wp#39hJlZfkv!v45=B z$oZW8BeBwA(aBEyn|5#{GMMdJg_y(P9IFjBn?WH}zV8=9002MNN7vMTcBt8m8bJ*{ zjYO>;7++NwH1lo5nCCH(v6vE4;{W;YzmJXi;eY%;f39e1!DZ1_*z=@h()`YHb$<2O zSYH7qF8am8+_Kg>3Mu|&Qb8Ubo1Pf`{3Wq=>{xGgT9gx=Eq${biOJwxpx2zGrH+ zzcMT8S=@`n;-!s&QNSL@ng{h^* zR&nE;^k@N_j3toq)P^CkWFrq(I6-F&R28MhMtuF(7x|;srIqdME@vecR96tHdKWbY#pdJ!N3h>qj8BVy_Uk_+6c^(ght`IhC}ow@ ztjuDL^rV@Bqm~n%M3DARltT^0r7c}~4iFzLPy0AmraQGOhil5~x;E6uYXn?= zHYUHaovsqE5pnoJGLh0SA(L*P%3WnCB`=XYINp((oRL>Rq}0u>4U|Pb%@~}Y8|WC? zI#k$g#+{j#Tym$}Y?AD654VIT+Enkcl&vZU1V zLzTL}jzldbC1Sc2Cf!sUt+I8nzrD4yk(iNQ%F!Bs#&=r*0Dj8HhuV)`huVj}rNd@B z;jZT35;N0NQ&R8)>s$S$X>l>hiP@yl*z!e>7MksgrtnP$1#|EY|4Yb zzD!O@%Wodp-I^ez#6`zO{q;pwPgf^4IyNye>YFF=l#0UGXN7Z&x$^9kF6O)nf{I@@(H`L_EM38FhOIrtL8}nmh zW7CrHl$p7%oPt4xQMb@rTi4u!k9!`K7>6tDI8q!g4$x)SKC1-)e2PyBwGTHxtyZ(_ zU~`R5XR^g6o7Je6FgMn>`7)zHBNWLEChg%i>p-M18q~+fCnmF5Dp%-?RL+YBl;b7O0lr&cM1!eg;SZnEel61mxK7Vqz%X%0>_ zHlt>Ddjs_|Ifp8xh`q^?Dvp&Jy-t3_SXDokdR zMz|+7Ky3|x&*W!^8mi#v_4;6_U0hte{$Aj#>l5DOzih$p`arPn_3-sU^cd{<(Hmm| z0|CKdhtU7M!y~p0Qd|(Dby}6FFz1!fv0Y}^Z)il@K-*dgATg?c-=da=e9x(4eqe_=a=Y< z%WI1(&_M?sbf3FhUY}p2%jAks=v=w2P(u@pjL&j-0-0R-k)8BdCK5~E*`3G~HztM- zI_Um`cPBFC!t(k)mmdn9E4LVG<5TknqbabckHTOu>g(&#x|**+gEciZB9SOG5dZ)L z_fEF1^*PDbGeW&QkmTz zhf=0Ek;!$Y)4;60OQ(Umvo=3J&k@P=TCG;^@CBZDAD`FbzH})Co4W$B^Ww)c+~DjlgSMBU)Rym5e&6Uy`UlU zZ}ByACpu15Q7O5ww0HWzgF@%rve;dgl%9dbVFBQpO^UH_wj_*w)&c( z>A7m`^MpiPVm4)Vw(0S=Pjc{?i5a=mj1A)B2a)kF3ToHS0;L52d>MD9rZzt}zsfIb z*`zfwx<>cs7M8eNu0S9_k5yGw9|$$~sk)mS^WcYvfBWY5Q5iTQk$P2AbIbVil#(8u z^8!umb($Sit5hcz6N|g4PVqR zJ>0}&sa2Jfku{OmeJPWa_*SztZo?`BR_wVK`I&?-8&B!7Xa`@+)Ahg?$5oio(3A!I_bX!S=HBn2i3Z`H9Ihu=%In)&2>5cIR8&`1(9}|yQ#f;a zX`gJZ=p31u=p7qrA*N*2s6Tib4*>9a-Fm3q@V-!+nVDg;*_;4WJ41tN^^fP&7z_pq zxa&L~PkVd&!onPXYOsB9-GZ8!s4mt?eEgEo*wHghm-s)q^tdFf>72~?rxA~GNYtL5 zk)d(=Xbs`{%V&T7E`riC*H?~t92-w*9a$J{ihl7VgFqb~9d4-WXl$ERo^V>4CM3d* zs?3z=sAq-s{oCsknF-IIJ^b#kDb(RkT1IqHYj4-W+TKJ}R>b3%xs?M)`-`>B8|Q8( zW2%2_YPme)#p9^h>VeHO2sHq{pxX^KB=q!^cZM2DsH3B!^($*@Yy12As06`hTU%R8 zN=kZqdb+Ra?d{FX%v@ex_FPuIRp#UrO)ejI{mZw0^>a{JDM1c4wVD|@I~B-Q2Q{{EDfdI z6*`@cf^Tzk6D=?_5dZ)L+==Gr&xK;nXf%cfuAHBrqcXhB;c#5PlotRH-tJ|n$z(Fr zYzz$qpf%Rl*JH6*{G0Og^Km#FnjTH#^?Cv)FH@{X(@-p2~^I0q|@nWG#a1J_qc4k%Y#)_70um)V*M!! z9-r6kKY4a>>G66mFD~AF%ahM-Q3-bT6oFH8UZ?3~cjfT>)ho}1g+0O4o%$~pxz2lT zTwB?*oL`29(Ug}L?svx@0N_^KZm1!lr>}gLP!ownsBocy02FE{yd)AyX!r_hlU7w# z@wxl_g|19ONqg^5S3Rw{b3u3JHtU45W0O6-qkH`0t(A4bu{n7EX`rfwDq?J!7y8<(O0xg*tcWAx4tCVk*4B=$Zj`1xd_f#C*mU%fp8DFB z#eKQMC>!l*ZtNO9F}dDVIRpTFl6x6yGMP-P)uJGCI2>q!PN&msHlya}yF;zIhRvF; zqBbxO41o~wsQ8m{50c6&NiUu!CB`K+_DnTZR(JPxlo2pZJ^hW;>dA$zxxu=!5<*fc zuCAe~uyXZvs8JKU{h?+TS3ksN=ci=gX|1)i7(&D9M14*kp{t4dO$3Q66$~_2l@(&1 z#p3ZPFY>DAcq=_AF-b+_ytov~XjemgWI_%muXq0FX7d#Q@X79L^HUJOKI%b_ z?+vx8nqAgvXIb?uTjutmw%>(}J5xaJKjf|!;EGF1>(;mSI?78+%V_2GOQ`O2d1g}z z=(L2`m(fvw`96wLReBX_UNwKEEUQuD@ts=)MKQ#}%CfN)@ws6?D*{KYsTf*1a+!I# znCcDsaCUrL%*!YL{7qVQUFpC)ceXP1U;q8jG4Tn>sYNp@V+C1hWLgznpbp%X3IO<= z{zIHoLgxuwVTuN~vwSR1}sj8;EtF^d*M&IMi_Ov%w zR^t;ZHaY9$91OXVRul@gS2h*DnSz;RiMSi%xU!~}B0Q~ra%*`YjncR@T0t&t-I(uw z5{2t+t}H6==Q2hkV)LtOippD7*|T-zqWV4dW>0nBXkRm}s=Jw-Rx?0{n+*W??Cxc# zDHMvg(V)T5&#m&=8M>@~Ey^73+2kMo`C=Q>NGUqg0UpW#g);i0QqoPZ@MkVs2*2472m(j^Nw27s~=_O&XN`-29M=R}^gqI1qRa-pK zP!0Ckw-E`r@{I$H$0=(iVPi8f#kG^lV`g!7LUeR&I;CT4sjDEfQR>uAlo!NDXLK)c ztm-{#Zc;{ZEm!FXEENFoIo;QDYG$)JG!TG_TT)Vzk&%)2rktFd#Kgqg_||Xlg=Jx& zV}4T(pJD=Vr`*d>Lp3tBS{)j=f=c}M>Vn+v+cwGKYk0Y_tI#zdtTpF3IO;_?&~?Vx9|P@&}~wDj*LG`By~&W8o}mZX?fG3 z)`cog?n}4FbGkR#Q&~8~VsEW&9bfwIlybY>7Y>7Xc67XyCsrB(_>b+ro>N0D(9l4@PlpFJC3L4-fVAjntG@7T_XdlC!2awi_v=AHMp3BXb%?$ESAokLEf{ zqMp1Y)l5o-^im=jm-ZyBph_C}KDSV)4TVCj@BzN4yeuz0D(VG(Q*G9BCvb7m-+%q< zZ_@g9mm3qKpGLlTR@qql`~UTid7Z0D!4fe!{zX*E#GXR3(48C?5rgkg+2CFS0DhtS zdQJ^Nl{HjEM6FgIA0K~YsCiuG=`u=jL2g1+Ony=B(}ypz@(N08XV<4X^0Nu?F&WE( z!`0CSd_g5HySS)`GB(TXtFLTott~DrWgqU5N%;-+q{vtb??l{IMxEI3U(#_S)X0BJ ze-VXU5F9f{s43L08ba0}Lo8URc}^HJn+|&$>I$-=US?9#(kM)cs68t>0asLjjd_|z zsZGz!EiEZ6>^?L)p|S?RFLPhdsi8#EYPBkr3MHCOr$b}P%F2Es)QX2prg`=!bEF5H7hQQAvZ&) z0r1P**K=w&u2cKT=BJ!DnG%g@>g=p7!`JtXaagm|yxhv_s={naO>Jd$D}86aJ3o(- zU)YC2jkDC1n?udbFRP#u$wlpTHC27X!zI}%l+ubUGG%0_g+yEQhgwthcp%hJs_71< zYRd|{J3A}NXr;ZwxQOJ6<~A}RmomAt)|s0}Z6)Qrc!X;jC?JxX+bVNk{yC)tpPbn_ z&0HBMB2(JxiVG;T?p87;x4b$#9lt8Izz3xO{4(KlPOZ4OcxPwF^d^*jrKP2OKJVP7 zT%8{4>+hdl*)+I(UeEanXJc$|l*yOtGz!tN(X5s8`JzLi%I))5baEa~BoInvBG%IU z=8;UQH(KSqjp5-*mdI!~DS3yjy>(PvU9czGA%P?$KoTrK0x{fzJ0xgucS~>@cZc8} zzTgfWtZ{AJHMlkI0lKlqU79)MyYudSvu543=FQ^|)>)@}_t{ljPSvlfe%n2&Cr9wP zxh#a@>)8cUcF{T-jh5uy8}R%t+seV^EK_8!E11#$E`?-+B2{;KH9zw3<{ta#@^3nI zy01k{CE+`!L6MNQpXFkKLBUu=8t=G7NkJ`eFM+%u>}RBpK5?+BB<}3&j7+)e z_YMy;)6#w}hL1Sv`wef$M&UA$mU!JVf|kSUN|A7DojjoI=JPjuIUFmjg#I)jH^=8m znw$%78U&z6SlQJJ0<616J2@P}1krb}>gr!Q4c7MdFT%U9A7Bix*Y$=-S$)*9Ovv!0 zh7Nm}vs@CJvL`Vux}f{Ft7nE*L}WnCWgmI+PGd5>>D*R_(Z^H4Q5jVDbkkuYGdEnW z!|O`1$*{x&v8q zw>#F-GEOV1J^^ytU!p7>*#&btWiE0!oxB|T^XpxfGFXDswO=w zD(vN8IM?0Wmpz?JpprmrEFne}Eh(0tUp}1CL+Da8d!wI;D9!(t#YQ^IXJIauGiX6( zxXz+DY+(2<8Hwk1M0l_y6fWthI5i#GTVza8G|uV(7O%<8cUuy=JXN&Jncu}G#0A+t z0bc8&qVK#x!5u61bx>0qn<%LqZyI=QjNMNX4n_fo@F#?t@;+CC`sCNBC?D@I(_L$| z=WOKHCn-YwLv*x-db3|$R3;d#`(+OYuLlgkZ|i)1aHtU6?zLPY4*Z3@PMlb^k&lA3 zq(qg>MYi|P!!ECdVO%K*udWt=^w2kf;zMss(o)lBRQcWuu=rdasry_(+_lzDw6Mw^ z|J1N_8ZRJkPP+en?l>P}Qa+0@o+)!RhJ^bGNqi^wFZ8%AmBdWRU|W0Pb2PrLz;0>? z7N6`AMz^0k(kD&wG!EsSQD(oOHHOiX%`YC#)0sWCn;T;vQr}IdAfWM-m@fuZ?V0FBr05SFTPLllABQdkP|At{0C7 zU!6EbwT`XN3YTmGhhrd*>ZWskF-n@nfIYTFn zg1f0fHCuW?vvVzq%gzl+GKll@^Gg(R#U1hG7{e?Z-xzO^#N@# zQs5%*fJwk{e*8dqd+bC^5H>0{q;tDhS^V!&1fy2kjbN+QL;IviYM_U06+v@0>>g&x`G4RQoW~8*yd0)aMIWRyBsd$GY2pwsVc4bsKYQcnA*34I|3QaV-^1Oyk~D%d z9PkZ{jGT?9Jnh^};!7iNX`6A-Xjg)!4ZBXE6?6a+bV~YVEwE78RodDaWww>9G}UdPMY#i4emT(AXF*qqdlV=7=`#cvCLTP2Uzjd;)q%3)Eb1t7 z@vr-VwSKrs7uSE_?o}*5r8jV|_odXCNA+qni3_bsSFf_VpdM@sG^*l2*V$W zSFxA&)J@KhunaWsyEz841yE0m%1l5;AzvLkdkBrz)odMcUz>hx`fBD-B#0QT>=C*~ ze|yJ+ukDq+Y~XV{(c*Qr+?(}Kvh%XU{<{BI2HXW5xHqT-67;__A7P*Fx6tf}M}>@U zUMt8(_ABmhra3&VyELk3;*9!4X>1~6TUXR|;X8zj9a`q>%CK&U%Q3mC40d|~6y!J= zINMo&PB;(wnW3qprpL=qUuB*c8s*)Z;QV0k(Y_mV6e6XMk9UptzE2KYno1hJZYM#X zrZPu<>=2a_f?K+lOO+^2T{-5Th2iDBL6xT8G;Ky>wXAkzRJnGcPMukJRZ*uL6H$zV z1XS6>(#QM#fXiPGxcv5YuZro}pV_**Up6OeIXQ6@HR@FWP@4Ohy3|Zwds1VvY*%cc5ADqq37<^vvh{1-2&mB$%z_cRrMS?K=DOq zj6~E&*nL@19m$SgU#k8&dv|FpbNW)GkF?m6^x~=VY*tm94Jl}!qPOYv zL?+m=1KU?@uh(m_;_w4s11OujToh;b-^GmVfqE0Sid}2Du=(JVv#h`*Tc5 zsjTjTY|P~rBmYc>kFO5m((H9c09qzm=vTmRc9O#hoDH^#Vg16{U!H@1B<+tA*-;t1 z*YaUtn_Y?sF@rnxu(^+ApA7RcW(@stk}n;Y@+Qr6hkx=uf3+G$3l(N-0wEO=?o9`; zb>DRV#_6s4hAYJqH%}KRyy`R|Ry!vD5*0M71r1;jmMrW9tJ`nhq}|-$Tl()BHRck8 zx1AR6Bt?v&Nu@ZeZT%>5Jil!6O;j9Jf&*A16M4kDaZn?3_T`&A7XeP8qYz}(v%@ks zxBj`p&K+KeT;1%#EJv5%V)`3|VHjV$Rf4S_-gj-sJJ+c_NrtLQ`~im;A$Aua-l3bE zi>dbbuXIX7v;KjTt%&IX9bqX;9o%$+TMRC49<4C>jZ6oLtwY-?Fh9h+sXr@NqOR?mu(8ctQ7;0+H zJQN=EvfJersNBe2l~v`@yomBX(=}lURQi%%oIlWgw(^%^KB5IIrPW zN*-eiGZl!*(EOiD_K#t84Uk9UA3sj(&1k5rMlx!eYe;w z94 z1+iCCQOQi64b-h+*U?t_V!o+4nVv!KR_K%+T|ZfVKQyGdo6p5VfN6YkZU54@-8`MAs&VgVEMHS|)=B5mW>OT!Lu=TWsHCJJx~av_ z4(5K{rK085b=hp|7HZs7`;XOdHD2kCl?;J0Z83fdE_WVQs}p>KD}trk=uP29f$<`Jx@F)P|fxo7K8Z+ zfbYd==)Ujj%2373;RwMVxB3vAou_I6v}{&bQuQblDy?SUwed*4`3xUqs}DeDF<(9a zj0s(8l9G=j#Vx#*fj>31c);6phR?8#bz@!e+vgD==`cS0pjfG zc|D}yaq9$bbZA)7=q!-@;EZFFY9?!TWT}>Nv@>?rhpgj2JIkm)R&w|D&g%wC%&qdb zd@nr(EeirFr6LOVK{REwEzyh|ud5BR{a|KBX?LvK$*-23=iV>2c4?&B)qF)&>Yc_T zPq#6xM=~@NBFzk4%^!L*395AgkThUA2W(kDAAS}v`$sD07kY$1eeo%WlfK;gE0KbP zy;uZ(-b?MYNJ>g8FG9?KP#hC|2Np;L|iqXIB=m#vg| z({LxIs29}*~-sPA*c&71F@|GT5eTnTkyzJ|ad0jn?CTn*c4r=d0`A^uO8Lj) zP&a;ZEdSA4CVYH+sO7(?K{MbbAmP~9*jn1!)JyD~oI!10A7J>-IhiOVG4U^|3r5M> z*f-vc(+Sp07}=+L4WJ$X35V4^hjRQ8y8CX?Ut^j4GU~Aj`n09p(_RN+WwUsQR*wk(A|D;mWyV!oxfX+6&ku z2}yBDanF}{nd_3V*8eDyHLzx}Hi<*nAQKDX%-$Hi7+;FjQ8lVf#>K zJVTqMy3B>)x&5gd;C7t#8LDNJaUrpfq=~9?SVsjtT+|)k>5&z55=Bf8F)21#W;9W& zZuln@yXkgAa%c0!Amf{{dy#}+#Vr#!pC@#z_o8^M_1q<$aEg7bCbJoaZ?hAnUHYAT3+$wI{(^``e8Id?o5!au(_zWjbUy83XBW_b&@ra+18!>NOcGT8w0PzMkt8q9}XbWD5JJXe#kGHFJ&YB>#MQgWUTCRn37Htas$Z+uSZKb$_5n?@#?Mae7`*ZHEbED6d_(Jb4Sy9^^-;ZotP^wn3EqJK-AFjcYzn-BZ*t8dF5JW)1g ztDq@kZD!68L7%FX*lvo9RT&ARj}I&qD32QNo>a>VqH+;)w<)`rQ4naNI=W=~p_Wo1 z#cOsUiU>v6=1>aMFz|&d>B<&c6|@hhLI~C1W9}>Ki0@!|jif zWA_a)LGylOkW*6dFs29)({1L0>-i`=i>TfPh@$2jQI!F+e8c%(`~DcsQ^qq%1-(7r zSU=Vo-zdK?ro=-N#HEK)y2ykE3`prHSsJuwY0PiH*?Hay(o&)uLb7LvW;=U~cun&v zY3Lc>zGrT+-s|+U|Gmm8>r}(|k+4}^aQwhTlgZd1li}^Xm}F(v#(E`9jitp=Ztgmj z_}IkQIC7E#YP92vw7N(fohiZf=IDT&veIF*x1;- z2G7sAiNXbzDKgD{>t4BVBvP>7o8cl`jo9$JNKf z!&LtbN3v79uJ5QbVx<49dd8sc?fGZl;qB_Ar>CthlI~2ewAMpAtpA{PY`aKHdveBK zG7$L>dV~Kta?xP;vA>qc@lUc^P1h`8;f|SJrBdtSg8Iw~IRmf=@9>O0n%c%jAegPI ztJ`ElLPo}xG6>o9^CaF{eZLDq_p{#)$xuH6DKfbrPSVKY=<*?aiUiwV3L>^qHH!ugVYFO#=4jM#YQE*4LPAbJ^_I zk$r0j!<1WI7`k!mB65|CdW(5D7NvSZ&oH4Hp$n!gigP+o|8m!k6buDHe81xb%xb$3 zm|-3EdGx5)OsePhm~smj_c+kaEWO&ckdl8tz=}6x5tC(Tcx;6*Qbt#LT-De#v6^gNYYS*>W8(`z%IV54m=WbZvKlNR%RFB)1bu#K6QgwcT>4Sn z#rhx_ZeA@fb%Kg$?!++f5CJ1$9R8C+ubk}84Pu{b=?AdfUq#j^+h(-O?Y4ea%!_yF z-IJ%d{}}3<#Lya!>(o-b{@$<&AYHw^p?ak*4GReg2^-HpW8Qp)9;78_rH3_||4``E zhQz9?C`?ZI^KAB-OXePEHys!dn+)YFrF`gRkijlsS@rcv5rCWf*;WwG-U_T3 z3#)ak&05+3M6I5rWEpBaRo~#D9{JP1e-ksaN^fjOB&V(+flQZ>wo{p7gA8JZGPff} zF-iHXBkUBHi=xA#L}E!2-6x*JKtY4c7+}}~86KxrN`Zla(2B{!-0tq~fdLtaLP+j` z+d>{^co$fRuf}@lxZ07eSZyx9-#`68Cl!KI#xp!m4!1b-X$l#%TWRKp&FT=7AG6PX zX;_^HP&q-DOytlq8Xy`g0K@^qcmZ$rz*S)`=7Q-J?n4e?k?}y+BC0ek`**BhFN%J60nDdla;v-^ zd|n*HiK|cBV5VLvG1wV2?*;sl=)2Lm8p*i$_(NCzs_Sh9o>5o9jJ=OEoYb0#Bk9r} zfRc_;QNw#O)H?%t{2lgQZT8I+sCM3t1fD6{?AlQ|Jd%32vI(hN)`mO6Inv<-BMAC;uH zH?TIT7zN+b@@!s7u*4=GMjw&{OA9H8Fwzg9w|uTGbi~Egh#)TRxugj})c793)p8;h z_d(Y;02bjfC(j{tf$Ux#?QYx+ltpa0O3Lc$nzLZdHCC|;(-gl-*`aSImSr3yM68&v zS5*W#ZB9OA`B72Jk`O#tg4$;4T*n)hF;t2Mdw7JiI&>#+N@z6%KYVCL^D@Pp+cTWB zqziL-=uw73mI959&n1av{4WKMb&niGsX|4JvOUzHsH3Z`B3NH&xSdemN-~vm!WD<* z^Z@Vn^i8vsfnA`Tr%Ak1!g^+b7Ezt=d&QEo*t{H5A{FP?Qt;GX#7@A#B^nc^$fFV$ z6R*xaJkh2uiDBy!API$V#K*-M8yl}I#R8j2e7tid7SgFgz5A*g4@2F_mEBL(UPs2L z^NFQq%{2kjIOekVlNbdN1!;UnA&pD2`P~$hNYvGzV}|2~6o8*>(2PB4fb(`C4Y1o8 zJ%Ms2&@&)s?URPD!hKKx;s5nz9FWc(A0MxvhWQD44}{(o)P_PN^@D*VSN9t}d9J&g z))Rn*TDC%R-L2WANAdJ7UGXdQt*@!i1AxV^Ry6~e`nQkM7clO)4)?I{v_y<_om(U}SYzf1BTZrwn6I9uTQ+0T25hg+$#u(dOy?uSNUs zlykABQ27~A3E#QvA>W^I;bOwTVAalFir8{0v|9rn)`n#`R_pdt8WSdfPDVHboc+` zWgm5LGR|GMgZ~wpI!KG{u5WUGXJ?!|E^Oo>CR*iAm)8q-`u>k+dKy5Rn&tksr1mUP z5J|dI#QD|L{~U&Bd4W8W@|nzw$Dmq1K@PY=BIJ_@{@($^_;+47+)bOqdpG!Q)7iBYw(}&`%h~4zy`aIGGW~aeEC0$QavLZ2p~xz~m>o z&C7s@dYH;Gp2MB)T5F&1!WC$Ak&e8C*qB?NX^$t=_wZl}YHd8gkKE){J3eZEuOE6Qyc3NoA-MCv%m_FfHbAqO&r3H#N z{X32SQjf032p7Y0x(r|tT$rHZ*E_j^9fkuwpvHHnxZVGvxc}0Rx-JE>n_!>sxb@m7 zjE5gUHnqhH4R-sVA1*LD`5M0XPVpJ~*`=kSmF013)Ejta!;tZc6`_Zm98`uJvt#QoH!SPAhg)_juB^d4?-gA;g&rbB6UjGB! z_4wEmdNj>($gOfGvi@07w{C9~Rd6UjBN1awRH!{aJBMY~+^_k!!FSu$nl-a_^ zE2Wi3KA#;mT=X7nOH4(YLi}-^3}YOi2!fCbiUl<&=CohSSAZ||t6G|lP`$9>Jy&HK zi;}tth5O6+W=1xzbU}^!ABX(jz*}{J4OUPKxcaL{-frqM$~+0Mc_aU-l<| z3qGFW;KaqnsW#^TG1og#kCmHptGtD4)$-Iu=&bp`tO++*VE?I>C3G)ge;8%Em`Z`7 z%3I<~*v{x!Ilr(twvmRORf?q8!EE7Y;bCXABfKccqCQYw>&fnusC)N_Jx_jeAvU(k zTPn_!$SwmQX1v{@`<7?zb)U@M`Dde)L7Jr{Vkiz`B;*;u*t@n%L30Apt|*zdG#MP4 zJ?txaM5ydApszc_JxMAekCu@dUEJ9T_+-);&rO74ad9`ZwRH_}F>s}S&G6#%&(2}8 z5(O!mn=@RlqJf(A!H`SxB8*tjSJvy@JW?`pBd&5Lpn=|@{}?~=;>Jfx&B@dCZ1tS5w*%ZT$r4fI$L=g1NTP4eyA+5`+g`bQCuW7ke9Imxt8 zi%ROBH_OKSoFl7v=<_p+489sD7jR$V2dlw^6NM~ZWWd3*QjYmEX3hFmA=Vi%O_fnUsZjlE@z2u9^FleTZk*> zYq=Uiuo0^!1JRXdbL*Ji=E-GPSXe;;9f5PH1(>tY*r5ngTVdm0*Tm1o%FE%B&Av$> z(Z8CN6?1gmgvnoG>FK8ZZc0-T72%OR`rCQq$xU%AblQ(&@wtc9H`lL@;q)wXI~!g` zisiik_O9uA>1$g-ht9Z7o#p&kSN&dv{0I>g+-*vPM>)pG>t$zc7u>|NsXtfUXBN9t z9Qor%$*yF?Y|P0_{?DIoL@sFr_<>zh%P-Q`;X~#FXzW!eGEwIoZMC((!~`BvIX~-EJ!Rl6bqMhuDL?f`(DU z-{c~3aiiqQ9`sx{rLE7*M9L!i=HVL~1I?nVKAQuV@6m0cvtP%0XZUo61huX@H#T0$ z=dx|DM_g<+6K!P?2hRE3)P=S|R#xH$2P-0eM;t!RQTs7wW#nqG{i#GgHRil zX=A*6ezy;`aX+c=QV?0;U}dc+F9-6N6kZosRaNEYVlkE#742xr4p#6iioW}k;dA>z zfSR6#wz|>OI#ZB~9y2ECryM;)-0dh=#%h7-Ns&*#oINGIT$$H{^$HFGOXo zS2t>p*8*a@XS%i$o-c{<%Y7+LBcYX#ko^)a?-|w`ioV$+m-wc~f9<8S@||wqxiXQ1 z-k*@foJ7>%Vhq90S)5up7E1D(B)=2dA|N;HdEtXbQb^CLC-z&BNZO4K--hLBj1^g)-0z0}XI{XScC&&kYK1n58@_ohq;Kx+4QW8H~MJ zDeZP;VcwgB@>-ZFXVw$Vyf~zjwvD2o0xDH0ysoD9D1`E0rC`OegML?*!%o<`C!>A}9ePtSaG)`}V#M<9v`8n+UY5gsL9(+JXf82aN ztl#K*${#x7WLc&GYZs?;GP?QVRTUc-KyB0|)}3qg;X}8g$4h0HnY;<57&^nIa;h3B zT>&JU_}ro@2RegW!UwjewKl?{LPFeuGy)aQMMeCBjx#`hN9M=Ysj`4sK*9Xd^m7dv z7)XEOeuXPWhRsSEX~KG8gXzTw|J`{V@ZoT%+{B|fP4t7Y36Zs=!V{&zxtD!i(H}Jo zkWZ(IjQ(->?N*yw-zJ-75*{ltBpq^IqkqeCXxw>*7fr3v1DsN!SYiG_%fU-oZY(_e z5R3F@fD$8_MEjb`;|S-hOCzr$M#d)h;D*=)vDIxyiw?rX=%Maw_=8s^jYY7=hTzWr-87pKkT!?&~F+9HJsX_ySXp^!H$4cxTF5rw1DoP0{rA)yD^jBRST zq*+Q8654F5e=>y57r2HU#$#-y4Jtbd_;iw_Zg13mTwf6q9xU52MCNhMojhD)pMR=f zxQa)aL-3({ov|z_kb4$8T=7Q_*Q7eJN|k)|GoPbvp~evJ160O4*2>Bdj>`5XF@rz- z5&VbC*Cpf}e=L(v&_M&W(=FGVDG8g2Ybq~9vS)R7sSq(`iS0N)4SebZ5_q#Kc#Haq zg@s=mnubQJfA2s{Iu7F0sHnh(BdS$nx#VS!C&vri`3lAlMD4}()L6qs4P2hR_*JncBw}%%oJ`mS^mw}dGom1iQ ze<+Lz;+M7a&IT(Y;VPtFhV>6(P7h~XZm+n?V-NrAnj;h>=Y?(&bBP-vHn+(m5op#f zvGr&4@n<<)@-%?O6-5+Lc~`KNuTo!G8Izb8qLl`%Akx?wR4|O-h<uF;MydLeuPpMSu^0`ayi`1L)cXZ0wgN>~`pAKs&twpEn*!7!!Pj|1#Hxz_D0 z&&ZP3=mO0tZmMHH{rmv(A!?GfoM-NNI3oiy?N-Xd2F-h}V>ZQ{2a4g-j2-w7gM-QZ zdqtV`;AzvU7iN%gn-5 zQpxdz#>>>JpwR2Hb@lXMk5y;Yq&cG7_F#NtC&1`%c9)l>(DhnT1(~ND~*<6uFfK9rXBY;3h4m;Ofy})D` zwjvpqJ-?HlbOI32>5^tm?Gj(1B9rcwK3jHlbR4 zbmVohB=Jn*YSsXK=r#VXi7!E8l$VuH<%pd$M*mY%=H79_@^9EpiiPw7!QCUuD_zsaqvoX@Mn)mS9t_&x$u2r^3jNFERpgq9r>(7}a~9y)x0SbW0=A znxQqW>SNOJP%^qVA2M0e?04R?He`GgdFNnKF#fw^y!*LveXYYllqK5G=vQDlB}B7a z5(#7Hh*QOTO$&QSW{C2V<~u_1C@L}=7^Ku=fk}fBy06MZ6{CKoi+uyvR3o5?*}?J@ z0`kmD^O`nPM&juGSNgnfCNE08*b4FLlRY@yUgUo&iamI!HR7k;5H!V^OBw@|CCC7| z2(Jn(UM7&SM?emV-ff7q{qjga%$A0*YIe$MG8x$(#E z4mX$3m-kDm>VG-!f6C>VPqswqPA6M^@p^tC(&=D-6ESJRMbA@=bDz%x2&Xfi;1p*$ z46NrvR+5S*l2+RCWiRJ#m*7k`#id1!7vG2JilJJo{VqM)KpBVNHTnvvNm-22E%Z>j zSb4|Dv0^N$BQ_N_>8mG*?*n0`Je?U&VE$7{L*RMs-vZ>N4O(i?kH2D!QC>}NawUq> zY=W`+NxGtUR?e2X37)^sGovck$4l(vf^fY5|Ve)z5D{BNj&Cx@dL(jeMfd} zv&LImHZVo9Vw4iHOsHSjT5TM8B5{0ZDxnB6tlA8{)+*e{VfjHVtB_7 zPVtgQmdK`I5Q(go5VI-L(JJ2?1ar`H#(P%5y|1Rp&{kzwr+8Y!6XcJJFq>Y1?Od$Z z_c0_)AMFTKF|g;{stWV9eZw9I#M;3nBenS4&ys>6E#8D%rBoGut?hmP&e%h{ti{b? zb5wN##k7$wGmDGj;W)An+x=%~VnSkDjtg2{{w~;mOx^-6!sj-pM#f|INAww2#({V1 zIF{ia@a6|y+y5Q3RR+MLm{e?)p8 z0cWr5AWUt6Gb(K*GIb7vwLo_;$>JSW_1{9hbk+j-i>wsCGOZi)K zPfz}T%#eNhZCa8Wa1bX*QcO;?MEI-U{{Xpd B?Xds= literal 0 HcmV?d00001 diff --git a/devices/surface/images/manage-surface-driver-updates-2.png b/devices/surface/images/manage-surface-driver-updates-2.png new file mode 100644 index 0000000000000000000000000000000000000000..26bcfcda7432fb5f57ea05461460ed78ddb7114c GIT binary patch literal 5930 zcmc&&XH-+&whb!Mq)1ahzz+;aSBg{-kS@K3E}c+BS}38Z6lo$&5CRC1gc2Z>fD)Pz zic|qZ3q^WIAQTaS7w&h*d*h9F$NlmC+&#uA`>eIko@=jp_E=}e8R%)yQnOP7003Go zO;sZRfUKKz|C#a<>CD?B<3+lV`59@b04fGvtqZW1Er$Jd_9@2%nVbB_FIRDMgC< zo%>sF&dF2KbOYGXWu~ewPEL#Zrh#b|Y7kRJe(GM|*8 z=CRgqUQDpAC0|XcP4T1b!{E9Rres6C1ig&?^tZY8wUh3z7nk@j z)=)FOlliv8DIQt#GrKm7>LCaPiiz%{p|c+mN|NaFu@td$VZRzlv7nLq-Ox1pJ-Wd~ zvN$r!zgT_o!$(0;W@Yi0o8P+?V9cGlM9m}C`BjCby3exjgzVf4WgEjgA6hQCf0236 zGF<sPpeX}nqxv{g9I;sKBp}iI?#hYXv1(J#% zu_Z6s-7r$eB-~%%6T5fbD>l!Da6Pask$Wh6y^O52eaEp*Z3`x0&ysrQ=Gk7QUZ5K3 z1?xHpU@Z3i2g8z^CXYTF0baxSP^W=ygS{7>EFzUW ziC-&MNsI?w`?t(veTBXR5dKd)_N}%3esqqY0JIW)8_;KG6b}J_yiC7n)5Fs9<3frY zGeD5-0L$p?`A)?70Z&(|?gl|^d1j|~L!U$b7Ff~$Iqm0f}nomwadl8i5>mN8lat2q~Y*(hhYBsfPt>IIG6Wv9C2@ z6!JB4!EJVaVdAa>TgIbvOxbxrRI`n4TZ8||WJPv3jbnO$Iuq}71r_Tf8Ae7sgFx+w znrwsP2=_BzVcGaq@#*;+U2re%g=&bW-P;hLON;mUOH~MfK)f18EBjt=U*+ zwJ-5tMvlMLF=(60vz^*xRjL!}^DOdDn+YOOsow@lKWo@v%U$GIZuOU2B@{7 z(#OcGw{@bPLMyD(-!`U7O78I7ugT`v9U8Tk$g$W$srMZeJk|fbjmauk*A@_BKpBB_ zo@|d-8c?ovTvJXvR<+`twlZ+NdDQth_jkHp!gogJ+5yA|_+Mz9mKGjlf*4-GT;!*L z=kcUT+nMvtd zO66r#%6;c$oh|pFo^Wyvh0oAqjUPRsg%8b`AiVquBdjSBa9!rfIG{rX!J*dNg zPxOqM0OfLVD7Tg0$7(!>OZ^<9a@*8#0sc;tWgeD@bwzs62no_IV~U=FI6@~kesq;P z`II^%l=k=>(oD*xL8$8(?FK8D{(3LA2h!fwMv)mMgV;tCDvx0bAyjZU_`O zk!{7eTvE{tg4ik?T8avi##m*J2hsRQj-Rr~a_r*sY!L;f2MT<7xZSpfDiZhNbv>}| z4Fm5djMj(w_mPjC`)RTA1u6&5!e+TuC4`Qf9xm$V-+EO-uqGAi9#+M$Oztt95?r!O zf2Y>7kQt_n=gkrB?Ve+|jwx)Cj#b?12zgg zJ1DFq{9g6nz{v6)B+oy!=d3GZdt`H@Cv<0Dw%+v|hg_|ptgL{`6m&p?nomxg%>B`5 zIs#s2UpNHG!W=A@MyD{l@vMicG*BhsBqc(zrEoGL5{WJ3jSe{6cIOKjuMN*Sv%+|{ zOEZs#R_1F(<^7CL|J#W0s|J%ty3XIT&-F52>h{-rP!8D9xy6U#Xu0-w4d#m`S&?%$ z?We~pdQ#S4A+Tn!S48tjbH=-_{r-H8+2681a%BX-w@&Ixj!JGASoZ@PkCZSyhg3t#+jL!&w&n)0%PSk}ydTKM8`=h5;W6Aj^$6jl#5zEJ5{+uqW7OXOLw zx_anA@{PRs%TWPG`sL!eBgyj8<&d)BmeJiqY;NLlS0z;i$HccBYuoVYjpy(;%{KSI;`f7NCD1z*qnI5`&j{&^vyk&E$E z*l{-NUY(h%9&7Kn-4K_#K%3WB1J6QrZ6>~l{UicTZ0)=9eEni@P^p9cV>n#nG9)Gu z5kR~f-*p#h|7`haMIzD6iq>w>vf`l-GR(&w`YZ(|bS^e$$paNO6K+>oCXYq0WpuJF z%aqrh{t$PyA3C}ghG2@0$)^L3JQRoI@Wjltv)tjNfB zztVm^7n7cRR!{3aM&*+vF%>Rk&2w-D;f5o37iupFw8oFm1Ha?@1&>6;W`%aI(;kq? zmMGhrQt=PX;uako--L2nQ6RI_52Fg?Mehvh-JTm`W^z3YuQYP;-iWB5x#b%rYgG5n=QT4abq4OFmn%APtG*rKJeCn^S+OZ-C71xx+%Foy;i5W zAnheDhjO{q-w+4n>VGt5+vbFv2`|0*EW53hv1Nz&(Si-2B0hJ%=I4NEw-7{))s;ze zNqbu^Xh%mg*B?8!`ddf|ZQhfV(1am%Hr&v&bKj~KW7*=^T7ny`J+0QU`2yivA3m`8 zlyX&NtU|60;Lx?5#FOzTD)y2U$1iN`EboTGg_N4GLTiWbMtmg+FpL2^_we-hR?_c5 zb|_&A_G4%>C{>4h*83qnN2N(_9_%$~b#u`(bvFI}181KCNJUY4g;U`f?EclhOw3Gf z)F^sIZ6`fRj=kKo(V1(#^TCiPi^G^IXE86v7t(1#1(tdDnXwYb@FnI65u!IwOE>8G zD&6usLD!PPRqI>C%}Ig9dFT!C^37vy*wedML#Ik}uB4R5ukQ%*#cvNl>+FJ z*rDsFG;rSF{8Z5U^mjz)bsq2BoRI*54dc`QDZ49i6Xgn70c{}!h}4K|*Fs*PB^lS% zU>|HDELOXZzxMP>b6A~E3^AnxsfeVuw$@EHBsFh;1 zg(=*&c|N0p!ED0(tgCnS{LkJ|i}1sR+4CXS}opK() zKi7#%%u3Cq`CX>S2%}I;OV$Brp9ECw-sJ*;mX>u6Z&x1}R6^C;!8QIzcUI0aIlv|Z zeRkqcJ~Chv+_T_Uanp%7=FpH+*U{t9Wgy>K=XI;}!F{I2Y1$k3KXcjzqnL`HcT@Rq zpC8eru5Nx!dA3+!(#^j9%`>>k?8c)`O>+2v)!k#NBrrcGaqK)5LWijj%RK1H5O6=QNDqD zzgxcAc0(TfdZf-Jx4FsqbPE>ATjknD)Ec=Z2^V!#xKxST-z|#r6w9;T!-v%FpE2h5 zrLtKi*4>2OU=fX2v7pY&CT`V^H4Ns$8&x)JpsCufmVN3M+T8%yUegpN;9gugY%1RPE_$4{n2yf>KJ_(H^Y`(?e0^&03qX4Z{oduC!CQj@0DnEUaby|y1X1qQ-ejxJU4V2 z&m-5>D;AXgrm0?2XQ(x3er=-Ii~28VApM5-Yu*lB#|9oR3j00Tq=Fak`UE%vruH|V zvbblEarQJx_7^?~(TZw*wLYf!E-5aC4C42DpQtXtWN?0WlGumc}Ed(p%DW6TyMk__s3GAT?aPy1-m*)*faxD|^D|p@*|@ zw6i&_u~4^jiA{~MnVmHXWTi*Z5+-ceuXTx|2JoYb#J(+Zf#R%Scpr;Zjc=9&O~Swf zwX4HlF(`JhartX=1>L6)$s#pYQlh0&fI=JQtYxk%3K>l?C;&1gToHJyc zJ=t9*-d&1}U73qEEoLt=JK9x&m-CGEj7y^YSZz>@pYwt0CPw8yhNun}DMcobms>9r zyW2{K(@Pl5mbByK@Du9sxiMbc92gUjG3sR(2e>Qd_p(fUG`5d-|E6&a?{b8YEEe&#bgFDe|Oyes9d1iWF&VBzjWClO!{>hTTThF%U?zKIf(^ z`{x*nHg}pTT9Vt5PaXQ~kUyoQk2~UY8n%8=GaGTb(A%3I-pe2Rk~I1+m>{aOG%503 znjp&1A^BpG$1;W>Q>~m_w}31d-Sw`&z4%c~cxLmNJU;u=16;rRrGNODf}qp><@h7Y zD5k(N>I+oQOVQguK@n+@#`P!?_*-qkZE}Jh0qNWpYXb+3UPAxyDMUjWO8A{$Sw=}E zY*`S@Nct_^oQXY)iCz*~s=O^*e_-hEXP)+_+82RQ{)@m~{JZ!ySTlcyj{kFg`~``$ v^j5FE{?GULFC;oX)UAuw`zAB{>W`trX3Z7^bi literal 0 HcmV?d00001 diff --git a/devices/surface/images/manage-surface-driver-updates-3.png b/devices/surface/images/manage-surface-driver-updates-3.png new file mode 100644 index 0000000000000000000000000000000000000000..e1dafd7f1512beb287bf20249282236b4f8b565f GIT binary patch literal 8879 zcmaKSWmFqc*DghaySo%yL*JQdt121}?GeUm*NnFg6$d>v)0r z+mhe!y$(0TMEbF0NAeKIo!_4o9t^#QYeCL3zNqrOQU4MHuIcy5cypdHcvYX&Zh8Vjlt_`T-=;z7$(UX_R5ypS zB>%>AR47b<);Z~kt4?N+?6}7vOA6M)LQ&1EUxF6_sE-1rr7J zLH6g-GH)(J0ETT|B*F~}xgXL~cZiLYX zZFR3G#}sOFRjPnSDW2%HQ|2@^7AB40g9?|cBKn(fRyVSt{m1>*b;v&Vk&>c1N4_t` z)hRh?mz^0%zqy4tBw-?F^Pk&`IY|z_0d^AY*N1RT{gvyq-SY8-G_xuAEUfhBOT#6E z!A4D}+navEE!#?-HKT7@RF8@PC!$r5Og3N4cnzoNR|8m)GhrVBXBPd;%?f3Rr#Q~{ zJD})%&RotbueXwjyM-^pq|HQpz!d`uS?Yq2Hzj*qNa-(4bD!iThK{~&L_0c2>R4Na z(2xLanaw_uaE$0gU+hg)xGcn*r2#rIlcXy@CRp33BaL>%cb3i*D`~3|$rrtx-G=8l z=?AxFX51nbaDZ!0wffB7C9GjlO?4FX$T7TB>zFS3?d8WmIXD?=Ki!DCLR zx-PoiJ0S0MU*`ZE%KG;mC6g`bBgky4Ks$YMGI$1-+$Vw_?i}a^#-NT0#aL0rPnZcv z(;ud=Kj0pLGHZT$#RNyE(*TR5ClWa+{T8DPT?^FVNYd`&z8`eX9NQe}#Qkx+a>ki0 z42;+54F(xM+14G@s8pL8Nn_I0v7A z+Jkm6@pr=Kx2(qr`Aj=4>#4SSKN*9xD!Y%ttM&2+Mx6BDvl zgGrW`Q|DTxU$!tMhyL^`6Ex(8>nMgvv)A5a1CiEN^X!0xWnCE{gqEsG;wUl-Wx!X~p6y_ZiB z51Z|gug9kAjOJJAasXCxHkvVYd(SEs*1;igf1x#x*KJ}BJT_&mDLSLp40C!J49P2& z;AT>fEFPQ!-sTf)~0^<;ghepy$mNqDq->j7v=fh=_7zj1}R5$SMidm ztw?El79E9whCv^jbMXl6qBVlqoOONKQRQc;xtc$G<1+5Di*;W$!Lq-7qqi^)Ky)#r z*6SKOQ9DDoh7mh8V7NV{%GPRP{(Wu~kZJTVNT$RXfsN%!nrX{@;EU7m(c*$Q z&!_f&&pJ^*$+@Fhzs;ru%djMTggp)XphzZoLZ}qvbCmxYTT$vD zQdlm#k-2?501HIp7<9<(H}K;*7tEXXk&9^-xjwlIUNHE1F}V^k-v;on&G!WgI6E^M zPk>k!n&NmDE@b31ysY2b{76D5&V+CCgWhq-khy}lA^taZ$tGK*MExgot~a(f27fQW zCzjmY$Ke~zNGWyB-k4{C7<-mKfUWq zHFghawQO0+2DSGz-=9!p-^q0eSH$t|e$kyZ@eGqB_QJd4XG*wxsP z%TOP@XIzyf^+hg(BGDaBnnv2TRKFWrsfClsuES$+3J%ok8TWm5n6>gasCUGDI{5R~ zjW}xdxCVRh1Cr^(I72ztn%86+F0P+^t=wa7w2fnM(~EhldXw1iqu_mlw`vP|{(`;; zNqFXA{#oyID(KKfdP%uC2g1I4#6qEORkUK?37Cv{SLqA2K5mIZz(`I>O(X!`o^*?@ zl(&X}b?2%<>;o@-5ZpOx5E~VJSoI==k4g~2BEOi)B{scDI8ZUGFkr?Oq+}b(Ej9N$ z4z19bQzXYTM>Ic!-d#&ArWPHVJ14*&ex4gS=`~fN37|+Ou8}Mh7RMMSTh#(;9$BJZ%y?3Gcsy6** z7J3a`>h2vETt4@VA_7qDy^@GjxuO*G$Lg$8VY15LwoL03p2eFbvlgO*+>U}+E)P~A zRyIfx=Pb6Jv?OsbYEWP84nwZTSKDWhEg!BdP&L&yulYF(tTl1ZCX58te|lnf5;D~3 zUScK~j6^n$dJZ&iZTN>Q`QZkeaL z@5k6)x=4W$4a#FLJW)jxyw2$DbZEb*?hQ1TuO zL5G(A&jeDvZ#I)1a{Iar;r={ML7#kVYN{XJql#2`QmH+&W^!O$xiUT{fFqMWGk5!r zaG8eCNrit;v6XZQY72eH0C{eoxO&?=8v?axTL!SJ=v5Q=3oPERbgxpsP7MN@|GW9j z>)$K~i=|i+bBmSJ>UxgO6JDcZkDGou%6-!0+ya43SM#vWg?wJSIsz-u;=9%T80oFt zA9ct59m}@S)3=9>or}?~zuzZv){x`q<}M9~(9q|;|Jg;AGBe%y&*!&ow=7N2Iyb}j z$Z|myX!~YM{&lUH85}?}Y~A&~;jxXI2*!V&puKEw1>0Q|6)Rk*A9G9?r4Ws20fS%O zId#JlzV8e}L=RPamilYH(=`dr6(Hogmx;KvSMYS^9G!ft8NmTlh!w^BDPP<+Ae&zv zNu!fMTugrb5c?dvRVrH>%f%NbrO1^kYm5q*ka2;hyu#o@{GEosuheI3e{-qjq?TgY;h zgetlYPBopYs+#?n!?VO{#~fZn(M$#pMpq;u-E*P{$gl-!YEbo%J7PKF3em#zgU9Je z0#WI!zG0ib1)Augs{AjOFq%jLn3NUBhdg@=y0+TQ!-CKb}~HxD=Q#X&m$PO#zoTJzrf`dX@;qo#+g-e4nGfGtzi-PRk) z74wJWtd^botXs1k^W4k4hx?1~GEqHUQ~t&D=1*SkZu9Mo@Fn5zup-*{XTwXf=EDsF zZieY2-LGcq`DF|zAVwd(D?IAzq)BM21Z#hVGkUlrg+APF@DCp9kG0c2zoI#H%`Mvw z{2-1c{8*~JRlDO_fjjxzRS{ph<Be?K98cnrdP;u{$@HgZ%2Q0SSOOg#3AsZG`KY&c+lAZgU5xZ)NP1yHkDQak5=6@72U; zAjMMU^g2i8wWW8FB!Z;r?rg!F&(1&BZS_abm@=sq<1Kmpi-@eUFCB)Dl}G12=uK)u)MtSC2NU+A)=p=( zayZXT&|BN?&b?iS3w;B8wlkW=@M?oQP!ynngJs91AWcoPXsN{v!K(+E_g9zSEiehg z``m=(68x^4w%lsOBDRUv>i%h2Rc1`Y4f#xr<}2obJI}_Ib>6)m)kLv(tVKa4)q)`&dbg;3+D6 zO1409`}sX>=+7yxvIuxcbxcORE^kzElMtwx9Y-g%-hk7w<^0G@i^}(z3xzE+?ueYl zslAMMfYW~5@h!?H`gi>OUEk$ru4*%U^M<93-o3(}FMc*lQ~jQVJ)TK1Vc#k4DteA; zKJ3+^OM+7A&jkj~k@A`yx$;D0;fb@n%*1axjbc{Hye~q_u;lsP>u$=KnP^QCb33g>%J(}xHjYg*!5H1IYP#8?-FaC( zXto7o4nK8{rH`c(&gw(3FUp%9(*U2h#^Zjgtp#L(Lnp2T9vz&S712koh`Q6513A zPI^*pBF)mH0RI=|_ISUalg~k=r6)cLp>+7Fk<;A@7?Sw^aiS&=?4}Ti@o_Je|mx7E?F}{vif$MQEu)U$<`JdV)W>R z2h1vonUweR*3Mj%;--A3ASN*Q{v~`y6}X4@=rd!uUu1=Eva#V>k+O7}jq1a;wt{K1>|NeYUoJQE5Zm-R0wa3A^WZ9E#p>6CY;Valk!9MP2+W18gcto=- z)q2K@1{_8)u-CW1pzHd0hXwNa6k5Ou70&W#yc-J^{Kazk{;UdWkO?t*qs5y!nnlMO z+)kp$oyi2_Yj_XHFzem3$cu8|SM?pV8TF?CXlsmE)K7KKIi-Ldv$CU1In2FdtCidj zrd0PjGgEEi@_=F=Dq|$g7<8R-*0T#oyN3>=`HRb`kFqVh)L-`Y&fmIrR8i{4{xO>8 ze0MMr$ece!r+Hp+brkk^bqaCXSJgtEDo%N8v(FaiQ?C$;8km~k;a3EU*S;gAYq({0 zB;b0}VHUUp4W};Y3#kHRNHY4I328}>T zZ3r+Uc-&y-ozA=GoA0Y;{oxID+ouFE+p9DSE}0QKLG9NH*AXLD%&-$FrRd`TUS5M- zi^MLA*u$MtKSpZ{G1J^*ctXVAhBXWqk(I#r-${LG=D%~%X%Va3^8pi{13lyi8cHE^mb<*6%E(b(qYEpCDejMZ8ulyd}_BQVSa(y+CXYRc`#O1!j z($$u|aV2=|A<+-%$AO+o2F^^RGuO%tkhBJS_Ik?dU&TC<`TATu8JRQiMp2qAd60HZ zD(D;ceMoS#d{HYN=)y5g&y{C9&BXY;){3$}EcUxa+g-tmlr$IT&x;*-xS3f; z@1!gcx4XkN`8oayuCX^9F#pwqgP|wJ_WXym&SC}LyQ;MU&Y20yTZ$2VPhu|(2+&Zq zQBf1Z*HltOxNo1#uq9wsbd_HDr>AL1$!p>5^&z*2g-S>VwA4IEN@S{uZa08+#gVKO zIGdjp6PqLNrw3LXnpc?hJYwafwmIJjjI!7TtgU1jMMvA40{^%+zeJqD2%t8?olg5t zqL@(e6*QW?UAMRr8wZmNIu@YtL`RV$-9)mcQ7w+9j`*HcR!VO?i>SaM?hHuDRDl3RY-i2l%_Pyxfw3l1EA(x#A;MEIFD z^XR}b(?WI~A;Ac%6Ec;a{LA5;7tJ=Ai0|%_8ToF$7nQo)~t!r70LY&Tq zo7BsduF%j$1ujAJf-(};^^OOJm3LIV-QXXQr@+*(o|f6LV`e4vRpYF_R?D&Udx(Gw znbR|x;cbv;;q8d3%;(vyojG%2t}9S+DEAhR@>e#Dw6(Se(owAfFQhL0EyS zquk=CKT({@tZ0_9{d>{^!pA)_9K|P>-yrQ?g0hV;fmpWo8n|MjKr8bP&Up zj<%*9B}1jd%) z=v6yoN{Pd3_zBb~8$9ft36ke*o4k=SE^W)2>J*~87I;kN=gG?6>@4aPq*}GRyHx+o zTab@mi^0=S&##pHB0Q`e02QXV%tE&iTLEuf9xMqb6v{W>s(V;9H&P|A6{y3SIIs9s?P8or*DJSN1A@0ROkPpA=uQ=(XbVA! zbK2)4^U_J~BZgq2Si-qcsnXD*3cWibCw*Hz^;w?`*>v_6w#;E$q0{;3g9`y%H`#Gi zFb%S^)|<%UVkQ3MW|Zzn6GU`%d2LAk1s)be(0jrXd+deYi%7&N;+xoL(^NPxM$K#7by^BPo_|AEK@`L+BJ^omLNt}>^o=G%@jnx zbRCzq3?&;3pUwLMf+;@QX`I*ZacnwGUZwad-!gJ-vh;uW`kjpAW5`R$L9_~xL>U#^ zSBp%z92(>H-^ttXvA=ok;PXcZf}gr6kX(sm#VqL4MCWMMTT0F!DD2|D2 zbky2|11@weOQygOCx7^TzdPYpX0wHci*Z~HaP8cCy@iOy2pan4Lt4VwUmhijuxEs> zQn4}`Z`dnKP6%L3<;>Wa@TI7Qr+uFPlYE^X8s|kGi`A09KK9ln!%40zOcN4K94vBpEY1jv^aL2Vc=Z9i)PSt=LmiEW(32gQQ{W6tbAeWy;ifch3LD zkP|aV&6h4YVtTPtplRtc_eA7snpr_rFhb}+-E-zu*$IJh+?1|S8eKAFMIcRWfz3}y zA4~a57KY_l3<9{o(L#-oy0NST^{}{V^7OQ#{+)4w+`b+Rtx`Y%?WGG;&Kqu(nX}Fl z7^nCWdr7`$$x2KtU-E+xD+h|riB$|R)hAv$y0Y}O@WQ&t|r5it>yKsG>7_O5T zgNDmCI;&2l@Lka*Kf0AH+dKKuNuyQXt-2< z${Tu@6k0pZfnuG~BIg=*{k&{apg&fm(vpQ!S}{muZBdoMX)&Bji|P5B*-Z$AAk!d+ zoHr0TxXaq(a8Ssxnbo4w-HpMYdokpl|}%r{6WN3FR>Mq7$6biJPEDeu$V za#HNeQovdEzY(vI(;Ki%3D#3N8MFqlwzmJ(HBPN%?se`SC*3KvElBfg^oruPe`05V z{pzObm6f3~XG3aidA1m5dv5t2p2R031@k=30l!@(7ynUCr|rL3I8a3T?0*APRx{u1 zwVw+4BjR|Yv&($GwQ`AZKpn1{mUquX><0C_gZ11JV7;+G2?5e^sQk>p^Hl#$qBnw} zpYTqDy{w;+>mZfsc-sYcU^L%G{RD(Va|8PAiUN4?u86j8hNxlv=uz?ctgpoOzsNO*M@u^zq9sXTZ8-JMUts(6xo zC|FN9cgW6OvR5-UsFs7Fy!pG8x{kFMb$1Z%9(HA|?c8}xEe<90qdZpufJ+wedmSYm z1be2&x1_Hyqj~MX_I|xrk#uWP)@v*kt{gx-{_|YNVzEgWIT0h?@QTh`1x#XR-_aOD z*83r}T8Ka~T=ixuoHrJc=J!4yhJ|-Zy8y)N1b-=f3#JwsK*>bMBhBHOSIC`bd>2x) z6o=KaiBwJ+yIN9{8N6~AizA}*Fy62-fN~+U;x&#{dH*EthLBQ=4^V#&=r8ve*Uu#~ zxo0+dGIFXOoIZ*&YmXE)asTD+uZG_-Ra>T|>qR;j&#f9r=B%D=8El<$B1=W5o!65& zOuF7Z*)+z+CCsnq=@$4OcXIa-MOiYqJ%FUNx?%1ngeP^K#qyx5?ZFZRY!kHlD1hp6 ziFE}5{RG-WW%i0&5)eK@QZ^f1{?gME-)=TCMzyhkUF`f5!u{+nlN%OD_G_7-v#(D{ ze&2<2e{MOFlob}_#?K718gW+3YHqW zjU-hdMb*-@{!Vh20U5B?q{0F$RPOH}befQ&-OR=80uKlzOfU_F%#~~aK;j|{D0lUk zNCRYOmhx_$Mqm80|NU1?;9}ZmiESm{BsEiF;$ucFr;aCzdPx7u3wh}O`H}<9{2y+V hSHtN3dg}oVTXS#McB?rV^^pmhvb?%njqIzi{{wAP^xOad literal 0 HcmV?d00001 diff --git a/devices/surface/images/manage-surface-driver-updates-4.png b/devices/surface/images/manage-surface-driver-updates-4.png new file mode 100644 index 0000000000000000000000000000000000000000..5e6e4cafb41ac234112c42dbc3caee0b374781e1 GIT binary patch literal 69349 zcmZ6y1yoyG6E;k7DIVORKq$rC-JKTq(Bkgy8lXTaR-m|Bafc#-7I&8tthl@V;okRt z-?#p~l9d%WIcM*g*)#JzGdo&cRSpxK6deu@4pTv1S`!WqffWw!RT3&Z>@O0e69KS~ zSFW0Jl5ka{7@Ymih!~)3d03`s0w^CT|QAcJt&=K3Tdk+xLM4@hZI$n6Vqke8+y3W7UdGF>~oq83JqtjA; zNmMgs6ls-$_r|kmB15H~Fy5-OlEkq~xBSfCYWJ|LqC)tB90g*h8hF)^H$`;rGql5M zEaXXZy&Qf}M^yE_!wE^$bG>Z)d|_vFBhgRhdP_CGlK$iOv61$Kd?7N?B=@b&79}Kl zt-@q&PwH(no>q8FEEDd}JgazgmmX~7HQs-I;G6f3@a+jNT^Cacxq9EP=C@&G&inG4 zkL6yhps4*^qvQ`5Kv~CMqg0;D$`ymE#~cef4W9%ELve12Gb%Wk+IPH)T*O+>lM7QD zrizF#juCyLRd|i%8oAZ?lHbwqr>x5CZu$?5zFmtm!n&LI?5_)O0Pz}$i9M4}UCKk@=H=WXgdE@qGec)Nd15Ld1 zjqrq98yaWnA9b1582_7nsW?X)gONRdOyE06hVlw8=;MZ#Trit0LfCWCj&S~t;5&FAli5EZ$1rN{zt-1y zFU1#N6DvquLPtaaDxT(*sjNI)n5I7-$@(pl=D9pdl6*hliCS?k6Te?o&3Qk%4{Y5R zuT8UyoxzLh^~01l_X?$PxOA(b`~dXG*7s?9%gl@|QVb8VI|ACd&l#*Nx-*H#H+EZ* z;n@poWT@43GVWg4M#_tSgQ$E?XsEffh~QqGxd>rT(oUNnsuHuo)%gWQ-*rB1`^4?2 zoE;Src@h;ePklN)-d{0;%V+fXHoP;`WASfCQvM}_S$>XW%@c3OxJc{y<=&aT=gtv| zi&R}oj%!-)T9jNn+3AL9xI28^-`S-oAfQc+rNbyWIXUwC`(RL&coOq?Nn1CGl@rps z?21a2dQux1T{j7iig`ou(Vr~x6(5xgkHtz8t|?{QN7X`RxcyTcy$mC+lwex@M zB%aHp6YLr;TaHgLrkj{#cCX%UQWxGR&JlMt)|k2c@@=1fW=^TBib!XBf0Vf_2bp#< zKKaZa^uN9DhXVPQVQ}{=u1T=fHR)*EqgTbrQeCNeVWuZRNFa-F!^yR{p|^?v+GYz+ zfV)&{-C#8LZXn53$~D79Oy5VqXT^C{1~jK~_=tAj%d$Q{BHue=wNZK3pK*z4kIO#` zmaE?v_;ox@`yX~;x* zAlLAZ%DP+#lZmI1r0XJuXF5{x)DU5pPC=%R5}O>At`7#92hu*dL=4wQSJ}bxtaU4c z`cn(@^U4T@8;gpXxaD!gH9KnutxoKfpzF}u+Oq_Yx9Y{+kDkNMBM(~p{DkF9%-4VUk26P~cMu$fA2wbc>lQcV z7A%w6wyumXua?|uGbZfLVi!{A--_1Ucvr$4>YFTdfGaX6;?l$;yWrAsVXbDmyru4) z|Hk(~g78%`S8IoHzn%SudgPJ2YFhk2vUCr5qX;3cjSR)hFUJStgO6srTYvpCR=J>U zq!>TjrpauWfTh-*3lq|Ty3o&#t_F*_$;bFgR15#OI+(MFbH8|&3t~e~Xka$`)@FE0 zJ5^1{<)tJ=FLJ9I(iuJJNKKa_=`3P36&Q&`x_HUH9;imG7<##unmeX+`$4g~C<8BS zSjfl-&u6L~c`Kmi!sQ};m!d>3a0)MSVcDx`U^%#GA2K6e)1UG=q9`MasCSVpqhbGJ z>x@>-{WNr^;YGG?Z`EUiiq601Tn%-+_HB^cAo8gZxftrG_x*}&ZQV;3WtARsi7uFO zTMyMArzooS*zJ-WHs$=?&mw;(1G>Y>r&%lICS1N%8hTA8&|za8KFHJvn@I5P+yu#S zxzKao$vQ=0hxx?*3C|{x)-KRPXmOm-ww=TlF)sM0!@##ibCssNy*AKwd11WWr%zkC zJ706sB6vRfTXJ5#S&{z05c*sEgOwFd5fx~P)@>g;Dwx9&d8K5stMe;QDMNnQ0m-&4 zN3@|4*F)cgSZ}|hZt>B*sq{n>y>(N%eej!GlS4dx2*dLdwn&WD-l z+1wf(a|0ji+zBnQOkIet`k%GS?RzBr}ZDWLV_fHHACH$+= zX9W>*YN`T1$uriCN=1t8q4WMp#47B#`s__q5Nt6y301? zuTQm5@6G(r(wC4eUO{XqBy!S(N*=SA4~caDnuH^Qt?jcTKrP_}mnw%G;UIszU3~Qx zBL8)piGdA^RGpc~)^R?%x`uP4Q@5_G2LgNVoPpZe> z=Jdd)GiIh$xz!(!aN6{;S5!hx*S|=(JN0XF*-~hZmj?$u&7Fv;l^vz+zB}nPteC9f zIkXq%racWDG(5L_QLm^GnSGN#A69yP!bJ?`oia01pkIAv95WOri?jFrtdSY_E1O|d znuwCkXe8BV0od%c(ArFJ_v^hS8{v+As}II-B${$@tQ=E-7!5T)2!$WT|SHSbY zE`Bk~_KoMoq}EdBjY|vQqX}DSzuRWK=)KF*(S~M^k-(|p+Qgr?#$~92UaR~89Bpam z^kervkHPsn1*TMbxoKyno_>HKW*{9rGq8%^v&HmqTLe`7*A~Ka^L5$vhMOXw#T3#{ zfzr~%W+%&W0IVabl$L`149+c!tHg+MUsyQHy&6n>93d^ykLYjT6{-{7X+6=Cj!hnG#&S@QrC{?R*n; z)VkYc1|55HtH0)_M@ovM32-SnoZb*4Ri%Hk5oJq$^|>e8|S5?Z&@=Mp~&)CVjDcukyL z0u*9FK^fjLb5V&$vB9QvHuE{@g>Xmggyv0(Nl!xBJ5bD7zj)~Jl!@+9#lKjCUzT$pVK&$_Gke@ zUjn{|&`RW~NEoBhx}n#rLS^btmGb~To>crY`#Us)gZ_s%KyBks5Hapk?5&uVLh^e4 zb|r25{;rnO?rTUz^(mV*l%113YUvM+9gVU~wrX09-yttIR$;arS=>k)R(`OuFr|Pu zF7E3AH?D1#d=20D%v?m}4Gf!= z0LA0H=NTe$!qB?vAs```_t_dcT;38sSCtA~*}n+GQH}*!a0L&WJ7wG_3n6Jqnd>uU@uRt#~+mXmef?=~xH||y zTN1DLhbP11J$#!GpqH*SAzmZfPn6|cl9!&EBoY;5Gb{<@-6_|K`h#Qn(fuYtYCrfi zGmQw&yp;Rn&Xe1RKVzL+ww`_$3#oFPtWJoXUJXtUL?&ir{pKD|n9?4HLpK{Y0#ScX zhi`48;DU;V4ez!>c)}zGRE-~|`n=_DK(pw3GJX&~A#1iV<_hTq7Gr{?_Wi$9qFJwE z#g~PTzlRoEukM~}ujBA&q=TI@w(%T&XhYs_lU3^qW4547$p~@QVH7PjKjI+CKxy#7 z8e|=QTCWTF(>JWtIh~W|``!8!oNLCGW%8}itAcoM;&--q*g>@T#Zva2h*5G3V)f}5 z$;tQAry8$|djAC5MfLF1I+(Y%SArYK6b!U~ zAaX_fagwMw>~=Nj4v;{wi&Qh?#*q_+auebQ|72$qmE|A`Ip_mMR3Qv-*;cULN%zB} zLQYzge;2cD<`N}$8}rjq%Dkte%J-o7CGNX_l<)Sry%=T9M$s@bEc=bE zv2t8?#&Lcf>#OxztNo)HXjELA z-w>7g%It!;XldXE!b(l@6O#gax6txyK!>BHu9M?%N2Y+nPsYP?WNkt&oyIlczGKGC z+V;-R)@OdZv&B&=;(VLbR^OZc%CZow2cxOK#yl;XzY<|&uV$MT|Gl>I6VQ1RrkAEF z{&te(S2K_y5kDz`U)W*EFq_5Q%nX{$wU->?w-Q4Xoou({pSiTHfZIpY@S@9=JmTBG zOozV2h*CFEh*|37LE-UYIJ%xdK;GgBTIk3`BnFRbysH>If2ec=vUAyb~K;SQ3XAwkXZht`IK=A3AC|K{4b#Zj3LRFiZ0YG}f5H{8DaWM8h1tH_ z45Nl3qn4>BohaFz8`6S(0$1nFpHVd%R4l_p$-#WltwTr=C-MT&DG#~fb01A?WGiRtP%Q@HSo=RMTyKd^!j zgoBBY6aLBKR&aCH7W?S@OpqV8f}&dJf6mfmIclO}4Lv}Ie0{%t1M~ns3P%;^G{gTudi#yTkt9T%@D!Qe zABbOz^Y`aQSDKOuMrgM&e({JLqP-+5{5w+kw~`cyXra=Sd2DtQ&&kn&Lk?@cnb41t z92IeP&R!e|x#(2Qa%x6-1fT{~Fi`d|Z?f#6hYS`~yYszlIQ<=C9b>^uHYU1#@c+{p zp-#t&>rQ-UwO-ejivtI#dsV{IT!I^5|Dgl)z-%0Enc15`;>%9alY{eM^+vWvMF=}f z)D!J*iaQ6&?F|W{YVNDrZXpu$0hRQT>q}xt)izm_XmCQ}?VF3g|df5X`2KQi#Mg1dzk z>(j=K+S*VvTA_KwmpuSLH?F;~;{ywaLod|uKkaUVL?1Odh_g*vZb=8Gb&YPQ`*-L< zOjva#o&yWRKsR%YSkaSzuMKh1C$zZL0fj7j4J45_A5;vQdSgNCoV!Dpy8Sg%sRF7- zQFR;*QJ^HtcbTv_2?eUI4H9X@cG5;j39}kDRtW*}MM66-v14GGP2;ov7k9P>gRo47 z@$Foo;{?B$-+7{dx^>Ae^+o!%Y7AT7&PIcB&^x8%jN4uCX`?mlU^zvr_x10c#nkJX z20Bz|?y*0uya^yw1|UWHlpcnd$9>m?<8MYK9>L2oa+&7>7+{2(#Nn>)-aAmK@GOg3Z%3F_Svlk%DSz74ffa06|Vrm5sa(5zjbWRQPi&pkteV3h~BO6f7;fB zzNrz_#q98s7A0j@SGdbYJ{ruyDWlW;Ow6~D7zMJTlY7HOij?7q^ld53=PR4P=j!qd z1x(3oq=4YWcvKcCkfJmFe@e|Jqk7EVdoE^7zn&JYl}7#-T(?#_9I7eb^{`O0M=~Cq z$#vw)dj9Apu=;VIw=6t9D$*qK~12Mrh+WpThXTf=NCglwvGn> zb0l}a?hLcY8S-^If~R~8nok!q2znmR1RNZaaa z7n zif+03QkKQ}B8@2C_Mx4SZT^$5=$=NFM4ls??`JEsBn?u3Woa1U466O3bKW?sYA2F}(MW;M*& z+szC6ASyB@I`G`I}1bdYx(u}-CH3?l$y zT0&G{+W|%kAFIJEaba?FasQ}Ri@A9D#corIl(x&}(_M*R|A$?H|KAlUO*UK8{}7#% zZbs@A`<@VKKvJhdP6ccTe|XW)KPI>e(~m7|UKpO~6Ja2ECq&X=V58;Q%Su0O(Kv>K zL=2YS-}e|@S#N!Xnd)7Sk;PYy;hPSSvqnY!bC?=(eqjM@Os8tXRtgbmU|ar_t*zQp zn3^B&XDJ&FQhXU90Pv-qv(zER+Co9{eJ^aR%>Onva{)RuXc zVqhbg9K-u^FA4DV3rbF*NW&b9{p7#?DX~xi3D8US?&+Ao9MHyBq6sX535gr{6&=9b zY=-2bklObvhl9x*PJi*e@5&@YWhUs~)l477@wek5Kw57Js-c*Q51CblEtCA?Ja+Rx z%F5oB#vxB8yhiP%Lvt3D4iS~am!T$ALZE@?=e~INBFe(fnU!4KtPwgHJl%FS0q?!W zQZCPtZw&~YF1LFP%k7hRb9@G4hOOERail>hSJTE#)=Ao`r7y~Qr}8#W*R#vs3AD~swK{l8uHT&r-4Z>H|@)pFPb)PL_lP$49=}FP4-~O{TDqVW;VmB zPOn0XnZ;1XD?7s`zm=8^6y9o>2V{s7^jzQT&GOl=Y${wmhSr#i88p~50F?VDzc23d zzKE*<#ty>7b^Hn|Y4TPNK!@e~ zcsW<-1s`)wP-`)TpYdWv@}t;YRmSY>B6z(It=ePb{V4;41>^+Ed7t&%nsp~mpuMS69x{Za#V9m21h)xRwmI=lV! zXS<>dCh}xLS9M!MI@D*2w$~*p@CKu~~gK zBE|#=EYZ|R{XQFUd`zl3jq=&l z{7VMQr7&pyvkeQR_g+DcM#O8RNOr~uOjtUd-+rj6JY3}V9o;@UQmVxd)QM$%e+qfq ziN~NX&7p`hMGP56C_VT>uk^}3&3Wu8AMxWyYqdl744Cuy3Uje9&f{PI@KxSF9JF*z zv6kUo(dwmEVW(oSec$~)sjZETiB$g06V=xo+D=v3x!xPRRITUE)INJ!aJPJffMka= z3T+hhJp)<7^@|Eu6z1!r-!fl!Zseua!p2#Gr(<5)6xo~VwE&OP{y109%EjawK__q7 zrQIf&UcSD@n>;4B`NC=vJlq$R#xf>4^u+U0JXDb!y~XP*vZ2+g>_ zO#cR_PB}o52k!5TMvIY!9}a8bN$(q3zh8_Hp!9i~qaDXs+POc6EuUUYRA zKaz9;?XCy7Z4Z5PsQ1wN55B8cj@Y_JE^0nj9`YL=VF0%GrLJMsHSe|Mm!t~7Pk`#D=L@`W^6L3-USiaTN%hz9R<`_wJ7iMat$9*8X%1PfQN0)5(Y+r5bxA^VMHRy075_-^_6b(c zs_5UX_3k|qFCUsiMdh+mkm87|`e~-E7NxAy!u@j+*#>BFZ38R{{rVXs7~pO!%+;(? zz}jsTA{e*pob5m-r{|rcoBLvTXOFuda?&7&C}INsn0GpTv>x#mS-pQHiE?$vi%7VO z*6gQU#>pDIL9G+xCow8k5bh#`bm3~N(B7}fC}qK*Ng{!N(-IU|Q75XyZAymiu{G60 zBv$?P4MDv(0xvfCbk|McL>iWjr}{AZ5P8a1q10}o-@nLpv?+0r!O1Bpq+Q33KT(xP zgUU5EL-Y*{>gwv^5aXm?N8%NZBN9; zmIm?>hJLVRtK=*_uu2+Mod{}xWgUf^1Tm1w$w>=XX!N~4y1Me9D=Xkm`1-J839AKm zQX#{^N9uLZWc70c>TJo2p2faAG05fU)z6TXyN0t={TNyKZU5(O_ETKVk+R9o&ZeqT zj0Uhsn7tB~rZ6eoK0e9B5RPODxZYjt)>)1j*IB5zy4Fn;7jT>Y`-tJKINZ1eKeKW* zIgXzRpJBjpdKU%!>eqNwD?CTBLwRv$KS`NuxShix#>cy7Y9>S8sUdKCp^?nKGzY@3 z3;s_Yk7b>rJf2L<*so!Bq^T&&!^2||a7#}e%L7YSATdOdy=HV$3f88;+p#g20tc4< zz=N&3`n04t%H!3Q+njeVWQ@Agrih%q;8{(6QA9Pvo6SSfv;-vGM}t)E2Lr|LJ8l<` z(KdwAV3j^`S>X2UQ*&()$miR4wJyhDU07V)3buSn?nKHO8hDtQ_YH+VSz4A0B`YE* z{tgT%f`=S9R9_LWn$$t?OI>{{jk`o}YH#aJjMm+Fd^0H)9e-oH=?dG=T-_-e)Gw1( zx*{4<7WZx-g)O|`bFeqh<|M1WcpXIGaCqu0?RB7-^Go7Pvq6bupQl<3|7@Ftf{^g5^k{?lXG7%L8_Sh z@vX9j!n{-8|J}2AcS8r3Qfcp&8zPy+hlbG{m`*-SbsZnibbgd2>VJ)uAK?((f3a_Q zv2WI}#!TjZ_jgRMtQ<6mF#2zZiTLv6`QZQwz+CMPj4Cx!^*hO~5tw0!4!KcskWYv*Cv41vaJ3xyCK zhNN5#^t>|r*vejHHcJ7RdT!NVjGLfpn5N~Qju;T`W=It)>SQhwhI_H_|CVnoUK1+E zbp{@UL>-8S4lVt0=bc7+Xkt0JecqoQ?&lsF-QU-JIEYOP!s|sD6l20-(4P}iswNl7I&ud>ZtX*~Nhgg)_p%+A zp8?8~mTVuz9!`2E3t)yVP~sP;|4$A(sjhjJoejgza+7=x3yD$vAskKB-Nz2K$WmA3 zF^gHY8FuFm0$oQZ6@O2vcTw#RP>=tj9@}D5Ht&i}<1Q}YE?5gZ%9x$8D3x;7BO zRZs0DYiN<|beeKB@!em+78Us7T$ML!?mTUfNfWcQg9f2h;qy;qh-A~;xzN!wsrA_RmXzb+1m#tI@hXHf#ZkI zHQ!fafV^jM8gSK00!V9zcz6o~my}&sMpxQ1wV{)ktH(N^5ieQTgY^aEgX=$GPDS zBawTLk%Og%I!CRs4n2Wq(4CyOKx)TR5Eo8^FD;?v`1b1sqr^|v``uU>nv^31!n-QwpueLusUSp9xRf|3C(j^rK?4HS# zu~e;nCPo6(dH2LhyRG5SuEJZ6uW!U-OTn**zp2!{jFYDk2ZFguG>(hS#fU=fl)3jR zJ=xLSfjzfjpvh@ah%T%^k#GdFX6le&6BfO0=7M0HkzW|%h?t^0qdTZH&>nL{t*)E)<1e^SIuJ)iA6 zTJEII3O+KZs0>92cnEJO%*&chf88~Sf34y{r))}3$pu8?<`Ry z=%yjcLDJCjF2t=CF-tfsrF$%>nO*-aX_shc5!jb z&IoYpv&*@0!}b({2difec>fVGcmO80Vo?fQ-D8VxO4Z{grbtUDvgdWwynSIpf{%|x z#ctnciP4hHFl_*R{K9Ww7~TP)m_4t4l!30JE0r;QtMI<*@9XwUeG z&sPo#G`-zkeVZM)+n2WAqSMitAay_WhZMYE)J@TLHJ08re^}krg0K%G)BVnd)$3RG zE}kE1%!1{WpZy=#y)jZ*^lBRO7Vn@#)s`mAC*gU)^1Z=yyV)u?J-e7)cm2mz+sPmF z4W$_^%Kk7b1x5T4P4nW^@!EZ)Ux%y9? z;CTqMIE$n0&r6xE!6cA9GK2Y>+z#UpikJ`0E)V0(rnLUSGlDk%5M0k^O znHd<7Jidb!r(3d;!CtbqF?W(^p0p)@?g zg*2}S0cZ0mMv;q|_b$R%Xr5<`0xvd)9ZU5nS&WH)J=H$lJrqq=o70=j5V4^fWp9k7 zuaA9S@8Uck4i>Z0fwa?upBH_pSIDfKZfVtoZ-)y?O`fLIs2+d!cIkHdgifJ+bZftD!&c2~ zp$@R8GNoDhlHWVVsBGc%YL*%v2bU=^ek2kTXW_g*uSw{d|+7!VzP z_;l_HZ3w8!4C^}iDt?PY5FG>J&Widm*a7Y11D?7nR!AWqv9D39+T;58AO-m#LBh>-Xd<7=Sj>w|gc7ipU zZhu}}!7Ud0YqMYC+-B?ly)~zp_fOSjTbci;Vs$?2fjf7E{e-yD{DvLsy*}yCAw*Se zoXWb!3&d*@$~A6vEn9hnb279&@$|az>Y9GSBhtq1`#`|0qeEcF6qz$M6n#m=ERyeR z($+D%>zn0un3I)jBnKh;4mvk~Ll=f9_cJoR(|e-|()Q0WpvQegV9^U@o%z%A@-`h6 za)4EyuvvE9oJZ+7y%Fv0he-*O-1uKi-j+vFnwAGlt7bor zVm=#ZxpKoAea~U2{SO=D1W3J@;BJh-0|!df+i|PQFx!L9w=wspCL(%kUPJgl#Z67- zp|7Xs{n$DM_cT>=r>NX%93CDW51%Q={fWBl1OH?k+euEQc6>!iB>0C+!6w1x2e=~k zh;zgUK~MUYS7lSTk&ByN$#0%mBbzR?-(_FVdNIR1S`dh5)aNkcsn6`&ghBO=G!N?9i4f%@x)=K`<==efZ zY|(5OOLKTPHOm3cZP_i|=Y;&?V32=m&F-3aK^T*;DZLV#Y=rIzcp3T~NmQ~JLT-IJdMbBHlb!bd!hsUUP#=r#DyMHNd+s=`b z_8x{Y6n3B9+o-?uK!MatjetUG&u|(a=*-8{kUwgx70eQpO^_pl*QwP0DKA`SXa<8+ zu^$6t1i>WFT=_8C0(v9HDHx}>ysmGV)4yKreDg2Ix{|Gk3l>0w_-T;k&W}IRmk$np z*_C5BQi~fQYxE8w^!zbPpo|BpGAdU!rF)r$g7pcI0Jwd|Z3QfP2C-*Qal=y4TT#yZ zv|E&c^_XTqvkX{D9|x<{FB>A%F{mzoOYz{WnvfC5tavGlaGxZj1L|7ZdDS{b=4@sH z%yfV5VJ;w?#=Labaz&pc}fdE;#X>H_TOf-lI}w_D?pOf=7@!6$$c7{g9C<*)1p1WG$^|vR{oq z9fc1prY zOO?kE&}5@rU(z>!}sMM-FcF#|-eS;~{P|(OW*!o%@)z zwyrz5ZaBFQGop1~O+ikVn}(_z4P!LC#r3G!C$fOs*h_ww4V_jXfbZ2WspD;tOPAGN zww=cZK5sD}-fJqcx_Cd)bIYWvP8}#q?E(ViQ{$5)$AKCYD=Z$cTGKazCWPKfy(gJT zD~-nw@TKWv>LD1XmsQWiqG82SAQO(4#KJ7t%EdfIhXnsE)QUEDmj4Zy#>dp4fYtS~ z;Um=9T7i=81$sDrH1Q$L018df7!*zaQ-vJF&3ugBQcjFW?yztv)=_)z5(d%_ggsw| z@g+(Wa7l+O(KSNeY)&mqyaV*<>c5rERq1WvlTfK*P#~AYkYeDW{!j!JCK|!YjbjxC ze@cv)aY2|wv5w(T>+9e~l15?*kwZVDd3%DRkGvzrFU?lH9EA?qZ7;}~G@bC2;YjSI z{v6X7LFeH(ZS7d%bjv)(YE@U^SjTc$VlZtM+(o-qW#HE4Vb*rE?FB>*br}wlyr!k; zVLN5mhHjO|rmSw)lt{e}`-n~}X$``{ELK)c_`~!HoLl2MMnekukf#Se-O!^KQDgrRxurATwMz|xIYv+VwBT= z-YPsBkWCeS9%#pXU)7O~%kS6mqo_+gwh?FX%}JC!Ts*9)*Qmafx+jAiE%K|B{i-ld z0k2jObr}B+UGSnI6;wfnCJBFB$^IkMH6HAW^ifj(d*|3X?(MGvR2F1OA{4!8=7xzN ze))VauVqbPI?7u^_LP{Z9_dq@Q)S#-UQ*(oUKum$)|;=8q%B@jLwuR$k;!bXN_fr| zz#E2qfKMq4I$AwDM|yGpq8A`5B+a7AI=}+feXEwe2-VdOC0^%}to4$8Gb)XM<|R#r zI|$H;qP~4GH>&wj&*oYV}ZL7=^yCX$vL;+ ztV$@ZVfcCiPFMp+s^B;&ni`TUV1-=W2kajbCz}r6)G?;$21MZ}{`@>gXG~xY3N39W z)}XwxIN>z7|3nCL()F{&j{;5`k(}RyK;=?(j5o4z*Bv~wJZJf>so5=0<6&jjv(4KN z15epS-rJko+E;X7Gp-yKMZwJxh2?blufOeW#GyFOa=5P4d(e+jj0EARV?Dn?3@8xe z#RsP-J>967sc6Xr%k@U$0upCn6^?!1g!pn=zN-$Qj+L7m*!D{^>P#`UbX|-)6y2Je zZVq<|gfo+%Z2wDFg^@j1!WmCigH3__7hX1%16?}pau7H1#H}%#g?t&4wz(N<7De=4 zPVhRcPl<(6qD%qoEBgjeVC)cOf662oT9#-<&n<)|QTi%3@M6@d8=i-o4w0dEWQ9hp(;pfD}jlWDdu1@9Vym>oiRV%xH5oHTbdq z+_%_zFd#Tz8r*4IrXI6yonQecO1ues2ct4fUxVI)V?gZAubnJ+!8~+p#NnuE5kC~# zab&(q{kFmpBk^wqs;b6}5Uq zWUy)P+sem+*p351vQIZ8bE4TEhv#fA{i>~Jzx(#C=lFM?w#W0CIVWvczANbr-r+(@ zy4ym$T{(|2L18ZP!eL?9z$$TEJg65S$y-z7@0K3F-Y|e!of8{(;7i{}4Uon1I(L4( zB$zsK6bb6DGrYOloJTwTXO|jwKy~8X<~WHnMGXtG0DjLGE7meLk3^qLqA%a6GWkU` zrG;%D^;%p@d8)=C=6WCrdA59tN$-h#Vj_ZT>m8n`nDxdR;V4Tv=&rnBHrcNoUbbj5 z94&EDHO$ikXzcbvGIDb#KA7IRNep(xwBjgY&$MK-uU_}|%<6V|ds0A!zV38hleekR zPWAn6WBfeqJ9qDfu$W0}EXT5`SP3DjU#CI-3 zqxql9ab^fZrjJSAMqj3HQ~=ci3nsoL1~I;hx1vi@L$vp?XinwC4Qpn=mPjZj+)oSV zev=CJGwcS7$Ze2lV0zFP8%$%5K}-dOgeBHMgxM!(g4%7Biqnn z(U&N62qR+3llIsPgIEPAP}BeB@eYv(Cn)R;Vb;Xe8sg)sQq#owo*Fv)J4B&bjh{!$ z*@y$9$hq0WNO3q{qEhL+HYq?63GD5!5y_~%^I6ZlCL}+p7h-}GW7!Apj3o>pVg5Fw zF5H&uMM%oeZFuqNNECMRSl5p$aUG4D?h9cz zJ8Mkg27Yw==++;^t$pFh_ynnVsVuXp%Iu6t$td6GAMg%OWZVI^73VyRvK*TFi)itT z2X2u;u#APL;Ru6BY4j6emT1yi7wm2}rj9xO@{5@#)(9G@^#iPBv^#oj)pA&>9@9!jFW|uc5|Kgh9yJoZ0Z;_hCNX_=VK8nF_dXW$aPY zr-z`l)4XS4D-;qoF`Sl?{WYDh%a{m>#v?L{+rbjpWkWQwVVXRmtZjX0)Ml#_B*hKD=N>CWu zXd+xh)%=7d=|>1XXKGAF4u=65EX&X-t>cTZcmEHYVr;^WZ}E`VE8qQkg{%7DDX0EV z`v;WG+_n7uGk14&ETr^cX#m}w1lubd8r%V>s}$7Nvl|-4)vH_OP4^%|M{GWz0(IpVO#=yy z6>x0*)~@vo&(S%N;;02-reIbetw@uJx^k&d>ETILU#3J)|Ht}>yp#T)OTGN+nu?g< z8NF|rpQF|`%Fh?aDygy>K3#-UgMXr{n8bzGhwyqSy5YC!NTJ7 zbC%vxqou=wi^o*a6dCV#!NBzh$(mrgaL{iIwXc1~Qe=>uywopvOawp+cbUVZA5#=g z4erxk%MGHQM&m47uSHIR2tC@Uf zfDZWrSZPf9UY;8X3d?wtS&OTsISE5{u85($jwPc6jcv4)IvoQPmsWFVoAopnuybY+ zn1C1?;Pz)6SRWGk6LL=49NC#KyhIZp$v?eCnxsC8Xka8sUdMST){=-uQ&V@L!JvjV zWtqnv8AT^D#V-(VeE&yScQtnr4e6g@iW)}GP|be;>0c&#SgMKusW@WiedCz}*>$YF zCoLq09UQgM$wA|`fFq$+-eGsi64Kv|)ovwY7Ge3faCoFv2rJ8WMy-(5cwdMGZrYAJ zj4Y$@0h5z|-!w(SHnrUH{~Yc;==D2|@IYxSOE0h!nY*d2T(Jqoxo0^0VKlONA|{Gf5#Btdw35stqUgSkAL zA8B2)d^kAr7X+hQRx9$K6D2S02Wz)Y(40g!DgoTaQx{nZ47hNcf|x4|^Oc;9B{fR?w(2TH2=b{TbRR)Yo0OtYdN7UUAC-@6I8{2m!4{N3bM8@8b7G)d8^JwE!!A!b;xJY^s>|c05-W4 z0es@uK|b=&p+zzF4#nTeT`|*85h;Zowx2`$W0Y-1g5AQdSF}WbJntQHy>gBeZh79^ zBGe)x+AJh2A}S)(-2789GX3R4LK>0rYhyD|N%4g{{%Jday;axvF0J|3x_k2@$$dF$ z%&yVr&e(6gBnDxgq<1*P^U6&eY)%Yz{hG=RcCaHVSL= zta?Zed3|#t^;4e~0Hv&Iodfxrr zbZB18?G<;2m@8Ve`1J&lX!e09nU{3cz7YnC7Lnid zpZzb-etx<%=`PM~+95e8w;w8PtNOVt!pTmIVciTUDGyCUBbjldQ$yGrSpCi{!cKLQ zzfE)XsU5TxA4*B`NIg8*nxS-ml&_b;mo`)URjPE(ybV9vDGc+eU`g%-WoEvq?M>ha zNjphiPY}^cmMPkdiQQ_i-Hs(ofedwm-gf!wKJI$UXX5ci%a1nhC#PXjH!>Do$HObz zXQS6_^zI=(wUr&CWwhJA}sK;g{ec%+)a+Eq3%QLhrbnOJc65rV38;?G-y zq167lQ;N9rcDsbynHu}o)8jfpqDxKS?Y~szl;_{f$nCF`f-=1GFSW0~UGsLT{%K+* z>Gs`|_eeiR2;Sjw02log7)SheyLYKSj7>zbNTTSdf%p14e~LFNP$^8pS90b>tr-Ub z5UfhLn5P?C(&YKOxpI3>^^)o91~5Jj`2TV9zi_kOT`|>zE8T*Ri>}2cyUp{eO+IG3 zrtk4@pU~71#nPA;27VNDZNvFTB^wk#rZ z@xMD?`52m_&ubWmvYf)Dv$F|1%1+nluGls62F*L4I~9nr6jSlMQ%U6DZL80z4R+V2 zM-k;PvR1W>g`W33^P z>QPG73V_aDeytPxO1Jjy;`VVSg4}S?BV_E{r90?)_|AQ;S>`Lo+l9r;XK%aTd|f{I zhK`uDxPKNLg6}yr3tw9gtvG?J8=UVSgesO*Li#SZJsfe>HzV`nr3+qzshVCOowFtm<=CbLZ&dU$<881KspccND5;z5t>Bs&Zdhc(EA1uWhGe* z<5Zs;zp5Zo*NkaCzAU1ZUuC_HyKZ`81N@B@M)F2SF5aGUYk+*lQMr!g1A_4lQ{H@9 z<4bKT`6wi7QmI9TSQ?wO%!0CjQY)&{qtc^Ji}AE41~r3yAc@DMU*ypH58{KLNk%@& z1fM0TLR32!KtGTM(O8BopVS?FNh9^q7Bp!*hJ_^j?453|?bg$l5oWvYk8Ozd{+EqMpA0E*vrcU7CE z3rn6K&3kjn5)6*9%nKAzE9$2EtH#PnMM8!IeMQ%sUhOUygH?VWxuLswbjS&*ySJ;* zSA+U=;~FD4`q2X7>)9mrpFM2hxI%z^G!v`vW0npfh&&l-cXZhBtS0}>Qa~|d_Izsy zA06~NBnGEwIfL8qYrt9<2>Har4WIv(n4=VS|l}ad2Uh@Da&s$nha}KCm&!A$f7} zHuqSLUvSssrQS0pr8I?gG{6{Z@9A!)N8-Hi4VvJcaHR0uNNP=)qln7KwN?|N{6hIr zRcaDnZ3<{w(sMEwHs97Pw9Qf*Zy+1F8yU-UJ`rtpZ0IE=!mpZ+s0R=pror?B?^zDK zS?i_33=qaYWK6D%_4kD-A8o6nn{g`eFK6V&LJPXx7_M})rMRi@j*Ik8J_+q% z7hPC{{kj^5tao=AU5)9yu?$)pm(iNKXk7>@do#a!7##tvocfhExLEat5eRNbF1Sib zkZUv+k{dyiyIg>>6m|jv*Ap)(5e?SA`=do@j@F_roEypu6c*fDwMsPys@bD4oV`K- z!U&NEqR!&Bf63*MGsm7VQktghqKsCE0i+ISN|Q8g<}F!_DuR$NB{Ad*pVin<%%mk@ zdA1UL18+4v5~f_yR20j!RN*DE2HOEfgm?^UHl7U6eMj0Mve)v_#!hS4ekztUYz`LglvdY}3z7C#B{phjNVm zrn~K~iLC)i{4MOr^MWNv{Zzu7sd%osM!;!1w)W$Y&ZWF_&KG}K5orImXCi~`d;be+ zAq$!d_Mw2`1i_qNR3{>sZ2}p+{0_Wp6Q)hxN0T>M`$LV(Bqc&S4>RlNf>J#M+I7Ef zOrM-LSc5qD_g0Qqh9kix7K@6U@i-3p(dv3M z^6V$?T5+0_C9VBb(&kIY^U`27d{NGD1j1{5$x#+uj-#jmJS6-|KD;j*+p17boH7s9 z{s2O$uR@p6e(7S-Te7+4HQ^u9XY*pQd=lg-4cB64U*}{z)P1Gc8LTWshuMaD0J5Dq zJgZMAGkSS9R?UNuEFi=psUb0F5tv1I}naM5<>IU7s z_{s7sn1(P3?VT>DT*=K=pD#&MTlO0GRWnRTS=xug==_|;9#@4dcFod+;ggmMAU9cJ z9k&lnSTCQ^D!FATg(SBhzcV42h`}o2{D<{P;(d}9IU2GaB-@CN{r+sHJ0sgLBkyU4 zjl*qEPFl8>=(_$^1#0s?GPcHV)5`o^8x??~0~<_M56}K`IU)VR z!o++hMfnv4z4`HWdQn8bKq4On#g~F^-9X;=)6gSSguvvBc!jTSx4sL}G8!bZntCz# zW|0cd(BF16K=!3DhM&sknV1-^i-evQxh9yir26#Ex6(s+gVSeS!~vaDPbf~!Rr6!C2&v&m~nUPw=o1skT zM){=GB6PKx%;9}S>tXSSf1G_4p|bqj634lrT@4L0h9;Z$c87li#A=*hAcHi-`FZ9R z<>q@Zz$h8VTjN>O{$yN+=wD<70EDxjv`t!c>XqDB-h|q%UX2;uT`a&OX?$;Cs{gr1 z?*kb$P1%JA!ynRC@@CUcaqAj&)d&C4ZydJvfP%*+gde#e2Wp+1IF_k_oQ8jK06_f< zSbEL#sSu~Todi8_Md}{Y2M_FE$-JzLgd>BG{(92 z@8A48*3Oau8wkAyL@H9HxntyLu4>(;mID8wArAQeY9tx+$G@G*J*#!w+207SI1r{iB&My6WLT2>5r0~~QuJp)9rlCHE-8v%y-I6BM1ft&ytP^>34b}<2i2^%M&6LIM zMMv9d^#Gut__XX?yn_TRkwaeAY>*7uXyI9H(%Qg-?;1(aSu3^lh*Rc=oF{Os4Z}ty zONPL`&eenviKEFqTYv=F2D%m;JaIZ=-36gmr?>NTL2p~`wl?n$4l7jH9lDLz_zwKH z-nvMw8rI!+Qp=E&>NIW{tOs-zy4?S?dZX^`8eN}Jlp4Rd=xF6Our*Fu^5!T5T#W^X za-&14kQ!7!1{KS6AZ%&(+$&Fr`M!2L!KcT>() zmnIAs#2T+k@k@CJIOSO*6dEakeytg*ITQo22|^+P8=MYOZ@46)NwSH_qC^bT+4K;` zO~jcO8Cc5nhNbz_Z-XAtA0O${IIu|-v}VNpbA39zf^n=*lXt#QhBQOXOMCIH?S_RR4_tzf-9R!X23CkrgRq^z z#HprmhXIx%{6SCHvs?&0b0H`5tTMWSe=CGQk+SHW|GNd{D3?;4mZz6qum74w2W+$C z`I^-v;jHXdYBjCttz)|S)Z6NthK;u2+s{fcY1z$DwkDB15)QwYw09nRn{8)wI39Se zXucFMgrBw7?(WBbv*^z9THhlGl{h^baIvvT=Q0Xm!QAUbenw*x|LFM#klWP~O%(p7 z5nep|YVvJ3^^Zm9+NA>7n?=**mq!d&VK3M6GGCc~PlXJAto9zJ;UIGIbI@aNsYXpu za6Ds65KjxR5pll&F-zieB<9hAgK)tfRXcYD@@Dzk;7CdQ76ju&yaFu7ktGESIY?XJ z%KBfTtVw)NN8S8ry;%)XY+*9X=eD72?| zi=1aMWMy+>S4Fw$GNFUbQ0p1_o=LK2ikpnz zig)85&I7$r^wJAyOw97Ps5X`qDyjkVPgRr)Va)PDC?YCCRE2c8&z|i#h?m)u2S584 z;c@wE0H8bCPb#PEUg$@~#fN9loe{(H9E|CQfm7nY)l_?gA+71SzBZ99s(q~f7(!ew z!h{nYvB0j!j(kEUf4{B8cL7E9{{j-&;0atPPQP}D4dNt|i+4E$VFWlgraVF=90OA{nn(hQ|*6N}c%0z9LPq>fols-r-oXTeaPPe;WKfFL-^2Tl(;2_IBY zA%t+YNDu83o; z-LPO)JZD?1HSGw_{xtJLlENoGB280H5u!C-vXnJ~ODcJ94ffp?S1fDg<|BS<2mbNF zg#mN(l0qzri0L6>9rDvtOV*W2eyfsc=Di|`H0ATMMsLJRpi$3ce|XsbN<&=jzwVVi zLXD^4U_Nh(@IP9M0Qtzx;xk1scMN$&yQtF$p1|#x8j0AB4jH{L2hrk(*J zPk)|JGnqfZCj7(fb4Ci`By_GIMeKS2f}PXj!noU=^ItNsKkmatPr9yOjfWK$9>FTQ z`|QttRe7{`l7LJGN6?&A`*AsQRXv7-QJ}@X3vZ#cis<`_as=tWl`%N$#^nV4*_8P$ zu;#7kSfe~~0^>)hVuw5E(;F4-kw{zE4S^ zpnY;1TC>;eXRec4b%PlC!g9NOocek-sruL$x(o~GV{EYDIILnKn*F`d;g)y8n+*U zEw17pojz|8(&!X)dnlC5^`zg|WEHI00^qIaM>;wXqocU&2tMO;2VPI@fZF|EAFyVm zd9QcIe%vkxk5tfzZfhIkVECSUq$s$n_K#@d`o%!K2{+%eap5TX?#Zaj#?nqYP>|?x zAJ{RGv<)cmYmcQ3C#*3Om1$~&1S>8}VXu*Xr%PS3{LWEm2n3M$mMO=-$)`Qooc?C^ z*WWmVta5-h`rQx>IbHiBsY>sa)ReTbid&b9j@wWbrI>PhO_twhpl3H zT)9OL4r=(}-?(crNbw*3iUNei_x`OSpicPN*o3PFTpqKVf=ZUVudaagdJpG&k@bwv zye-|Q>v+3OKJg1S+K;v^N#XK{sA1-DLJAF(%7u?ce<6T(*ux5lufy^Iu3IKh|EH{r zoA+8l0y~S>%<rY@^z)4NpzxhOzqZle?&7&R9h{TVz)1T(6Vz|d4#kLd24!({7?SAX&4lWt zDiV9Y5S)bm71Ri!pg%hePF(s%T}3~a2}l1Q6|Of?Q0nBo56l2+`2PPzNe+ldk%G~- z(HYYX*8ORzje{_Em#fpACRWGUD!q8gvjs0~V*2vM2<{r+KeN@d&)wWYHcH|)xIL7? ztO#i1UfA8$tVM%WggCa%0jp`P(Jn&J3NQ!j?*IAnR#~-vgv2>9gF=?nn2U&HEMtGg zAm?Jc>#TFnx&Zk19RcICXpB&8RWUzKw7k!Ov&WmCe+3_DEf<%uJbwJjh#AW=_&^Dd z0t}{NlGBeVc}a4=QX5+$n{=;a$nEU*9a{Xea~F6S))Bm!KJtAp`$9u<@$%0z zoq%kv6Ns<7E&w_ra7vQU<(OF`IB?jJ@}#)B%;wHeu`=K$&YI)mg)ilSFO;7wd{H-$ zg#YH?<~Zfug+%20*Jfw&yIer+-!Vb2)iDaKD-z&(rUl7NN5?hCkE$y*H49lq-Blj z%$#U9`WAH!4cVGM0WIoAVPtx=7z48$LrDTND7hj+_YlQFnSZ{rS`O1mWr#&2RAK-U zQrKOrIndZ!79mEZ^tO~(B~6fNRIZv$<3;dZ(66!pm}=*YK;RRz$uuj>u`*h;#5m2f z!+4FV3Fen_IjZhpAtGc6)oX1O-k*9TTD^pg++Q{8V_N0aixC6B4lWi+w2MHxp}{;k}DDjSSpoi&YE@j^II5owCWS#i+AKwS_0WB z`cd2_o@q@Z`gegLV{#f+I%L67FSRC^%x&6cTPJrg!8Ll zz}gIKlLiM8MM>U-Yw}`R`$beuh)by}vPCk@-&RN5m`n+T;|_$^zU0KS;gq9|G}NP} zp4)5gZBNrI)5SBT^C=+|n7-NrtLej*ungkm)<{`xZWad30=o%JKwlY`NYqBb32|UQ zshZYKh`g{tER;DS!9mf@g7s@u#Ef8C5^EY9pFe)Nc_Srn0FRm6I!kB;*f_=YF?w?C zJ+UGR*^mP~+IdM#aW7c%gNy|^ayd#x z@W~SHOxZl9lc3y<)U!6Q3b0F$IeAnBv_9e+1>{A%`z;r)Z0{)@PumX%NSHD**y{3VTrso%v?+LT<7r6nkx^QK z5sRJq5nL9C1(wgxU<+sY1oD0`RFF;|LrC?b0al!dn?wUTwRb(89X!?aj&UoL!}DoP zwyjGLsl|3F!)OFYKZT%{zEe|=q$!K$9cc92Wh)UoA$|8djha;+^g>loY`~tIlpxxR zgfmX>_2Y!M2$PpF(GkqY`)wX_7Hzo-ool?qW)aa|V4Vl@(OB>;2YGVi>~hvLwBu=Y zst@t55LJ^*6vTin7CVSkN!2?9zicB-gFmzcC)Bt6BRu$VMy#JGN%Mq5$!w~+FkJ0N zs%;NNXhZkYmeb##LIPITSqM>6hfMuBy^h{tCaz7q6!%(_x$c)?je8K>9CR&SNq=T&lemsURP&W75aEt=dVmb zzZKer06+#9tR%o&?FWh<>8Y{cAs6dT>yr-PfytbOF7OVHPm_q>T%yGDe5v-(k(y0Q z5M0=V_*FL-djyb0PJb}J<^77(962Ff%G-sjTBZmtOLQ&|iAyP)<*HBl?c!P$D-j*| z3)}8Q`~g)DvjqLWh^+|T*ri=2`Nw0tm5IH$7pm~Cv>MfFB2NcXkbY%5|^j=9UP&9?sUt`O{gK^4gIV3`|`ZlesPmGwBZP{t_6p)K{qI zxXbtOI@60}Yn5@z&k!$4xmF+7%f+j_$4oO&n?ZcQxZ)PO&lhRwI zD6TSg?25{GH;V+%`>71~i0Y;~t1Nf7u7!J#3i84AyZXnU%ica&*}k)LG+cjq!qE?$^LEwaSS0%F5hlvNQ;zI8Z!|eXTAnY z`7Le-9IfB(GlW%@%;f_Orf>~EzXPnY&BI)8e8V<|{|r7q0ncmTvNG(lva%>NaAi1s zuj?_39YlFnKayXs#=FMEfUo+>w+aduSy_zWz zHyebDqv3e%!5hFpZ&nAg(zyJ2nUNkYWFxD-;vqKaJBq_rGM2-~QWR=uWm)z5b?gfa z^N+rS>D$|`i3s^l^rt3nFc^RHj~_qy%-agwUM?=dbt~?|6%+2k zPJgT<=@1IMz)lO6@^33R%}Q$cj0tbaK~3;HEERp9`JVZ_C~&QJ5$ z)yEL1WTVJ%T9jq9iazeBx9$6QfS0q}W@kz#(5==y1f#>Oh<{`BQI zIl_G0ayc`y(*V+LN?fR|a2_4SWb>dw#Jg`+8uV%q}eP8X~KA(phI%q=I2U|1S8d;r5MUbrg8+^!DRkS0a{UlqDKQ zHRYSSI(l)>@?U$FUBTifq326+#{^cxx%@VuJRzrK^47%Cr=?7&DH}SVG{WUc3 zlOtd7n4ac@UF1Mv!yWTL?B+Av!$vD*2+of?;7fjr5qqJ<5t-ol0OEOl4jX070}70^ zCePJT%WEVhvjDG2!|z^f25@GC7(ONM^+9TwEA1I8h@jJ0=4$(Wt!WD>6O;eObV=BG zTo?obDHgh4Ueqaq&YI~~*fLHzXrVLc3{K7kS^#h|@aK;H5b(3^P${fLW8A=DA;cz;hXcf2IVjU2+_&7r3>D zPGXZU!mY|jmWZCwbv=9g_!)x+KioR#eo3l#jxI73-vTTLv`m=jQdySYwSTaek>pgv z^+h5D5408a{fu;S@^hROxKN1zqVcz;$ zt6-OOvy!O;^dJ8K0Wda-4^h4*(}<=}3&S0(`A-uB>OV9!2~iQ0ewv*<_6s}nGukS6 z+p)R1`2=+fl@KMd(KDZ9iLMHBVSIz4Wz0-&s*@!t@MuC*j^}7?LQq};jv9r+FxaTw z!qzXm(18bzTMXRdIeH2q zgaApE^cyc0B^AB^SUhWW7o6(YBoD+)$-zPqEygf?PIvsVv+f{dPM3!TVd!QZJs`T zK&Q_~$IiFCN+8O;PnL!zya|##n0&lfyyPt*N4^#mFu;bPT*G7ff&1yZ^0u~%A(>l# zKh#a_0tqFz;Us8M$RNxZVa}ryVfR~H(RQX>Z77AV%%bLKIaOwGlp%0~2_DW<7_j!B zBWK@iDIxhEw!^|;CHzkDO@ENp+ISw+_E%R(_>|GQX*fM|56{O zvx1mV8CAkZQsZ#xn`47WR-ygZ6=zBQ-}GnW7(!KL(ER1&>mc2=wS>KP?bAI!Y~~uQ zHGNF_qll&F=H^u6!eyKY)zN{3;4JL+3ehRudsu(EKead+cG-5VVljHR`TjyCn0>Ez z%GF&m?DW%t@h?8F?C<%vGl%oQBZv-5)X9B>dW8xgdy#+Wkle?9ycwTAe?A}%+`ez` zDF`tZV;Q1kGDSp67ZICspK43c3fdD)Wthx;ktJ`^BO#Ci*u9vTm|5V=z#8b8;6fVLF`;k8Bb1$U4?Uu3*JE2;>(A(6n`O5qRF$Qz z+`rii`xXDEA##269v*-B@+CS1M()>aLT=uRY#VszPrlLI!=l9a?=%Z;N2|w@ycNSV z;oDXG2uN$d(b~cC5E%)Qd|)faSS1*X6avPJ;M{!1H@Vt4L|?{bQf{lu4a01&aBTVU zi5}=bcJgdi2z5K8C5dSRx*aNAnmrTN?%T^PN}FtS+iKow%AlGd<_|b{8^nIDo&JdQ-Q8kXcL3&AN*7 zb`O+;DRmc99q+XKf&$ZKKpZ}C(2mtaQ3y*q4k{T4J32zacIK-RS`QFtN?WEtX%32v z&ojxzAGz#$-AKaRbYoz%Gv6HeVo+zUtx+Sw^Y%~uEuIfZ(s!FmBveRNkWp#7cy32l zJ{JvNLE0_On}@JmX*x>3DCG2kPssJb5Tj&>xkK3L`y%UfoD3jVvXTA|KvgI|Ny88g zCm_I1I{XPi;TYQ(!qO!3Mus`&9f6+%O>8OKOYj&SF0kH@n-?rs!@ZqKMCDYHEUSlMl>-n%l5d z{D}?@OVcCx-R!evg!cN^^_u9MYQxj6{XYCGWqEc>)+ivH8tU!sz0egB^sUYuypCjb z?U`#&LN{-^NhHJxV)erM;NUvrI6at(Wwn*5BhAUfQy>#|3*4{acGyI;j1-EL=KUzg zy6;Tz46Mc~W8{KuNSvLWbDCHaJfd#MX?QXT69BU4w_q$OJHe&|g&2VjcUT)9 z{(Wt`smYXuqzOw?l>|+X2A3IRwLW8Yu(kc&fkUX2&>|=IqD&=KnJ9uK`ZL(Qd+;Cf zgpV-ISf%>??`;+OfN1SBT>>zgNZ;dV9ARGg0ZsM0cQZJfNcV}oxyEJSZmq4Y6_&_Q zZfqqF*YbaQfYc{C-tQ+q0txb1Pn-{-EYBv8ap3SWG1tm6?(f~*?s;F43QC{M8eH!^ zpuJt;kXfovIpEQ&K&|NYGjvrl`uXD*MG<8GA@xU{zx5G7P-|R;N%6S%&AKcvaegn- z>bTw!i6 z?!y3~pQZu@?n@W>&#$#iyMo(bX-z;pQ8=TH^aZQA5h{ZfOW0oLS&b3b%>| z{S}VtM#{`+e_14|HYI(u=i1q`@c+APJm zWPiY3x+jLjmBSPQ^>XpvGLWmID+2x6{nUlG*{6B!qG00ru*>_6V=PO&Pb*!AmGnF1Bq}-lSXoxEjxzHCidX|Gjp6aH%9z?L|Hx>B z>q0B+`#ZZ0CHA%KIveow0qk78!sp*O~sAxe3yxQK>ufT*X!K47h* zm?E!@#>lYRKsAlh29@U&{&ok-9&cYkhsp9pUrp_`x>j;ke{Gy^Nj7vH8>J+a10HF3 zow7iG*ME|qQ^@5j_W?5n>*0$53uH+f8YAvl8KYv;z^~)W(;w~;cK%~K3vHQuO_6*T zbrPFf_1zXN&*=_<%2x1UB8~-q=gN1P>m_2@P5`R}((ezV=(D608Fg51h_ugy&x9-R zUz_J&R!}d)!a!qji~?2KDsHT?5XU*< zv?nc3s-})kP33gCMbQ=Tet@C(VH5ePJKH2Ouk?xNbi)bc>3~=Omr|{*-g$@|H>Nd( zdia0_rxc!&E_^kQ>dxVG1fQzWkNyEe+e4%L$n#>ARJD%X#9snL;50kDYD;3T< zvpx|8qlKQJh8fS`3^yymz`Ub!{8SA7;V6RkkFcNI8XjvtOTlA&5^6}@-TA??_dDd9 zKyddoX`Gxt)A{I&x!3^(FHBuZCDm&m{>k!2)n%rQQcLqc5w2-c>B^BM}-v`Rc}* z3$-CMczyj8Pn{l!h>v?L46wP?Eh?r3T|rb|R4DES{E-|CQ{w;*s<2A^TjB!ukLuf| zjt>pxq#!KgZ{oeyz$`aA+cn$r_2WH1M3z3|TEZ^IIq0c65RRnlXa(d?uAP1zyy2*q z3>!Z9`XS%Ylz7d8?`iI4V4&8?Oh21l^K+-xe!5^FuU$_3iij?!U6Ey{8BloTdzr(- zDA82{2lzfAnfXrv*7@g`z)O4t@?Dnyu2?-r!+l3CQ?U^}t{%vnzX&#h8QFhIai4Pg z5nw-dY5?SxyUqn8kum!JV$RUXfwlSd+yyPpr|E0`R7=e$kSI5rc<43yww8?8xL(}C z%zQm-uy38$43q3wRSBIC@%tm4v=ty@NPvJfe%tE0o^|0%&8r&z?M$;$dqCC>{HgjR zo-xx+EP1sV_gc3+qeXo40$kcU)0?!Q8)z%X_aTKRxU3;NB*(|(U@=*I6Dhn0)HLR= zndRkaoE-N#1*u@sW6S~H3KhWR*{Ti`6bFe@iA5NV6NE>CHWnzRfky;}08jVVd8(iT z9C6x(lAB)NQGhGq08vpR2qd^aYx1~R5P!>+=qd5ixqjV(^KA{;ky4^}pR6pcg52{& zV+6?7!#Z9LU9;y}POcO?y{IZ@PJV!dh!jgtSD-#^JaN78(JH7+7v!eC96UbeFwtqI zsHs2#INpobBaS}(c1X~{cyGWb!{eAZW@7*&Ey~IT0zKlVWa@PT zn}WC=G3cV@*qO;jM$i`wu)oer%ym=de@25;HaD+gDMVwlVx$~0gVOz3W$JjdI~fTt z{+6plSs%^i^{PZ&h*G8gm{s-u8__G~$MIrGkKCW~{}upzQymcl4LaR!{ATDQbkTK= zOdNAa{cOnJTKecC%QN4lh3e9G51nvmTCKKs+HnLf(Gb&P(>$6W6prygw4y7FZQ->+8RM(CM4g(yE22~H*ba5r&A11U|KiJl ze!`D-pSNZ0D@KXS_U{XLV||3O{05$f_dge1D;N>;?G(F}nE3d3Bf>Z2VC^LksUVTx zGXfPB9I(PUW0vo<2eUL-(WY}p5*@ZN@@4SUrB$wxLoMjJcnJ=GK@c9CM^B4;l?FJ0 z`R{F7mCAA-OlaL+X3-#zJX)p*p5AXC!1@ks@^%^F23^;Qm%=`xb?AMsHS;|Az4mTH zus7bAd^y2yfwplF?{yjJJ|tvH6zU<7M|HjPE^zIOPDo-0+rmpRRH5KM!U_b`S*b5) z6Pd(Vi>)n67}fgl>rf8fl=Hs9(!QV4(926Jm(nUPEk{!6=v*kY`&6}3O^NZDBoIBy zjfE=-=caHNFU87ed;?pSu6zkAdLR)Z?ZS)rdm5>gngE%xXf$g7M3<=mTm1#E`7@to z`5=X6Up9g|K3DfvES!%ICfdxyHa8aC#4ivtX-w|ZsRPaRwejh@Z_Cyo&KjMp`;AO4LV?4W1(pY&k(UrN#{?LK_{pP%(t zPySzev@P{r4G9h%^yU{%8AV zU1w5nzc?%U@R&59I1ISu<2S1b-Ro2a8|%J)HIf{uiVA+nmD1-WF9*vqiKFaCV#doC zR2x+4o6<7#VD)9{nCGXGOCL`w#OF?lKF?{3WMvJ$yZR+c~_XxpVFFOZL3< zm!yV@SZ4ZHu(nK!_fJYP4{1d^EIFRu%R=-a}oU|F$;( zDB`Q^0pXPO0?@SxaQ31;Bc)ci%f?FokC57T)N`dZuePc z+q

gWXdlXYRUD>YzV*+l$4(+B{|61@XokM=5roWU2l}%Ok=2N6JE$sDTcI+7_z8 zP)n;`1HpMtc&atB3Z(h&3%p*K&hH=L=_DSnSY;{JsZxnPHv=Z)prxr9BN$~3fw`iO z`ra*DkiHUir0#$yNa`Ab=|p{OLpxV*h4`Q^6~mC!EsZsrnU|kPLP;o!w-Bea7zQFnG~{CZo}nZE z1YQ7*&0GSl4UA`+|18ADYGxG?CO~vBD(hn3k%EdMY`t3`AH3ElTc0R`UZ5bx%^_@y zDXg%UxeTHPP7SK}`?2veO_IyM9XJ+}Cz)Tm0vIks@w-tt+AG#*V z^t?;k)#8JQgno(PXN>7Hic2Nw3X1FpvUwTFfmAN$C#ZR5cxWPWvupYEY^9{VAh)~O zp3oYH2R#_j9-|3x4A7t=>U{$tB-}omw=!3Ktp~vjE#+;J!wS4BU`}8|QXV!wd|nn= z2py)4P}GlzcLGp372Cc3BA9nzUifxxz-ZGC3L<>L(a9*BhV8(i8Ne@dMjm=olE>69u}I z3Cp@-w6|B?cR_IDC*BuY9aTCof^{zI+!T^%TPzY)R&tL7Z#sM>|KXpdxfjZn5L|>V z?N-i1S^Kn%$-aD9xA=BaR#~W`>*wzWoEmX8z+rgLQy;GsJ@%W7$7|;TE4+Jj8E)mtrE(am(npzk(jKiv^Z*UCgB0RdPp;v zu?FckS%m>xCpFl|aq=oH`T9w{*z+*z-+GR~e6R={;a-W4pUq3=0D<5H>``W8tF})Z zY(#Uw37T_RH&^`PUqZ|ex7&gKhl6~^4mAeZ0Fj@*++WmMRET2vY+5s~8zHS~I#9VszNFEbCuL8HZ47;I3wVFG|L zz{nyWk|&UoBq@~YBIYV&=gAluSs-sgQ)3p7*Ga>NiY*$0R}9(e>2cLuH7GmB84oF(ubPH|2h9HI52`j&XKr1VyWzk3zFdVTzcjG=)m^={F;8>Pt1tzTi|>4N@OvI{97wZCWs6&~aTO5~6riD^{i zAPpjkY*2jJ%Va49h0&3gY5I}sC4JNBlO+k%g)f8U_>>0z1qzSIB5?@8-==h4x4vP` zmW1cs#i{TovzAclfeWaAS?BX!!v)k+USXBsU{*ZM!phN4h5|*JnMP3%>@05k-Ere> zADgJnymZrv=TQ8PutVK$b(`4R4+6&brlIHp0(eA|`j`v8#zRzV51#@uTHi}~3uSw4 zKTsdo} zodgc%Y-it^0yh61*I&W8A7PQubl z==Zk~`?k<%xpunV)6%5*xIaI3L&V1n^JkX4KexkZhTF)-}{T~Xz+~QS{ z+BfMTAG$tQrTHBH#)Su_Os9Yyi7_w*AeFSg zLfi=!F(mtH4;Fur(M`+0S?L2#%m8ld6>aN_FkQ3cPot4K+>Sg`d$`eADvIeo<^l!49yk>|%6 zG#o|M9RHu62_@fujJ|^oYb{|cGD9z{{S`3x@0#ceIh^W6w>B@bbiE9V+p_CRdCHQ` zJDlH6b@tDd;dj>C4j;b6?7m$I4KO0lsrf-=hE3*)#=;*v4AHCE*c+jUjuLiZPXKjC zuelr)Yw_l%3HFvrY{^dnPN!PhwRYAN#n*>y6h-I1zx|sw0ISC3!beF@=y}(mFD|Jp zXr#~~O~!1qw$SQ}>_SG-BrmWKB#8LLnKb;FHq*=cMbhO;x3-y9;_|)7w@@QbY3X5L z7Tvqw3teZyW^VAAF_E|>Sqmr*X#11L!A68sv`h0tCgF86=wY<`fBR1-EAU#J9NdKK z^7BzCHI~$R>Q(FwnXf0;=4rnHe=z)0uHX9}as8c>cx5D5x6nE7?`(3!q*%e|^{Hb# zQrHVYQ@-z90HX@j1ihv)$}w&c9BkNMYd5JKB||o*hd)_ebQ_#G{>&&6*aOnmDn0IJ z$IJgs=`({!>#RA-E3lv`Af&-n+-X2Pd@CLj>yOv^NpImv#NvmW1tZe0i9d@L=qyC9 zME)USkfU+T4fT&yS{^C{`jznNaI#luYGxZ~6OvZO68K-97dz(}oXLLHO^F#nDt>Kr zO*2!%2(hhBsSv;g-Ms6gF1YV`YsJ}it+Z7WLC^(c3%Eu9aI5;A_!*PG?#gSTm@E2S z?X!#IY~*70^?el;i;ec_yKR6V z;gFk1$oZ1pm4WH_f3eg8x`F$jPg1-oI*<37F0i$!ELn66bsl1D)dR2RZ+>mW&Nvk+k&N>og4e&rkl?0WkFJ50Sve)Fwb7GgeE5@ zu17Y1b;#vHEKUNHEa4ttW(VRU`F<9E+n^Po!Mt?ukSK9@g}L5W1L_8);^yX*#SPS2 zMtFt-=FtHJKyUqEXcRp2(LZ5%S)hq(*%m`}pX2)G%*XET4Y8 z>@Wt*N?Dyj!M67DeDl><7Yr;ZB%>}Lo&eBNyu03mB2@4R!k67_7*~v1KCS-q4E?Xy zZ%j-~9`_`L^17&3CnrVob4-Vlp0@R$sj!7pDIqBsBVWwi)YY*%@M5x)lKSCb47b7O z7Q@;2)A_*chfkenDz%IF-$58>AA$SVDVTcK+AYVQV*gcTu(CLA{Y0ZEL!@a2lRPlC z%drGQ@1`#+q9(Hy+6e+*mYZ8!`6$%qmVs9(B8~WbV9+{mZ~5s?x{Zp$GQv(6E#9x8 zp?sdKJEz0hhK2?_BAEdB_t1Y82W|f+=pwyS+N_{RY(DF(8twCgXD8*v0m!bMH~$*Y ziKc`Eh)-7B>E&f4bJArxT3QH6_FrmhY7pLqnHLo7jmOK& zAHxmGVY&Ro-`#CtIFkAMM+;u##v=G)B}#t92iP7$c^*tC8LHCbRPgQSJj=?O~JjjVrEf`T_utO&w&-cRmIrD&7NNaI~# z2DqtJoSm%ijd%5RGb+lDNh;o%eSxh@#o*y1={uFbC`S4|V z0b6jK`YtTQ$!>?+5$-kC@V-ietWc+?d#7;Y-}+B8fcRGqXL!R07z>d22l^|;jFM4H zH)D(34+bMuE9!08JXcL)`fiS**MEitx4-BY^ly|^)D{!>)wCHDLo?tGv@+{=5{8KZ zpA{*7k84IQlt)D3{Ba4w5OZOvaY^$$I5A@j(m)fLJ!Lb@o-CPU^6?yh>W%r|6T%rbWdDV&*aY9bsp(=h<`1%~NyBJ+zRY12Fbj+pIEVYQ>`Q+ZtYc`H z8)}r|1ptWoMR80DW-?YIYcQ%AjH5E>Bzd_VSmty-npZ7WP$po{#~pve3oT*xY9F^x zO8_QGgdrQCM}Y1r!BLzTAn}R3_`57=AzR(S+|9Prwd%C@pR-EDYC8MxKIAj&g1$78 zkw;5SC}T7)54n<=ybiEqlpP6^oHV5Pt7g+wD-MC<5w-mynjKfOAKcvB`u(1xj4(0! zu+SC7y5S+W2?z+j8W;Yc{-=?_UqMNakO%+E{_Z)68{JFs*v`voYWr)Ux{kBQ1<3(@ zudZQrGlzTGAxl*tD0$Wv0ux3nbWaz1Kxcq93h?=A6^YNvdIp%20gD)c9bw+94loo} zdnFePjd1Vz&Z>5vf8TaEg-t-#$nX$Sef&h6725MvuM$Wo!z+Q+fs_DUY8>+bsua%}@2#;V~@58ubE+xph++=Nk1jExcgqY>erXy(Mdt^ys#e_<&8 zv|mKo8K`{3?1|e$z#gMYD!h{YBm!Tb(yY6KFikySE&2ZjP#|6^R&RpQ7cy(Nn1rO{ z0Jul)e}z61ltlME2Q%Y_rQ`lu=2jy3O1%!9_FkZ^=tY31Hp=9&gDei4;*Ls$O$Ut~ z1{63z9pWfHnKam}hIFoV+q69Yu}q@TqxCs*p<;Pv^XV;E7Ao+VLJa?^?_`K1mD~Ar z{lN-72XCVQgflmJp23<@qUS!rheAPgld<3VqeA;arH1iJgfQRRbBhi4c7K#AT8a1q zJ8`Y}wZU@kKpS7kaJRn`ZuYLc>z-j+Z<*V#F8o2gZD`WE5c-T@CBjRB*@& z(H$w1KXJnSQQcU{As~TZ*Y^+k9_q56kRrrlrWY5(uaq=-2)Xj^x3ljqc3D0&BAuT$W&z$fcT?9G--oK)}9OKmxz$Pq8TI@C@>i=N(?MW2d8N>w|84y+Y z^o3)+<-~0;15hXe5G8qBYYu_-_V(W|Cvk>I!P7T2F$vYD;K)x=%WVsj;>iS^ zn{{3mdU|$InE<7KR`DKUwe>%b?EJXb6$Pt1K6!1gA$qgtp5Is=U1STKUKF0(wcJqw zj}S@-FjZeX`WsFS8u5A`n!Xf1?Q?hCy>a%kN@8h0g)EGX8N?aPVbH9?B_bkfvRPYg zu*B(W;ejV$Z8Y2z#<6}ef`XJ_{bbe0 zWCNadFLP7p)N&nM#947q3%x_x3KjRj;NS)M(SAEjy+Pw9=r7wl4y6kp@SPS~3v4GO zC#02sQ5-OEe;{wgB$r=j*Bg?o~*EB9{;oFI&yvsH@O! zkAe|^EH`{|gqvUzXf?!vgU)h4po`6*#O#5j+>52m!!=74aAR+fPRXS1t`nI<_R|3S z6;!0r88~^hzCQc#`xEV_VS8yZg2p%GBBhw{@THJV95@EG(~_(23~#}9FBgc9)8~#k z8*sxq3+r3Ng6v;%eX z8Z~!!KL2@(y(IE$p%@KF%pTib3myn$BtO#Um1yfkf8Q3cdUGO>$;2-41xqxQkh-tI zIsV5ON`ioZH_#fz1j3*9-`K)D0FeHZTVS-RN{IgC`x{;njx2~)f=xLR2Q0+mslnt3 z(z2w~RQT>5vhm~c>drhl@YY|-`)rbCiDC9Qh;wU68{p_+&ENOo=!?bZx%+oLJ={!D zb%1N>q&Pn{&0k39{>9D8kY96DGM8o(}gt#%s4c*$2dR(!%D7pk9#mI3=CqShE`1dvPK0Ur^Tn(%p z|G?d(Q7eW59*u&vo)A2gn>wnDT?YAHVd%dFJSN_vsJVU{_t7Lm3N#E=Ws+xzBVFT& zV<GC5Si(&Hq8|>kso`4?<_Z_Cno-cn%;j46Z#gh9Lr9v# zPEv#H{(Znl!*g^Q)E+sU5qX*M{8W{q@&`fSM?!o%1PQt9Urjc`l~DNI|1*h5{+F5t zakm0`A2MNQ>!07-7utQ=sp9;df=$-DsZ2|X){AMih8JNGI5PiiiM-(hHQK?Kk1a{> zZZ=L(7EJezpMqq+^w)ctA8tpXEm@9!Tv2tf)37$JdaI%B2FL$j`afRPORXgn%${zK zvy~qRi(wH%xR(}bX&c4K$i1)u3emWtq8QXryVT z0G~Me1?A-6e-~ubS)GCOSGeDoDDf8ZMp!~}Ewsota?>MGc{}T1d5N~ruM{-e{*{|6 z1^J%o|C)v3<*~vB8MeO>c;MLwVE60}-7bPo@k0Cv&H4~)$=9-DmwY$@xoCIPS{{nm`S zwL9S134pW9^9%{1cnxKmTu#(+FnmKyHd20LhA~oHNiGUeh1@=@CTM+<=)K9i=UY}$ zX|C!Rmh;@7AkPN%m5Yq#D{(IIKv)%dJ&EOAzj)=qY_@Ihrhk8|(oT8}cQbddm9(YC z!lrVZ`X2R*hJk~irZVj1ii|l}&0$OCY>#7MLQE(_R7KQnRNGK7@;qD-_)W~S*A7?> zrODdRrW0mXqELyc7UNWL8XqIzK~vkm_r2#&-jA=vX=$^H95+0p-X>v;vkIYX&`mjX z7gsNLf!FOE;TQV6)L(W*1z+HR2vhdC%}5+iwMU)d%dGdxe-lN5M$&itdHg50#2J~O zihrn)9PTviUMQw`Mqn*D85$DXhQaSq!4O)*qh|O}Q~@f3GBMZa+gf>Sy!kmhY!96hS&@Lsxb|D;< zlKnbtsrR3sZK>{s93sLy+q-{1?|)5OW69Bq?$R7SMC5N*j%fNZJFVtuq*HTi`RA&1 zA}`fCr?z|l%1!m)f@W@4@iYDX#?Dtf?jf@^`gEVW`IN&2O|R9M9vp{z{EwXyZTz2W zL%Q@D&qrL=KBhJP+7D}OpJ+i$>bPn{(WqKbGPdJe{$atfTe(m(bAT}X;@)=zBU@2r zFjN@@jGUj{7s{0C??PTK$G6MfCW3eBc9|cmU!HzvdA%0l*da(T_tm_834)&Wb*0qX zN3QJU2_L_rNfQ_4-VjLfh_!jXP6;()ZALAE%g6Oq5$%DdrDhI>l_@S-);~Fe-M*I} zh$iYlT9uLgU&G-#e2oMb*CY8>t`ux~(UEmmo>KW;3{|hbnGbf4H)v1zyUA1Ob7C@u zV>3qTW#e?bqsidsx7{9^dU*G<&3$kaeqKO1Cxw4}>ynFSd7?s=SLpdpaZG>E=??$k z$WPZJ`g!c-NpTM0*Ro&93WiR{mqSfi%>kV+V=sKxJ+n5}Cra9hPCqv48weWJXBTfs z-ksG+dfy58oc6dpUj&qL>>LT&LR(T0lCgi9Hx{2DsFJ(s#z2x04+Teq{~`~k8~#w!rDf%C=wwGpxn zv~{x3!TB7&7g`&E@e`Nk_Y-7y$O&Puy86+Far6Van|#ozg!@1C^GYWHjeCYC3i_Ak zpiKW~|FXgB!C43W?dNG)u`G|1mVnnNDu2GKF=FS#_yA9bI-Rz5JZwfSUyco~(V#`f zjK!O-7q3lWO-oCLER$)GcZpb%>%6(YXUa9dD(ynjc1IYVL5k&$0?fRW>90{qjp)IK zXT@o52(f6dXXoFUBxPzgbVeJd->^m4)psbA@pe!lU=EIs7X3`O>6AuO2E516j>#Ul z@D+F>+mC?z-eyd&QlOX}y5eil2toh|?Ft;cX$x{zM^X|tLfo*W6220U%`Ge|xAAW{ zhGbY10e`KpV;>04XQ2f-UnwSz>F(Rjz(9>^P3w^~20vAq_s&h*_NeUH-h1X!GxWO~ zEBFL>r?Z>gNK~9a5I4XPn%myyaoGe~&6qO=>f!JVYohQ_;8PqLzh@nP({W-D03Q2@ zC!)F=>0fJK#v|^-4I2G{Tddnf3C%=)TpQ1(LH3O?Rl6|YN?N(B=7rG&$e`Jlg++*A{%Mc`SQ>KHZX?`C zps$+|3gle1q81i(ldmfi<%1+94iTDAh2YG8xD+MX5Z*mVwgC*~k21=+r z$D%IcD$8^I1qyR&S6b0>^#7#Mck-qTGdz`Q19{!wl~bx0Q8)~mS?X`ZqnNBO`o0Rr zB;0842D(R|IGaHH2BerWaK=%c#EjAM3#Q~*`$tE|%n&mRdw=i;ZP>?HR?y$wQa%E* z3WH{{`&T+>v%;k5%{cvH3Lsy+Dr`o|ED!yHDl8$`Po)$ZYUGoMb)jE=LXMVjn~ABN z< zbTV}_-|oyP4I^U$@7c(z2ST7`D*7K&GQLoN;FxCutL<;6Gyjm*m6B{URE$=+oFp;K0;=A_6H6J>inXj^ij_DY{YlXC50^~PL}P^G#) z@+1&X{Ml8i`IJH=QH%hZ`O-X)ucen~4|5_iL0V*!lsMdw4gPx}KYbouGui*WQ)V_X zM57Fxz~^g3B6EN2wC8z&gz=ISo&e3@$ptenktn;MGxzJk*s?(r#G;)29Cs zf%97Moy6@4B{G1c0@Q%HT&NO^i9H=$8={!?=)N*JJsJ{dq`f&Ba8G(AM+$2-Bd3fj z3%`L{5k5Ko-MjkDY>)|lkjihG15pB#oSQYeI4yE-GLrHQF8V#X-~u={8Kdw1tTNpc zaS3$jD0IwLwHw!Ya5Hjv;bG9!S!fMzv05mwGGoFr(6d>?-{_Vi!L-e9cJ7X3p@s+H$ zRK(}G!DWfI@~|Gq40b7528Fqfc^7lJ9j33te4C*C^*ZMNbN9TtJu=wP9zOn^}S^$Yh54DAflM>qHbrC!GdXLopZw-P^y{@{V7tspv#MSYDy1ov^o2j} z+m+49z_F1##u>v8a$u$-R|wtLx{=_FGl}EW?R`9Sg-lWwWR>N+f>G}wda3KNg05>} z+^`hO2LkPTt?`vD2KmBypWNlUM2!16IeL2a;#xGdTeAPIy~US93pb1+JpvTP!Dp+D zZABUlF9_rZpV!_k=e=b*^lKV>3RP@c|#sWr=7m;Pssgys{ z86-L-IWi@Y5kh|&@Qw*@(}`;akC9qd_FoM?_pimmID#mc#sA3+VIWpO;kK6l3BL*z zG2*0z@+@U4YtxqcD6%DFL9WBw(DxSXfYUizay=|z{q4%dqb7^sKZ|d}>-oD5_G@c> zb<~XI+Fr<&GG7Q(T$F8w_Xh>P*>q*X~N5(Ez)MWZ!<|~KD%Oc!KroiVmi4!SCx$i@}sL07GLBo(){JQ-|xc~8l*0@Uehz& zbOC1yI;P{mu|pSkQDL^7nqh_@VBeoT{OdTm+-M%=3=fix70pi>TE^E1*b_6pA`A=8 z8R9vKyrczcyI?@k&QH{m{MFlWaCv+-_MmP>S4R5(fGhR6`UTI+!gZrtz=n8Ug$8i~ z^B~%(Ofk&Ot9VwWK;ncA9`SKmG`0};5#5*;$ic@zQcTB!ynBE1moew-4fjL?g2r*Bs^9XA9>udwd*eVJDfV63pBb)%UfyJi|p# zD)55HllD_Hj6{_Ji}Di3$i}2QaJ^Qm=9$--Pwq|EOWIDD7h;uPB-oxNllwopn6WK= zXFonP)$P^&Syx_AUCdI4ZB?5*x~aH z8^48IvuUaBlmC^h{vwmC*DIG++j%z5)i`CsXF4HYKWmd5WmIccyHg>SfdQD3>ju!gIbIf5DO*{=RS1J!w zCJH{o7@r;Q^E6y=J5Gcti1#BN@jdXSu_j)|AU1uFb3z-5H(0^Y4{CTYC*=}{X7fLk zE#OW)!((|UV2EfiL{#3;#-x`mNcim@%IU+1Ts?5gpV?J zG&>A$>l)X&$kPkHEwvpBY0$*EV`|YFnO%-z)34-9>iTovAb8!X(l%vr!@baciRFEK zpQQW3ABU{pOBA`G{1Op=rQnl)E&ldC8v-f6a;0?oh0qmAj=Ew%m@WM;J`b!b|B_=j z#s6yStQ2ZG5=Iq3Ux}cj79qUf8g%X>RBuvY2~WZ0f_RX@%la9N(FFK5v>Ks^#f%R-7(; zVv;?6nd;5wABVuNdo_J&X?*#WZN-sI4uHeHb^mT2f$IBpwAmI`Vg%Y?l)><^^(ij_ zlb`SLd3XOJ=g3Lo*HM@^Q7m6xPwEgJ4vi`Pn!o(jlKJQ3;>*M~luxt!-cwvh_B>I; zs#3uy#?%YGN(c8cG#tMV)t^t%PeYqs?g!aE&k@|KcY-nH-$scd8(SW0T_mFKvR_U& z^YK#Ev2PSfo@T)B*-u>yzFc2AD1hX}!{n)hjPK1cZ)DFUb$`HGWSVS^>kkEA6Y-6n zf#x3_&q1XN?d0a#j9$GfFBRw#5{8rvf7QEFT`p0C5w}@t7$a08zWuisX&JZDk<@)Z z6F>Td7VW_`=k3bKtiimUsa>0cZoJbo)4&GuO*rz)V$^tl)M-@IY3KECzx3z#M7bSA zv6-_RQ{gfffh??EOZEOWRkt2ogqUJF)*>-CH^bIWYyU;&PO zejO?FfD#bqsAwws-5kR}Kft?05*cqcPAtH|7FaF>il z>?)cK^y+xmos0LCr1#tY)h>lMAI2_oaW^LZWc-yy%f)*_e(4^2NwdicWSGnHXAJRw zv>>WdC#q^_%3NEvudpoBCT7me_S)Nge6&g)(?3MeUM4H2(Nfa5TOOjA9Ls2G5$!an zn?a*vt{YA5avW)8^0T!%z8}FTlDmLCEN8riiAV;0sFvEwm5uX7LE&1ZimRlN%`T0P zJIJ$|I+?lsjd8#D^b3@AicQea-Vr^tNC`}*`?@wBFAfm)pCDpBfL3s)%xfqxqR1*! zvSQ_v#vEdxl{KJ{-aip1ptq^@q=nt&`=St?-+JpT$-i7Br~=)ck1Zy~D(>3Pe}aS$ zGg5@$ZmOIioM>bCrarQHupai;g!NXue182ecS=8PN7voRKtlH2-Uc@M)e8g1)D6nd zmL2z6QSm322k?t`{T^ls37z@wK+z}v!9`=q(+Fn)KWe^1xws>@d%IeoEobCg?nq<( zN^3#>$zjx@I8g)Qm$~6KUBO-Fk>#ZZ2OIUVF71}n$FS&c)q0N2f=*SwecMgVPwV|j z`cL>z}-THr2Z^3lAPuYXD8Pr#Puyodi&Q&7k-8%h}9<^sIJ z`$nKf`d(g+GvPheXBuA0XKO2uEgx39R35DKLo|<}^FrTaNoFAAHOkE7VPl1qiJP8t z&X-m4Fu>-r^X6cg(*8o-fnb+OVM9vY4ICyj34FQ9aQe2eaI>@HAMaIuU(GfT_jQX%U?)l6v%`#lj7$_8a!xV}Xdn+HI)*);7M#KTt zESM`RN1s$+^*r4uvR&#z@3#Ef+9yRw%7A`mSLs7WxG7e$o8r{28r3cq_1KG~^#MV{ zJ`3k}Lpqitc{lGrqr3PnQRd5ca+{+*25-q5NqEp=#DC}tLv$%A^n~47cMM33}4n_d4J#_m@&{^ zFayg%M$9iU9BGPhy^a@ve;SuNqC1g8PUn*x8M zjouz{)J9_sc9K+Ln6NGM*xrxQ?6Pr58gmnj?BQOlPI$glfYoI6G1kftgXo4sZY|Bz zybx^etg4EYpIZt`uXkbL_cDIp(X{s9$+9W+4rAqzR#iF5KqJCw=~Uh&-4d}PoctD16jrDtcQJ%C-UrU5=9LQ&3Y`g zPrA2FbnDNLe(jA#c}=GVP8<2-j9P_!QbhQe5swvGqs)H}JHK5x`y^?eF0>baR_UKE z=u|=pId&zsTt55Q6ZOf<14RC<5i|--)f_LF){$tnxr={!uDWdhmXY_X``f`}*@VlH5+Y$_ zlU{OP1ovC+e0-k!cJ+u-Rn_8PmlOZ2wsO=Rw%|DLJHONNC9G#R3x)QrF&0&9x7tBP z{Q3iFBn6Vl6qy{iZwH+qx4Sz$((+SXc?z$Os68}Rn!wxPnoJ_<8dJ*mDW-e@GA=p+ z=K7<{axH~3PH!!*V7HsY>dd^`30K3Tvx#QS$$e{b0uCHX%*KeX|2!?#uw3u+#e_c1 z$1AF#F{<4@QZJlCed1x0Q9|eB()hFbbt)fPR_%?6(!8p!b$?}bwSzwzrQwKB3}g6J ztLiy?QB@I_BhzV8h!)%nd=n7hMz(mW5r zjz*|_l z5QL*|XRYB~%Q2>e(QKzhhL71}Y~G*ZhoTC1jGL6CHCD1$&feiDa4@5X z8s$yhC)4g>=@jeAycCDrBUaTf7EVMXI^wndkD>-ccVD~);7A$wa`;edU%xK&dI*n* zaAN|%Qk&D4FU-|#7ACxb^*Nrh8=y|>ff>wm~MD!ainF)c?(1xQa(!XF?T-$)yu|8-}@R>dRJ?S z7>YZ4o9gJ9nyGIGM~5VSaj!L*TBGL{RBziSnIXuoT0T|V?k{HGdg?IhS^G6NaJ+gt zwVE3@_&26{wH-)X#Aa4`;-w zWK52aYt}(vod|+2_VC~U9!_*g1~6*dpF(ME#d9x4`J-L$VXxj-O2<Ll z)3wgX$VlLTF53dI(!^)jwQ^0CRIY=`LPX+gU9|1o_aWZf4EnkIpM)OpwCb#v8Xd+2 zn+#t>WJwp&#Qhi$*r0_;p>lyC%+`?p^Eul9;YIe#UA7zWpw-Fk5s$!Laof#2okj6J z4aoQW>yT96{mG{Dj#@X0|AdFy<{R4^YF?l+0|u_c>DS~JFVFe_gB`Z*4uqE^ z@wx-JO`hGgQVB#6bdS~ z5}@ACmtB|r1UAsC)U{d`_&l}-zg0>-i6Aj8XTCX<+1n2}oXbwihHE??=046)e0Gki zn7>@EQddl>_9${6ibzb?r(L`B9Bl2vsdURTpV5!dc(nde?=k1oT9#8onV-W>Q7u5x zR8Z!u@2%{%K~p|(jIsqK}tklTyVb*x+MadmN~TnL~7SCF{(Uj#_q$64YmtG^RhMoOY0vzqVqS z*Z8QBnW>o(tDBM*OQRSElWUzv#P56x)titn#?Vdd`r9wZ-W8K7+#1XPGJ5M`($etL z=H!mtZcDdswf_2-Hj81KTMS5ub&p;37Pb-46tdbZ_iKK{s8m6fHs#u zNdnNmJOG>l>qyz&o}Jjh|8A(Btk~Zl5&=-du``2rcxOT{cVnsaQ$?+ob5-i)8cxTH ziM0Tqbp8Q@6Vq5xaRkO;K`ijNy!KntG?|yXLND6Cn1Re{$O z*c{gXn)$8U28?$~&CJZaHwo5gnVHSRv>dJuW_Yq)H^OlATytAnbv9D5suKpj61V`< zAAO&vs|0b`B*y*ON`mK{lWa$1Vu4#=X8DN+HZPyn9NCYxmtERpBaB9ci#8aWMUU}l zRHyTPrrO?14#NfmQ_63cH8nx}tz9NvAXllHwV#p2{tWMesrX$`>76#>z?J@^*$dU5 zYemn8s6LGQ5fYEX3^p$z;;XiO3Y(P2N6tTwPm|o)&92LvIGykEc7qi)F)`h_X*te^ zI4)%BE@T}Lht6FRagsE4aFTbi6V0}cWd?sKjxfuNF%2?T(9&LY(lBy*;QVM2Pc%xs zD+K4>eoNaogzyX5avA5j?c}5W)T|E~Nkluzf-{75e$vM^IwqLu$I4IoV6W3~j{FXubG z+FV2ZWYIA&TC&W{Z=vAwrF)@sOnyiDXCw{wu6q0toVDChtOnu*?O&I1-Tp9$-oTOo z!?;?smx{CaBa*yAZc}qJkNX6STxm&34x?sPhFpN9l*nyd>Xa!k>&ziI3)R+j+fD@R zZ{qs%d2-iq2Cu{OpDGYL@KIQ7COt-oYMthx(nMS~+1g_i z7bz_*-Ocv#2KSmJ4v&j7fX{-LC5=ph|M+d{daKi6NnD6V831IHe3fdeDL9}vRi1%C zTdr_0>PsLz20A)=i3}1XqXC*;K&v7p@HZvqFpG4{I|Rpo<4*%H2L;}aC@@lR4JqoZHP>btJP zoNaAyPc+rntChtWf_>%EbnvfB8%|8F+aK50cl8kO8CCsTQYg1JPIK*N{ZC^?Zs|x@ zNi*8#T!+*9u#A!IwNaI>n!298YLw!m4NK}EKZfu{g|Pw6qlqL zm#CVSteTYkAuCxkD_K8Q^S2kGkN3n$d-n=2jCu=7b9p$Y_{)BP zRqc28$x53%PUG=vhX;w%wDR|uqnl7N=H}o2-J*YzS)mbgzKR6E{=h&djaAxd>b$B1 z&Wm=VX`G1P$y?OWc{9K)2qMn;|{qP@lZ z{8Gwd!r^Ev-h`(PT><}9xC=C&s~OFU*?4TZ1c)kP8|JyY42RJLsxFlp8xq3nUkug4 z3V$tW#l>NA=v;KsLgB;DPX5|#$`PYzrn~&8!6(0nA$z}-RB}qF;E#cUkt*%(&UZ?a z|8nBeWek~3Wz9sZY+k3OJOQ(&4?QM9;+7g(Hjy_hBjY# zPb(hdhRt?fX|TqG7!iNHJHtv{wH~owXEm&TqTO*)##D`9vc&4!7|QZ?oU5Ggx#M0- zJX>Ozb0Kbj%3{-|U`}_QWpJaIrL_LSf{Ae!-&>=mg~_2n&}VyJuoWhsOdmT*NzQJ5 zZCZm=i{^YdEB|QK;WsxYk`cbWy5SID0|s?) zijXO+sXnIxB)0o|LAG)65aWT=WpGiE5fMw@Oe5<3?fz;Map3$z8XQlS-GJmHL3;=M z#YZ5eNUMA6JGq>bp#EO@JP@0ln1(mD-rp#uygodKwiT7GD{C+V-b{Q)t{iLuH;AEz zqvr&r=123jiUMcQFdE?)_rt%=z47Ad=TPC&*-a6&0z!tm!$*Z)JRN9%%E6t0wdw54 zrT&WZt|J8O1<;qd-`ik=?N^#_)!ZC@kWx!%zXiT+t7xlAp)vFq+?C(v^P}JCl)<5B zM&7{1B-R85LRYoaho5p3j(@tw>Qh6Trl!?^W(DW@L^*v^33XcyU%7#c1Sq|}xasJL zyX%>@-f(x73ow+NXHBt`$i42fm*F^nRTN&~n+n}0aDmd}iP&6b!I<6OPLKv8oHFly z9Ve>VP#Te@W2I$+*=Bf9*fWP5_27tleOo3O%;@9#GwPM?e8UtoF6YD5bYy#B`4V0q zl7V=%QMchnpiPXt1$h}yfXp->9Hz%n?Lfg0SlWTa^TB?^WZ*K|1iVcbg!}6)rcOE^ zzAOY+H*bUkb7|EaKF2+!>mx;>rv&=6cV2w5P-5nyanQ;Tbn|~i-oz1viyocvuyo!U zrOt@s=q9A4$>?VUW;)Gk+kd3Y>1O~LPZsQhhMC!qTQrz^eWvE)f}VDp?SLO}la@9aJi79ro)!=9Vq=Re5$q)wpbCOyB4wo30g< zg@MO5$9++Ie_$YNYS9z?217VkW{Pv}<6qLM3dz)L=mUz{UttWi?U^CxxD54o2E!cI zxjRe!2Yju^nQHIEZzersi~FLmxS`xQV*MyA{vzz$v2r~LBg2KiXm=>W3&O@IBW3*} zhC^m+sPhm>oE|z0V&5?oh37O1*H(yT2e#*zhG&Sj`0cH|zf>wEj~5MnWw`IQvy-2a zOgYV-%Zve4ul-5aJD$kG$|o{SClY*J1WmStTvpxj`565MPZBpAgh_E(Z6-5CLD?0S z$phE12@COod9HRpno!H7e19wr{{-IFkEnPG0^bl)xq>Px z7~YUw01F&@S2Uyl7c{Xq6Q9 zxAwhphj>va;5Fl9e>C3{B$OqA7uIaJZBQ#o*Eew&^Q7tM`!4}=jvcmmmyFq7mF-mw zV=`*moyo)j6KeH3YK%Y5%Bq%{5s^lDx3>#HFyg#-R5>Z@HGK?Rj9N)=x$WfJGQw*| zPC20Q4A3DlP{MtU;JTpsA!y>5-@;r`E0%|&_xTsh#+#5!ZFD^!cAb(q46^|N4Zp`H z9UUFutG}0$o{s33Y1<8Nb*HK8Gy|$Eh@AW=zVP3FP3|3`M``PPNWc>_2wd2q*aKdz z)MU~MyxR%q=k~4bKsN+5k4m1mG!M*exJHJpi*}gPa@du;U$0B;rMKrjLLoK zb88{G+i9ARc+q~NrTBQ7ei3n}#h%p>X2|{yiM+Hnhx~=Ox@dM3`%Sor&WAWvZmU(~ zKtuj1``eN5G4?4{%Zf_#og%hsRy>PKuJxF66Ru> zmmCTjwRM1EGa;&oUrJeB-D$rtStS?>E+9Jt$?8#LFu8sdxRwK*)VUTeF=`+rUW#u* ztZ!N`X*Zm(N)Wrewiu-`d~e{d3bjdmX&eW^Z5Nzo%xf05t=-+%RQhiRDYxB!aSjYF z7Jg@N*xWe%T>W$FZF1F&Cu8 z#5PdqpXDXOehhk#b$)TN`vuLBRClw9$!i=NBem($FWwl!9;<>qp*c%1-4k}wYioM6 z%|8{7I}o<#KXqar!3$+uln6|hvpFr0#(oX%{Gwq} z*+@yr=A4yw8hxZb;MXgedwiJxtGc%gh-+K7L~##VxLc)gcXuba2X_e?+$~TMJh)pR z5FBC<+#$FImjHpFfdmNY$xik@=f3XS-S@ut=he^BwQ8+7=a^%RZ+y$!owUA4y|fF_ z-R|35qt8#`BHyZh`!U4{i;eLxlE>ctn%Sk_tU$gST~X0g%mVL;!#yBjo0pIHfwK6%=(jib5#s8DUi9TdrgI_S}zL1FjJNZ0s;K4B{DgCPZI#wPS+h7kcQGg0gkb zclu;rd5|<4>diQp0dV4t#&7W*KeKK6xX;rNx(J--- z7rh)9k%pG@94|scjcYzTsm4rSDTa#a3@$TqIJ~sC6`#0oKySC`n#oz6#qn{{Cm=hM zIAOq}jKZhU-WutBWIp}tDUErghRS56QqfO35MABJn2!m2W?rpObVSmnRd3&=db%t( zZ$NR*Q(l>?Kn;^9C^0hu|<)XemZ&{RWo`_?_3nI_WUqgleYvd;dl z4m-M9L7rp{Sx=N8{;fH@oZ^%02^^wm%$pDAhQy5+UdhIp-NU5pTdwcg<+{^&OfI`t9~ENa^Pb3?(hoPtpLUy8TFtNI#BUU zMEMw3y+~Wy@v6n`3a2cyUujg)J+9qb%lQ)?Lue;7AmyU2osr})s0YJEP^c&D zom4IXH$NMAZB|?4*}kBX{`BVk5Fcue=ROk}SM4#WRk0usw{~{sv8rA!pc3+&8BR#= zGCe+S=%Ua-!6)(2GOm1i@jxGySdGK&LpPxX`YFG{5!btxlrHbfq%mwU$zuO2NhZcI z>#g*9()WH`iX9CFJc%gEq(lk+cX-uWRrHSH)T~{#y4{tCq=PivKpkz^wF^3#NO2=m z7lTdf2goLu)-79SE}v3xPin zzPsyMLg{}ILNQ0KMx=(T160%YJXEyRH8`ME`Vh8$E|lh+!x_IP2%V9*tQK}#TRQz8 z@owxH7JWVAFN9FoSX)0>_CpU^XAYzmSXfVPRBdEr2*iX?n>VZWsj%L?Z2bUwHSdqt zTg}c2`HM-=*><3dwH74o?{JVOJEf)tg@tMlULlU1=v@^*_9YGqTdQjvHl_Fxl7IKD zO4_)Z>d*^bVLm!@Ue&(jGO0osE5|8AChJxu>*1lZ;bm0d5+%jOKIYANkrgSZ`=7eP zPAD3#a%DkD??+PAjt}c_Q%PxOJRVLNGHM)pck(8n!{P;d&5JW`Z1%->HAS6Qj9p@*j4ZGXn9c+oyxlC@ycTUk*-%C3Ou+88#69H8VkFdYy<5n$$k2kCg=QR;^!gHLJI}ppmRl3VmQCO7bUdOV z{2)VQ-uI01;-$sI^QF93uZzmnw||hD*CxgFH#VMeh3vwr)YAES24dikDLDr+%Qw$n zrQw+-NC;v`P3DPAimhzvwt8+r#lePL_Veid7qKVWs?My46`-+k$VwZKuf%9llak{3 zn3)BbB7T|k2mE;CVq|D>uhwzANMXX3-)mFZ={AfQDV@vT?7IJq!TaLt(lHglus~UA zl-Mar(M;wx9T*sZ8ch?Fz{<)~Q zzU`o@`&HQ0L5p$!*QIG$<@rG8Va9>lkvP$d9EVOx>Y^c&fVNx(fR{u`C>32qZX?5E!(^m^cYq#)-y5LE1pjO z3T{3c3C`XweGuF`Uu(r^Q(9Vn8$|AX9nVAcg)y%%6QSDE(-S0RtmjDx08w#94o_m3 zd2K!Hv)Bs3>T2NB%#7sea2%o}|L4uko4&B%hS#rcXJ4)7|J?t~X5jBlCV3tIIWH*h zi`@JSpmkS!C?CA$d2!{lSZykFtz*Y)_6Vq-xt_h`i!Fzi>|d5JY=d6k&}wFOc6*$h zi|BPD1)c54&^I~({!k~T6vqY>whF$pF+!4)b^37gttOy+f4GvX8PYQ~W!=e8Joo-A z!QM_I#CdRXQujt6pl_4rRP#&gdQQj7uPUSWM%mcaR6Z`{B~PEjd_Ajkt`d)(T{0|HdVFK{9$WU|Sb>b}razhE@p{k2@)zm_?JbJiYQa<>n+=G` zihGBG7Qn8Nzee0c-@=szUQy8#4P0a{_C5#cQw@eXEtJWl@1eU-Ue4y-C~tGLlIHO_ZY`O5 zx7cq(+*CB(f*^9&2;>6JdRoUlB%KfTQd#g7x$%2nVtl9|T)jAAqG1XtWrWkLxkmZRtjANII-a41p<+SX)_d;^We zuED=YUtON-n>DO8`l_ImNK-gs4|I8)^BKWss4Ob@8U!50{-_BV&0`4DAl+#+ldmrp zS!*K_n-dIdQoEE0jU_V=pGgfNOgXZUlYzTlQz%ugOBBIBsMOJzG8-B}pC;^Z2J*W4 zdhlZYr}qJTTVwj+lCc!zqbO!U2Tl2*mn{06-+}0T&^WdT6orqQ9V~;qSX6R2!|3i2 z$%ba0sHxE7j}jMD?h><`Ad09|H8gNM-9;gdKKiXu5J=8;3IP#c(0h68e8!-2B-&D)MnN%V%!cvKGAZ6174N=B%ZYe$gt$W4{sMU|M0Ea z9g*ZV94_d+-=p!B&b8aSxi4YC(8vhmi}3v1epE77Ai>x>Kld`{7pOA#6N$(j(}sP5 z0Wo>o>P+M(5Us`bUKBqQ+0FosH&jSd6BCchrGCciqdcSy4+TA=I^xdu7F)RR>6Sp- zqo75%7F3xT;{xpm55C?DJt1Owl(&YcZpO)yt;?VM3Aiel`n;$04S^%$&IASMl1*dM zVfKoCv|&^fTll#`>(BGW#2KI!9fG!npt=v6>pi#BN|1d%=Pw{WIZ^8+?8vR3-nDmTLl?@5>Vx%0}j?$N1x8{0;U;j2S& z|0@ZbdPOtAgDS%l#VVDBPv$V_`rUY|idvX`jv#!kq!?qfNVSANJ`N`2C4kZldi^kM$c84?_-vq>1$dfm`4k zz*H$SU@F33PxO}LfAC58jf_*YQXXM3<3KKUGRU#pQa0Z1`c{Z-_a085=LWPz%rNUsnjItq(E+caNH)HYBN|CEE6q=!a-&>TM9Hd=DD26-PoP1Q^|S z_k0z3kc|W%X4W6@Cjr*|4DW;Dd@8hvHQGb5ruce1S-ro}T^ztXn07VKwHh2+)2^iJR{muC0`UuI(QjKIXCLmQjVA zjo&t1T3IAsQhCsIM_;i7fh{owfz0~q`~Y%fXlR%pu$>u6hjec}-HBT$01Z1Y#hd-w zad)B=d~r=TviJL&Ev~RkiJ)fgPeAwo1sp?I=Y?T6r}>@g%1~bb(IO=wOq9v>jrI-> zLk-ppWEk6)s&u&e6RLAylx%&a*8mB34*4O1h@=+5bw?ytx5Dl9kJDC2+v}2g=RrWr zN0Ao70v4V;vkiyZVRXxaSjR3U<^Jzr65o6XvMKrNe6^l5As62=hG=*+!}^_g#9(wj z#o1oxBMFdSm*I^7T<4$}t*M}R(^(Z+GISzVk`1b#RFr}B&s67$-DlMW6&De;!kKaR zk?OJnrUo?wH*va^TtT<2?l7bNiOq6_9%EMmE^C(>F00B)J0li>hRi_UjuPEVW^BHe>BzLg&(Wwu)dqS7JAmFX9cYIqE3W$Q~8m zz_~;cowW#SrTv0wpX|cGSI(##!;yhJ4fYON&x!$yUTfWhRTEXS^7E_TW?{Q4s)gW# zPcS_Hx=r8}O9#H3)LmuS0vRaRLcJY!dhScBk3=fmH2`*e&hf_0%gV~??(PP`WZ4KT zpTHU_jW@OU#@j&z9`zO^{&g(??Q{eL0FdKNeqWevQ$!0_S*9~ssIid33SYXV&OwAI z!dckO=P=OWf+?yhwH~9_q}DP*{20oIsA$Zd$Wd;szN#d3N#M>oSr#~Nm(Ii1Wd-Sn z@@mSb5px*Vcl##G6b#-dD2rV3YHSy~WWkV4BVEdh35HUiL8Ia@J$@4Rh(7xp-(|og zLw&7ev^7I9VfMnV$M8GY&zVOw%qBU@tzF5kab(akqT9Qp7z)TbxjJy$<4dqLWLgI% zD*>jr8SU@46ieOn`*3xC{>`l`-sYJ|Y>sOLIElk~?D=0zXg>kUD*FajkGEUTO{Ft| zx^)YLfTRhqxNDuykKKD=3&0hZxRvX-{G-0+mRJTMqF$PEO5$D&cDCmadm~#iGM@MY zOi!R*;~sXksGy)Q_7MyfDbSu2vy6h2)DJ9)DUJek|5juIQ#QFragv{6%ZxuW4T8_+eOU?<}p@Hd4v=t zt;lO$MhdA=aZK_UeeQwV#(2t{HR9cZK<r3Is@Ucc*;*?#Et&oRkzs2g7Z|cWPX% zsnAA{2}mxbdS}Y&12Fgeg zJ~0xjh=eoe3>!$&FnkVvoRIQ;OL~YO(R5vDyXvvQamH8Z@M=~r6$|_!|DVAYWt}+l zd~*sUa3fpIjW$vVyWUJRVLmpzJ8ZnvCIquF@bZb?4Ddif9*|HSldpWA#odkTW{z4e zO>54){QT2*xrtnAJxgU>N)a-sNSn}tfG4^1bUk3ZH2l~_hSy4-yR|@c5ai0D zkZwYui0k}}a9iTByb)Sygc={7kM87Ysi|YmcMI7=ST?t}RgF2zlFWqc8Biw&Q`K3Q zvBj#zji9LJTTXnxf|kxd3q6)CmP8X*A zW(ZPYf^NNoER*S6DxXqc`)|BE`?s|h?$0o;j zzRYfo=i6*m34KzZtC4jieBV{Uk=M(bsoE2XX!M#9Psu`_6hf~f|3t#zjQ2jQ(WjFM zEB6Devw(lTnuDX;+I!c3h0F_BJ%WoT{fVhA%e@=j$DAm{mmWSlGfCO zO^t5Y>%x@Wn%)*TdFhL9_}27vom1`gIUWAg3_rtSrKc3v7s+K%hwwK- z#S$jfw!2;)TzCt;#KN5Kw7EzodzX%pKm?7cEz*ZfW!v(e?hQw8Ha~LKst;^pio63A z#abkAn6sRkkp9kirc;5N@_Pybl17THH?fGmuNh+{VOW84Q?b-kD4@@E)Rv?iOp>I; z?#Z+Y5X|qDKIY99sw{1%jETfugUB0UQLv-ldG1lqP@pwKET~v2y7`;z)P;ztC*Nt( zM;%9h<#;)W4|~y9iR&0!&!D|3YJ_T>1@SM|8Y_Gg*}RRlkj3WMz!chL1#{G@z%BoM zKr?O{csKVdbSm^JpD`)$2sCBX!n8qsSTzAV26&QnI;l7cv|;0Q7}D0&#ct|{HG3@y zvfxk%dQQC%u^I`k$iOrJZ`0pb`-=_y&#FiCSkqXy|DevjJAW+F~|*^@&h< z(6>G2NyYnbeJZ~F@@>*KGs{_$N88@-rebA=LI;h?^8zccA9^rmq2Z7vW@fS=IxaTb z;~`B<0TKcWI1AsPya&qRMD&x%uL_!ciR26Y0|{U!5q7;n`!SPGsgeL1g?5L6Nu%(X z_nxU$wk)48m~!8z!0o)!B2`oRiT0jUsd2usoqC}yQ>p?I&TesS=EpFA(S}xZ{rEjr z+tF$K+f(gM7$o_cC!Y{l0!hGIgKxvULoMO-;1DtvWAat7vMgEloX*ANrbm zD*9SEE9Qx-kVH4fgG}NMJbc|}gw+^gpD6F8!kVqR&^!r0%62Ej@ht6%0dsd3+yIbEC5T5(+AJ(YYK}4b|HpJlLbt8g75SK{^jpM9WMd@ANMze)CNvnL$M_jhs3o-eC6`wrbrn z^&i);ZRrWXd00y>Dq6|F^+plNuokJo*!mkJ8RZA$Dv?ThTdaMXqxGtJEz;WeaA4_h z?$hVOlI+-5Z~Qbna=v9p*1W|KZ7iHS|ITAANHebs%$*JM(SLUG7u?N?4Psdt2FyZK zZcDz4ZWB|i@Js|#t9w066CG`7Y=&8NMWoyvOl~J0j>y6E?N-=VI4UR=%EQ2QVl>B# zwK%x5?#c&gcvM@?G~3}HtwrtnRPhm3PtIura18w7BfBnFcme6r`y-+h83oTzCVYKM z93=c}`yFp+(AMQ>RLcq<)TP^Qax{?Hy*sO9O#bFfqW!^Z%0xg1A0P^|D&LN zgK|t64%{>0`aUnZkIyCGK6L^8yJXEQ{86b2{;w+)V^uY{u!2pP++gsgN-c=kYlj{* zTq-hESJ*zXEf}f)9CR-S)uTJvN1Hp*JVqbJf8snUE&0r8+~l-&_shaoT}YS8zEyqh z5$jcEq5%q|*wPpJ$7w|FdjYRPR^X8y49<_Cav_JCyzyeTi?T+WVj7MWaTwb<)XVxN zizmxe5dV|_iU6t$E%M(#4D@%91fy;XZ2JM_|HWsFG{aFRS}l)Tz3vGKew+W4IPP%P>eu1W1@H zg`*KO#vVVWh?wRx`_oc#**j0&^{v3}akodoJ4+r{SwzWV+hrgTQx~Eu^5-Pbdg!V- z1}Z28-O)R1bDcyy=B`U!h)8NQGaBB8xNBA7rn%-hs(_4~Cga=1cKpxB2z$y#j701% zPnhGg2}#|9FMcWX<#OMQ%nv<(04$#XAuwwG9&h6X8Km`as*B{wvG&fulH*e zi4dbvsR1%keaQ5C(fOaXOmNVmgnu-l5u2+-gOK~kf_&bps-CKHayBD*3lh@;)9)_! zUsb+(`SLCuh8x>Ru2_0LeNj7c4DbSrukTV$;WdGN7iWO6L<7~myu7@Z7l&M1nz^Dt z#?jfCewnUL`4CVf&CLc#@?hBd5|L*#5P82y1r8{iTwrY;rTtOn)EO0`HWV|JV%pD49_l}fCuq-k>MU_YY_>bX7=H=Kk*gk zgWNsEG1I_u!^-Y>jxuMcIP=x){$~~%Gwu8K+}2EN#KMecpZGO^sWWe zO=%Kg6MO^}HB2PhQXiRbx9hCxww1%oWP| z!1m@yw;sFc`G6ks`IrjwfD>!(e@+q+K)z8dG+wh+`8- zG4%SB9}Z{o;jzIpzo4xMe?ndl#|7PqI(6`4I|w3JUzNy7Aw24S0&0uI%hFj=pFh6= z`)v}K6H9_J6kjhGa}3|zKC;h}=veUnJaUH-Z?rL#n)(vw_LK=)GZI2}jaUxTiPZga zM!igQWMv~0@zuAr2(b6Zi_v4op!lk4$65F{mK|LZ-hD#|q`8kG0x8_O-=9dTB`>O@4XxccLoSGKn zRth|fa@q`)xS1Wy>Rnc(=)y;H+|lYLM&0}()N-eE;k}vRNqqW@K^V3U-1lAId#}r7 zciMYQwYXc{sI|B8p6yMRCmgIztkFB9!t7Bffuzf`vR;;{4Gkwg;Mrp7*^j!~`z_V7q07E?;wXxj{O^>PyZ@TsPP` zPUw@2cdmL}MHz?{wdL0SOvp)4V(UIx9YLOI)d#{0Zx5OmODgmse2C4Rd2p4Is1T5W z&Tpf@g&(0pu`P}3D@}|tcf?e$f*Mm#5ioqG4H@{BEY%>*X-rUu?81ySjvxh{=DRG> zU~yNZx%$MW3PEnB`Vb_ySzJe`f+%Ewb0R}=xbe` zc&BfA!`tEvR$N%y2v7QfP9<_iau;d5WELP3($`to``kP2a4JDrVL94Y^<6pM?00X% zwQv$dbg=Yc@Fa1c&O$n7_qr}q9Z3vGgM{yVmFDw(Jr=S%w324asbekbd7u0q@HWG( zQG5=UmkQZB_lpH6KXi8H6d5V~F*y7etl)JqWP7}Ji%ty3N2f|TH*2%7|0|#pODtO` zW4q!bCs-luzu8WL)oOLuZc|Tt=c%UYs1e7=OkUKkHM-ak=IsEFGkDd&F<>94(t+=+ zc8ZhcZ81TDX&Pw2&JN;r(3|(o3#*m2tBU{74!rQEroyyOgZ>DL;<|;M?fu#^;&Z3Jy0SvT|qsJ+cXGM<(;yto5b{-bM(3CR|8xn0ej-s(8;o-6RJSV3tFeqtuBNXha4HCP42_a6 zf)n)7&GGp66Ag?0t#4j=FO=ins%rs9DhyOX>oFkf`T5r`*U6Pj&!qS=!8b zgs6WjSVyU*fSypy=Fi5+`stNNU{YCE z>)4Kl)JAokz(*JIW%Zv`<^Kd`R^x%r{(SzqTUZ8LGu$FaO>N3zxy8^${RElG{TnEzkN3P&lVK0Q@0EV z>Am0I``1UNd45CQGT1G)pw|6gy!5m#=I3(xO;Pr+kZ9l>XtP z=LR2k7)Im$|B+4UDgY2>pbGT5rg?2GEf?)|l8iI1X;TH|D0zu1U}hpTPM5m>L%&l+H?#*J?xP zzU?Mn8(;4`qNS))&hgb6O_Qs1JH88y0z`U<%B%^>9 zh`@!OVd5;?C`!j1-Xr$l+8;DMW{3fH1bP91X%;c0jn@R2wX0p&46@?O3W%ZlN}M!({?UsQf<0p@)Enf7^Fwp`TgmNR%@7spa2bAMxc?Rs zDo3YiljfWcFIADZ9orwWBzJao<;Rn`3x%RBZv)2>QG1c4v?@1tFYkVgD}*oM`f*%~ zsRrxjC(P=XFG0oV%QKU<;DFU8$Q}5%o$)TZID%-ahPWM&evPvM6>{CDJDD6m!Jn05@!H{GiL& z>INxMV)heUxQN4j?INR>^#tA9$QyVuXh~h1xL@SU*xuDlQcw(|Q0;iyCQMJbCQ(E2 z?U7R^dG<>&M(FGas^9x5+DDX;qDqP+3wDajZG8%EByPrh<%K)o3IM0=*x={@(*b%X z1Aj%Em7UPoE}aSQ^s0r%qm+jSCv$CUOwy__xZxlqx)I2w zsMqTybgetqUJN-x? z%mGDMr|W3AKb5nLN4&68QDElA5_%OXG=8-2w+*ti6h(AMtI&RWQ`WVMuWLYr=hm9ObuTK-dwl zR;7UuWtO*jWI6mm9nV2{J*Zduq-1DKng@lUABKd5A0Ohah0ue`T~9D*#U<#z%RpFV zWmX}ILIk%Kbc#vCtS!IW=`M$t)XPQF!Dw4MVe8Eq1LKd16Bo>2=yE$h8}4~R(^Ei8 zuFb^61S4t2Oq!Rh0hp5?H8(r#9vOKzi-)~~rQV6L7sP)dq;+#~!E; zMRaX*-OsM|f7qEbeGnAId(MovkDiv1imX50kA`~-Xa4*Js*r3!o2}H{p>(DPs%Gzx zmo7+KPnRQGpd;DeeLKGkIdGZ2RnTUS6n(g7i`#yy*!cdlVv2-$@>Zc1vZ{G~m3;`0CHLcPH9AkBHc9i^q9e{5O-%J^e@JnvV8%8C7 zu&9@)n4Gyl&6~^2erjhTy?bBZ$2%_kDo_5UJ^lGG;NiRQ(vgkq?DUTeWIJd6B6$d? zd~Si9{xHy}{=Dzjb}#08qeNSMey_*=kwDg8@k@XGpv*r%2xKTPZ?*7hJV_&(j{nsg z9&gu$D8FoeMUb8OvnKUqGq$&PPvYUbmo6`TXAKMvDym)R{u4?l3jE1T4e+E7et^gD zolv)z)g^j;odZlT zzH)L=sm$&D&maS5!?cVJ-E{nB9v|~0N?G`qjVb<;UkK7WReE^0Smzn;z2K|Y1o=P4 z4fcRFDlIF^0|kD=C>kXEh;`q^E1=appr+yQKzB^5N0MyLbq23$V(3Sx#kAi zrY7dzYo87!+b+Luu5Cqe*VI(k)* z!4VbGtlT*UB0ji(toU!-*>$mJ4n<*7iLE6PJSB*6!x~wQ5hP8i`yBN`l&wfCZ%2E7 zT#0sTW6*&M(nD8SZQ5!f4Fw&4%n8c-{d*H=!+?1(Ue^aWNK`7vplN&I;NG4YACW0K zukVKm3WfCU=Un7xoS#ii`AK~e*qZ35wcuG3H}zE>d^(TMr<4sInRfUpK0X$ z2cgNv=2mEOSmYVUX!O!z=iwO-*K>Ae{nCWjyUJ0>Up`QQReCh7=CsE0n@i7#4# zz{K?lr;P%c?I6+@T8RI1AIaO#0i**u7w)! z%L~a%T$yIO$saQ#AKSN1Tmp;~915WXx@ZXDwscwuD~R4gc!X0|p@&Ydz|-{X0WM)v zI&cLqpN0z9&#ut2zrMK_GrN-KH-E^-`Ii1o(65nJT9cs3jr`@@T9@9pcUTT0t>dVZ z{tB3IZPCn({5K{jvMUkzO!<*MWTeq^duzthhDMf>_199=-|JcBM&xCpj+sUoawHz* z)4Q9bjaA0uw?(zU{o1}EDK#}y84U&kKV19$!%NWhtkQ@#J z1VL;&`!eJ+Nl8)09{#^(w(6p}o#b+K(q+LHM|jBIVPRnlPYr9n@cQ@NxAFQFIz7d= zar&qcB!3LE-qPfLD<^PU>ZXwq9c~WF|Z;*n4X{pUk$DDy`Lw+tR2+vfyQRrT* zh7x;yjjoUJJ6O;Up!>10XG1*q1~tJ#Q~*ThN!Y%<~K5gAB`jr(leI z0XvqM+pe9~ldr+bww3urJ?isRA!|uQyiSoVn!;-+PRYFQ?KH>f_;#Q5y$Pw%p-u!0 zgXmik#> zgCC0Ni=fGL-w|t1BhP>t4<0|PYau++a2@HWiC|_|siQctby}Q(fWmte(PzczC})kr zMRm?gE>Fn#AA~D==>LUo1*SIbZJRjOMoi2UatM)d7w!3Czh31IAXENK!j4)v6ASN| zy?^#L&JwOGjmEEJCb!t`ZpS>H{g|E4A2gbE-YP?Wm5hEKr5ZG}9shi)SP3t?^p>B| z|JNl2T9$@|fZZOvyL;p@se9l>YquYiBlJsk4AI?DS}CjL%2hqL zT+E;U?+*MwfjNKh2ih%EQT^5fD9}I4;~(%+>84c$YT@i}R}iO#wA@YvB0v!_4rI%iU275)^<^()Rj++4Rr%gNl?a0Yv*d [!NOTE] > This article is intended for technical support agents and IT professionals and applies to Surface devices only. If you're looking for help to install Surface updates or firmware on a home device, see [Update Surface firmware and Windows 10](https://support.microsoft.com/help/4023505). - + While enterprise-grade software distribution solutions continue to evolve, the business rationale for centrally managing updates remains the same: Maintain the security of Surface devices and keep them updated with the latest operating system and feature improvements. This is essential for sustaining a stable production environment and ensuring users aren't blocked from being productive. This article provides an overview of recommended tools and processes for larger organizations to accomplish these goals. ## Central update management in commercial environments @@ -32,18 +32,17 @@ Microsoft has streamlined tools for managing devices – including driver and fi ### Manage updates with Configuration Manager and Intune Microsoft Endpoint Configuration Manager allows you to synchronize and deploy Surface firmware and driver updates with the Configuration Manager client. Integration with Microsoft Intune lets you see all your managed, co-managed, and partner-managed devices in one place. This is the recommended solution for large organizations to manage Surface updates. - + For detailed steps, see the following resources: -- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager) -- [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications). +- [How to manage Surface driver updates in Configuration Manager](https://docs.microsoft.com/surface/manage-surface-driver-updates-configuration-manager.md) +- [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications) - [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/) - ### Manage updates with Microsoft Deployment Toolkit Included in Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. These include the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/download/details.aspx?id=54259). - + For detailed steps, see the following resources: - [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/) @@ -54,7 +53,6 @@ Surface driver and firmware updates are packaged as Windows Installer (*.msi) fi For instructions on how to deploy updates by using Endpoint Configuration Manager refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt). - **WindowsPE and Surface firmware and drivers** Endpoint Configuration Manager and MDT both use the Windows Preinstallation Environment (WindowsPE) during the deployment process. WindowsPE only supports a limited set of basic drivers such as those for network adapters and storage controllers. Drivers for Windows components that are not part of WindowsPE might produce errors. As a best practice, you can prevent such errors by configuring the deployment process to use only the required drivers during the WindowsPE phase. @@ -65,13 +63,12 @@ Starting in Endpoint Configuration Manager, you can synchronize and deploy Micro ## Supported devices -Downloadable .msi files are available for Surface devices from Surface Pro 2 and later. Information about .msi files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3 will be available from this page upon release. - +Downloadable .msi files are available for Surface devices from Surface Pro 2 and later. Information about .msi files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3 will be available from this page upon release. ## Managing firmware with DFCI With Device Firmware Configuration Interface (DFCI) profiles built into Intune (now available in [public preview](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future. For more information, see: - + - [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide) - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333). @@ -93,7 +90,6 @@ Specific versions of Windows 10 have separate .msi files, each containing all re - Management engine (ME) - Unified extensible firmware interface (UEFI) - ### Downloading .msi files 1. Browse to [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware) on the Microsoft Download Center. @@ -102,8 +98,7 @@ Specific versions of Windows 10 have separate .msi files, each containing all re ![Figure 1. Downloading Surface updates](images/fig1-downloads-msi.png) *Figure 1. Downloading Surface updates* - - + ### Surface .msi naming convention Since August 2019, .msi files have used the following naming convention: @@ -120,14 +115,15 @@ This file name provides the following information: - **Windows release:** Win10 - **Build:** 18362 - **Version:** 19.073.44195 – This shows the date and time that the file was created, as follows: - - **Year:** 19 (2019) - - **Month and week:** 073 (third week of July) - - **Minute of the month:** 44195 + - **Year:** 19 (2019) + - **Month and week:** 073 (third week of July) + - **Minute of the month:** 44195 - **Revision of version:** 0 (first release of this version) ### Legacy Surface .msi naming convention + Legacy .msi files (files built before August 2019) followed the same overall naming formula but used a different method to derive the version number. - **** + **Example** - SurfacePro6_Win10_16299_1900307_0.msi @@ -138,13 +134,11 @@ This file name provides the following information: - **Windows release:** Win10 - **Build:** 16299 - **Version:** 1900307 – This shows the date that the file was created and its position in the release sequence, as follows: - - **Year:** 19 (2019) - - **Number of release:** 003 (third release of the year) - - **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro) + - **Year:** 19 (2019) + - **Number of release:** 003 (third release of the year) + - **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro) - **Revision of version:** 0 (first release of this version) - - ## Learn more - [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware) @@ -157,4 +151,3 @@ This file name provides the following information: - [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide) - [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333). - [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates) - diff --git a/devices/surface/manage-surface-driver-updates-configuration-manager.md b/devices/surface/manage-surface-driver-updates-configuration-manager.md new file mode 100644 index 0000000000..f0d70b03fd --- /dev/null +++ b/devices/surface/manage-surface-driver-updates-configuration-manager.md @@ -0,0 +1,197 @@ +--- +title: Manage Surface driver updates in Configuration Manager +description: This article describes the available options to manage and deploy firmware and driver updates for Surface devices. +ms.assetid: b64879c4-37eb-4fcf-a000-e05cbb3d26ea +ms.reviewer: +author: v-miegge +manager: laurawi +keywords: Surface, Surface Pro 3, firmware, update, device, manage, deploy, driver, USB +ms.localizationpriority: medium +ms.prod: w10 +ms.mktglfcycl: manage +ms.pagetype: surface, devices +ms.sitesec: library +author: coveminer +ms.author: v-venum +ms.topic: article +ms.audience: itpro +--- + +# Manage Surface driver updates in Configuration Manager + +## Summary + +Starting in [Microsoft System Center Configuration Manager version 1710](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1710#software-updates), you can synchronize and deploy Microsoft Surface firmware and driver updates directly through the Configuration Manager client. The process resembles deploying regular updates. However, some additional configurations are required to get the Surface driver updates into your catalog. + +## Prerequisites + +To manage Surface driver updates, the following prerequisites must be met: + +- You must use Configuration Manager version 1710 or a later version. +- All Software Update Points (SUPs) must run Windows Server 2016 or a later version. Otherwise, Configuration Manager ignores this setting and Surface drivers won't be synchronized. + +> [!NOTE] +> If your environment doesn’t meet the prerequisites, refer to the [alternative methods](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager#1) to deploy Surface driver and firmware updates in the "FAQ" section. + +## Useful log files + +The following logs are especially useful when you manage Surface driver updates. + +|Log name|Description| +|---|---| +|WCM.log|Records details about the software update point configuration and connections to the WSUS server for subscribed update categories, classifications, and languages.| +|WsyncMgr.log|Records details about the software updates sync process.| + +These logs are located on the site server that manages the SUP, or on the SUP itself if it's installed directly on a site server. +For a complete list of Configuration Manager logs, see [Log files in System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/log-files). + +## Enabling Surface driver updates management + +To enable Surface driver updates management in Configuration Manager, follow these steps: + +1. In the Configuration Manager console, go to **Administration** > **Overview** > **Site Configuration** > **Sites**. +1. Select the site that contains the top-level SUP server for your environment. +1. On the ribbon, select **Configure Site Components**, and then select **Software Update Point**. Or, right-click the site, and then select **Configure Site Components** > **Software Update Point**. +1. On the **Classifications** tab, select the **Include Microsoft Surface drivers and firmware updates** check box. + + ![Software Update Point Component Properties](images/manage-surface-driver-updates-1.png) + +1. When you're prompted by the following warning message, select **OK**. + + ![Configuration Manager](images/manage-surface-driver-updates-2.png) + +1. On the Products tab, select the products that you want to update, and then select **OK**. + + Most drivers belong to the following product groups: + + - Windows 10 and later version drivers + - Windows 10 and later Upgrade & Servicing Drivers + - Windows 10 Anniversary Update and Later Servicing Drivers + - Windows 10 Anniversary Update and Later Upgrade & Servicing Drivers + - Windows 10 Creators Update and Later Servicing Drivers + - Windows 10 Creators Update and Later Upgrade & Servicing Drivers + - Windows 10 Fall Creators Update and Later Servicing Drivers + - Windows 10 Fall Creators Update and Later Upgrade & Servicing Drivers + - Windows 10 S and Later Servicing Drivers + - Windows 10 S Version 1709 and Later Servicing Drivers for testing + - Windows 10 S Version 1709 and Later Upgrade & Servicing Drivers for testing + +> [!NOTE] +> Most Surface drivers belong to multiple Windows 10 product groups. You may not have to select all the products that are listed here. To help reduce the number of products that populate your Update Catalog, we recommend that you select only the products that are required by your environment for synchronization. + +## Verifying the configuration + +To verify that the SUP is configured correctly, follow these steps: + +1. Open WsyncMgr.log, and then look for the following entry: + + ``` + Surface Drivers can be supported in this hierarchy since all SUPs are on Windows Server 2016, WCM SCF property Sync Catalog Drivers is set. + + Sync Catalog Drivers SCF value is set to : 1 + ``` + + If either of the following entries is logged in WsyncMgr.log, recheck step 4 in the previous section: + + ``` + Sync Surface Drivers option is not set + + Sync Catalog Drivers SCF value is set to : 0 + ``` + +1. Open WCM.log, and then look for an entry that resembles the following: + + ![WCM.log settings](images/manage-surface-driver-updates-3.png) + + This entry is an XML element that lists every product group and classification that's currently synchronized by your SUP server. For example, you might see an entry that resembles the following: + + ``` + + + + + + ``` + + If you can't find the products that you selected in step 6 in the previous section, double-check whether the SUP settings are saved. + + You can also wait until the next synchronization finishes, and then check whether the Surface driver and firmware updates are listed in Software Updates in the Configuration Manager console. For example, the console might display the following information: + + ![All Software Updates Search Results](images/manage-surface-driver-updates-4.png) + +## Manual synchronization + +If you don't want to wait until the next synchronization, follow these steps to start a synchronization: + +1. In the Configuration Manager console, go to **Software Library** > **Overview** > **Software Updates** > **All Software Updates**. +1. On the ribbon, select **Synchronize Software Updates**. Or, right-click **All Software Update**, and then select **Synchronize Software Update**. +1. Monitor the synchronization progress by looking for the following entries in WsyncMgr.log: + + ``` + Surface Drivers can be supported in this hierarchy since all SUPs are on Windows Server 2016, WCM SCF property Sync Catalog Drivers is set. + + sync: SMS synchronizing categories + sync: SMS synchronizing categories, processed 0 out of 311 items (0%) + sync: SMS synchronizing categories, processed 311 out of 311 items (100%) + sync: SMS synchronizing categories, processed 311 out of 311 items (100%) + sync: SMS synchronizing updates + + Synchronizing update 7eaa0148-c42b-45fd-a1ab-012c82972de6 - Microsoft driver update for Surface Type Cover Integration + Synchronizing update 2dcb07f8-37ec-41ef-8cd5-030bf24dc1d8 - Surface driver update for Surface Pen Pairing + Synchronizing update 63067414-ae52-422b-b3d1-0382a4d6519a - Surface driver update for Surface UEFI + Synchronizing update 8e4e3a41-a784-4dd7-9a42-041f43ddb775 - Surface driver update for Surface Integration + Synchronizing update 7f8baee8-419f-47e2-918a-045a15a188e7 - Microsoft driver update for Surface DTX + Synchronizing update aed66e05-719b-48cd-a0e7-059e50f67fdc - Microsoft driver update for Surface Base Firmware Update + Synchronizing update 8ffe1526-6e66-43cc-86e3-05ad92a24e3a - Surface driver update for Surface UEFI + Synchronizing update 74102899-0a49-48cf-97e6-05bde18a27ff - Microsoft driver update for Surface UEFI + ``` + +## Deploying Surface firmware and driver updates + +You can deploy Surface firmware and driver updates in the same manner as you deploy other updates. + +For more information about deployment, see [System Center 2012 Configuration Manager–Part7: Software Updates (Deploy)](https://blogs.technet.microsoft.com/elie/2012/05/25/system-center-2012-configuration-managerpart7-software-updates-deploy/). + +## Frequently asked questions (FAQ) + +**After I follow the steps in this article, my Surface drivers are still not synchronized. Why?** + +If you synchronize from an upstream Windows Server Update Services (WSUS) server instead of Microsoft Update, make sure that the upstream WSUS server is configured to support and synchronize Surface driver updates. All downstream servers are limited to updates that are present in the upstream WSUS server database. + +**After I follow the steps in this article, some Surface drivers are synchronized, but not the expected drivers. Why?** + +The processing time for testing drivers and confirming them for deployment through WSUS and Configuration Manager varies. Therefore, Surface driver updates are not necessarily available on the same day for both manual installation and Configuration Manager console deployment. + +Additionally, there are more than 68,000 updates that are classified as drivers in WSUS. To prevent non-Surface related drivers from synchronizing to Configuration Manager, Microsoft filters driver synchronization against an allow list. Surface drivers must go through additional testing before they can be added to this list. After the new allow list is published and incorporated into Configuration Manager, the new drivers are added to the console following the next synchronization. + +**Is the driver allow list published? Is it downloadable?** + +The Surface driver allow list isn't published online. This list is delivered to Configuration Manager through the update and servicing channels. If your Configuration Manager environment is online and able to detect new updates, you will receive updates to the list automatically. + +If your Configuration Manager environment is offline, a new allow list is imported every time that you import servicing updates to Configuration Manager. You will also have to import a new WSUS catalog that contains the drivers before the updates are displayed in the Configuration Manager console. Because a stand-alone WSUS environment contains more drivers than a Configuration Manager SUP, we recommend that you establish a Configuration Manager environment that has online capabilities, and that you configure it to synchronize Surface drivers. This provides a smaller WSUS export that closely resembles the offline environment. + +Another solution is to use [alternative methods](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager#1) to deploy Surface driver and firmware updates. + +**I require the latest firmware update, and I can't wait for it to be approved for import into Configuration Manager. Can I manually import the driver into WSUS?** + +No. Even if the update is imported into WSUS, the update won't be imported into the Configuration Manager console for deployment if it isn't listed in the allow list. + +Another solution is to use [alternative methods](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager#1) to deploy Surface driver and firmware updates. + +**Can I manually add a driver to the allow list?** + +No. The list is stored in the Configuration Manager database. Any changes to the list will be overwritten the next time that the CAB file is processed. + +**What alternative methods do I have to deploy Surface driver and firmware updates?** + +For information about how to deploy Surface driver and firmware updates through alternative channels, see [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates). + +If you want to download the .msi or .exe file, and then deploy through traditional software deployment channels, see [Keeping Surface Firmware Updated with Configuration Manager](https://blogs.technet.microsoft.com/thejoncallahan/2016/06/20/keeping-surface-firmware-updated-with-configuration-manager/). + +## Additional Information + +For more information about Surface driver and firmware updates, see the following articles: + +- [Download the latest firmware and drivers for Surface devices](https://docs.microsoft.com/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices) +- [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates) +- [Considerations for Surface and System Center Configuration Manager](https://docs.microsoft.com/surface/considerations-for-surface-and-system-center-configuration-manager) From 35a2d548d1762b2528e49faec7a16cb3776b9229 Mon Sep 17 00:00:00 2001 From: Mike Eggers <49650192+v-miegge@users.noreply.github.com> Date: Thu, 14 May 2020 14:39:48 -0700 Subject: [PATCH 119/338] Updated ms.author --- .../manage-surface-driver-updates-configuration-manager.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/manage-surface-driver-updates-configuration-manager.md b/devices/surface/manage-surface-driver-updates-configuration-manager.md index f0d70b03fd..285d16a325 100644 --- a/devices/surface/manage-surface-driver-updates-configuration-manager.md +++ b/devices/surface/manage-surface-driver-updates-configuration-manager.md @@ -12,7 +12,7 @@ ms.mktglfcycl: manage ms.pagetype: surface, devices ms.sitesec: library author: coveminer -ms.author: v-venum +ms.author: daclark ms.topic: article ms.audience: itpro --- From 1c72c2ee112d3fad7aec8b0ffff3aea216d4bd7d Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sat, 16 May 2020 11:54:23 +0500 Subject: [PATCH 120/338] minor correction Volume E was mentioned in the document but in actual case it should only b Volume. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6218 --- .../bitlocker/bitlocker-basic-deployment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index 406d096165..a2cc7ac74e 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -457,7 +457,7 @@ Checking BitLocker status with the control panel is the most common method used | **Suspended** | BitLocker is suspended and not actively protecting the volume | | **Waiting for Activation**| BitLocker is enabled with a clear protector key and requires further action to be fully protected| -If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on volume E. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. +If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. Using the control panel, administrators can choose **Turn on BitLocker** to start the BitLocker Drive Encryption wizard and add a protector, like PIN for an operating system volume (or password if no TPM exists), or a password or smart card protector to a data volume. The drive security window displays prior to changing the volume status. Selecting **Activate BitLocker** will complete the encryption process. From bb189ac1efcf8b5f016383f7e1139584d1c28989 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Sun, 17 May 2020 11:51:36 +0500 Subject: [PATCH 121/338] Update troubleshoot-inaccessible-boot-device.md --- .../client-management/troubleshoot-inaccessible-boot-device.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md index 5556b97262..e2b6c3237a 100644 --- a/windows/client-management/troubleshoot-inaccessible-boot-device.md +++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md @@ -113,7 +113,7 @@ To verify the BCD entries: 2. In the **Windows Boot Loader** that has the **{default}** identifier, make sure that **device** , **path** , **osdevice,** and **systemroot** point to the correct device or partition, winload file, OS partition or device, and OS folder. > [!NOTE] - > If the computer is UEFI-based, the **bootmgr** and **winload** entries under **{default}** will contain an **.efi** extension. + > If the computer is UEFI-based, the filepath value specified in **path** parameter of **{bootmgr}** and **{default}** will contain an **.efi** extension. ![bcdedit](images/screenshot1.png) From 2337ec145edbbea78466ab156781f1de5fe42f11 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 18 May 2020 11:14:02 +0500 Subject: [PATCH 122/338] Update windows/client-management/troubleshoot-inaccessible-boot-device.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../client-management/troubleshoot-inaccessible-boot-device.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md index e2b6c3237a..9f98c2a73c 100644 --- a/windows/client-management/troubleshoot-inaccessible-boot-device.md +++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md @@ -110,7 +110,7 @@ To verify the BCD entries: >[!NOTE] >This output may not contain a path. -2. In the **Windows Boot Loader** that has the **{default}** identifier, make sure that **device** , **path** , **osdevice,** and **systemroot** point to the correct device or partition, winload file, OS partition or device, and OS folder. +2. In the **Windows Boot Loader** that has the **{default}** identifier, make sure that **device**, **path**, **osdevice**, and **systemroot** point to the correct device or partition, winload file, OS partition or device, and OS folder. > [!NOTE] > If the computer is UEFI-based, the filepath value specified in **path** parameter of **{bootmgr}** and **{default}** will contain an **.efi** extension. From f623eec27f374e087d8318385adda65213d669e9 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Mon, 18 May 2020 11:14:28 +0500 Subject: [PATCH 123/338] Update windows/client-management/troubleshoot-inaccessible-boot-device.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../client-management/troubleshoot-inaccessible-boot-device.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md index 9f98c2a73c..667776a7f8 100644 --- a/windows/client-management/troubleshoot-inaccessible-boot-device.md +++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md @@ -113,7 +113,7 @@ To verify the BCD entries: 2. In the **Windows Boot Loader** that has the **{default}** identifier, make sure that **device**, **path**, **osdevice**, and **systemroot** point to the correct device or partition, winload file, OS partition or device, and OS folder. > [!NOTE] - > If the computer is UEFI-based, the filepath value specified in **path** parameter of **{bootmgr}** and **{default}** will contain an **.efi** extension. + > If the computer is UEFI-based, the filepath value specified in the **path** parameter of **{bootmgr}** and **{default}** will contain an **.efi** extension. ![bcdedit](images/screenshot1.png) From e928e808b4cf5c495af9449047e55e4b88ad592b Mon Sep 17 00:00:00 2001 From: "Trond B. Krokli" <38162891+illfated@users.noreply.github.com> Date: Mon, 18 May 2020 11:42:15 +0200 Subject: [PATCH 124/338] Typo corrections "seperately" x2 Ref. #5916 - Reviving the typo corrections provided by @schneiderl in PR #5916 --- .../credential-guard/dg-readiness-tool.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/credential-guard/dg-readiness-tool.md b/windows/security/identity-protection/credential-guard/dg-readiness-tool.md index 6727a09859..ae96f09ed1 100644 --- a/windows/security/identity-protection/credential-guard/dg-readiness-tool.md +++ b/windows/security/identity-protection/credential-guard/dg-readiness-tool.md @@ -12,7 +12,7 @@ ms.author: stsyfuhs manager: dansimp ms.collection: M365-identity-device-management ms.topic: article -ms.reviewer: +ms.reviewer: --- # Windows Defender Device Guard and Windows Defender Credential Guard hardware readiness tool @@ -1184,7 +1184,7 @@ if($Enable) if(!$_isRedstone) { LogAndConsole "OS Not Redstone, enabling IsolatedUserMode separately" - #Enable/Disable IOMMU seperately + #Enable/Disable IOMMU separately ExecuteCommandAndLog 'DISM.EXE /Online /Enable-Feature:IsolatedUserMode /NoRestart' } $CmdOutput = DISM.EXE /Online /Enable-Feature:Microsoft-Hyper-V-Hypervisor /All /NoRestart | Out-String @@ -1253,7 +1253,7 @@ if($Disable) if(!$_isRedstone) { LogAndConsole "OS Not Redstone, disabling IsolatedUserMode separately" - #Enable/Disable IOMMU seperately + #Enable/Disable IOMMU separately ExecuteCommandAndLog 'DISM.EXE /Online /disable-Feature /FeatureName:IsolatedUserMode /NoRestart' } $CmdOutput = DISM.EXE /Online /disable-Feature /FeatureName:Microsoft-Hyper-V-Hypervisor /NoRestart | Out-String From d2bd7348adcb4f8d14b8620f248eaaa52ab53006 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Mon, 18 May 2020 16:07:27 +0500 Subject: [PATCH 125/338] Update windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../bitlocker/bitlocker-basic-deployment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index a2cc7ac74e..96fc9bd8c2 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -457,7 +457,7 @@ Checking BitLocker status with the control panel is the most common method used | **Suspended** | BitLocker is suspended and not actively protecting the volume | | **Waiting for Activation**| BitLocker is enabled with a clear protector key and requires further action to be fully protected| -If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. +If a drive is pre-provisioned with BitLocker, a status of "Waiting for Activation" displays with a yellow exclamation icon on the volume. This status means that there was only a clear protector used when encrypting the volume. In this case, the volume is not in a protected state and needs to have a secure key added to the volume before the drive is fully protected. Administrators can use the control panel, manage-bde tool, or WMI APIs to add an appropriate key protector. Once complete, the control panel will update to reflect the new status. Using the control panel, administrators can choose **Turn on BitLocker** to start the BitLocker Drive Encryption wizard and add a protector, like PIN for an operating system volume (or password if no TPM exists), or a password or smart card protector to a data volume. The drive security window displays prior to changing the volume status. Selecting **Activate BitLocker** will complete the encryption process. From 46957625cae2a0a21c2b23d8803e99936bcee3ae Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 09:19:20 -0700 Subject: [PATCH 126/338] update --- windows/deployment/planning/windows-10-deprecated-features.md | 1 + windows/deployment/planning/windows-10-removed-features.md | 1 + 2 files changed, 2 insertions(+) diff --git a/windows/deployment/planning/windows-10-deprecated-features.md b/windows/deployment/planning/windows-10-deprecated-features.md index 5a34226e0f..242a6e3384 100644 --- a/windows/deployment/planning/windows-10-deprecated-features.md +++ b/windows/deployment/planning/windows-10-deprecated-features.md @@ -26,6 +26,7 @@ The features described below are no longer being actively developed, and might b |Feature | Details and mitigation | Announced in version | | ----------- | --------------------- | ---- | +| Dynamic Disks | The [Dynamic Disks](https://docs.microsoft.com/windows/win32/fileio/basic-and-dynamic-disks#dynamic-disks) feature is no longer being developed. This feature will be fully replaced by [Storage Spaces](https://docs.microsoft.com/windows-server/storage/storage-spaces/overview) in a future release.| 2004 | | Hyper-V vSwitch on LBFO | In a future release, the Hyper-V vSwitch will no longer have the capability to be bound to an LBFO team. Instead, it can be bound via [Switch Embedded Teaming](https://docs.microsoft.com/windows-server/virtualization/hyper-v-virtual-switch/rdma-and-switch-embedded-teaming#bkmk_sswitchembedded) (SET).| 1909 | | Language Community tab in Feedback Hub | The Language Community tab will be removed from the Feedback Hub. The standard feedback process: [Feedback Hub - Feedback](feedback-hub://?newFeedback=true&feedbackType=2) is the recommended way to provide translation feedback. | 1909 | | My People / People in the Shell | My People is no longer being developed. It may be removed in a future update. | 1909 | diff --git a/windows/deployment/planning/windows-10-removed-features.md b/windows/deployment/planning/windows-10-removed-features.md index 508cc788a8..82e9ff19ad 100644 --- a/windows/deployment/planning/windows-10-removed-features.md +++ b/windows/deployment/planning/windows-10-removed-features.md @@ -27,6 +27,7 @@ The following features and functionalities have been removed from the installed |Feature | Details and mitigation | Removed in version | | ----------- | --------------------- | ------ | +| Hyper-V vSwitch on LBFO | The Hyper-V vSwitch can not be bound to an LBFO team. Instead, it can be bound via [Switch Embedded Teaming](https://docs.microsoft.com/windows-server/virtualization/hyper-v-virtual-switch/rdma-and-switch-embedded-teaming#bkmk_sswitchembedded) (SET).| 2004 | | PNRP APIs| ​The Peer Name Resolution Protocol (PNRP) cloud service was removed in Windows 10, version 1809. We are planning to complete the removal process by removing the corresponding APIs. | 1909 | | Taskbar settings roaming | Roaming of taskbar settings is removed in this release. This feature was announced as no longer being developed in Windows 10, version 1903. | 1909 | | Desktop messaging app doesn't offer messages sync | The messaging app on Desktop has a sync feature that can be used to sync SMS text messages received from Windows Mobile and keep a copy of them on the Desktop. The sync feature has been removed from all devices. Due to this change, you will only be able to access messages from the device that received the message. | 1903 | From 90d02bdf6f9adb99feb87c0cc252a4c91f49dcb2 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 10:47:56 -0700 Subject: [PATCH 127/338] update --- windows/deployment/index.yml | 63 ++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 32 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index 299997d434..ff48f280d3 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -13,7 +13,7 @@ metadata: ms.collection: windows-10 author: greg-lindsay #Required; your GitHub user alias, with correct capitalization. ms.author: greglin #Required; microsoft alias of author; optional team alias. - ms.date: 09/13/2019 #Required; mm/dd/yyyy format. + ms.date: 05/19/2020 #Required; mm/dd/yyyy format. localization_priority: medium # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | video | whats-new @@ -22,74 +22,73 @@ landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb # Card (optional) - - title: Title1 + - title: Concepts linkLists: - - linkListType: overview + - linkListType: concepts links: - - text: Article1a + - text: Windows 10 deployment scenarios url: file1.md - - text: Article1b + - text: What is Windows as a service? url: file1.md - - text: Article1c + - text: Types of Windows updates url: file1.md # Card (optional) - - title: Title2 + - title: Get started linkLists: - - linkListType: overview + - linkListType: get-started links: - - text: Article2a + - text: Demonstrate Autopilot deployment url: file1.md - - text: Article2b + - text: Servicing the Windows 10 operating system url: file1.md - - text: Article2c + - text: Deploy Windows 10 in a test lab url: file1.md # Card (optional) - - title: Title3 + - title: Deployment planning linkLists: - - linkListType: overview + - linkListType: design-guide links: - - text: Article3a + - text: Create a deployment plan url: file1.md - - text: Article3b + - text: Evaluate infrastructure and tools url: file1.md - - text: Article3c + - text: Define your servicing strategy url: file1.md # Card - - title: Title4 + - title: Prepare to deploy Windows 10 linkLists: - - linkListType: overview + - linkListType: guide links: - - text: Article4a + - text: Prepare to deploy Windows 10 url: file1.md - - text: Article4b + - text: Evaluate and update deployment processes url: file1.md - - text: Article4c + - text: Build a successful servicing strategy url: file1.md # Card - - title: Title5 + - title: Deploy Windows 10 linkLists: - - linkListType: overview + - linkListType: checklist links: - - text: Article5a + - text: Deploy Windows 10 url: file1.md - - text: Article5b + - text: Assign devices to servicing channels url: file1.md - - text: Article5c + - text: Deploy Windows 10 updates url: file1.md # Card (optional) - - title: Title6 + - title: Also see linkLists: - - linkListType: overview + - linkListType: reference links: - - text: Article6a + - text: Windows 10 release information url: file1.md - - text: Article6b + - text: What's new in Windows 10 url: file1.md - - text: Article6c + - text: Windows 10 Enterprise Security url: file1.md - \ No newline at end of file From 7475ff11cc4f26bb32c4baeeedcc61d52592a221 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 11:18:55 -0700 Subject: [PATCH 128/338] update --- windows/deployment/TOC.yml | 44 ++++++++++++++++++------------------ windows/deployment/index.yml | 10 ++++---- 2 files changed, 27 insertions(+), 27 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 6b0a7ab46d..e17a0e3b80 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -4,49 +4,49 @@ - name: Get started items: - name: What's new in Windows 10 deployment - href: file1.md - - name: Windows 10 deployment scenarios (update) - href: file1.md + href: deploy-whats-new.md + - name: Windows 10 deployment scenarios + href: windows-10-deployment-scenarios.md - name: Deployment process posters - href: file1.md - - name: What is Windows as a service? (retitled, consolidated) - href: file1.md + href: windows-10-deployment-posters.md + - name: What is Windows as a service? + href: update/waas-quick-start.md - name: Windows update fundamentals - href: file1.md - - name: Types of Windows updates (consolidate) - href: file1.md - - name: Servicing the Windows 10 operating system (retitled, consolidate?) - href: file1.md + href: update/waas-overview.md + - name: Types of Windows updates + href: update/servicing-stack-updates + - name: Servicing the Windows 10 operating system + href: update/windows-update-overview.md - name: Deployment proof of concept items: - name: Demonstrate Autopilot deployment on a VM - href: file1.md + href: windows-autopilot/demonstrate-deployment-on-vm.md - name: Deploy Windows 10 with MDT and Configuration Manager items: - name: 'Step by step guide: Configure a test lab to deploy Windows 10' - href: file1.md + href: windows-10-poc.md - name: Deploy Windows 10 in a test lab using MDT - href: file1.md + href: windows-10-poc-mdt.md - name: Deploy Windows 10 in a test lab using Configuration Manager - href: file1.md + href: windows-10-poc-sc-config-mgr.md - name: Plan items: - - name: Windows 10 deployment considerations (rewrite) - href: file1.md - - name: Create a deployment plan (new) + - name: Windows 10 deployment considerations + href: planning/windows-10-deployment-considerations.md + - name: Create a deployment plan href: file1.md - - name: Evaluate infrastructure and tools (new) + - name: Evaluate infrastructure and tools href: file1.md - - name: Determine application readiness (new) + - name: Determine application readiness href: file1.md - - name: Define your servicing strategy (new) + - name: Define your servicing strategy href: file1.md - name: Best practices for feature updates on mission-critical devices href: file1.md - name: Plan for volume activation - href: file1.md + href: volume-activation/plan-for-volume-activation-client.md - name: Features removed or planned for replacement items: - name: Windows 10 features lifecycle diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index ff48f280d3..a0a99a13b0 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -24,7 +24,7 @@ landingContent: # Card (optional) - title: Concepts linkLists: - - linkListType: concepts + - linkListType: overview links: - text: Windows 10 deployment scenarios url: file1.md @@ -48,7 +48,7 @@ landingContent: # Card (optional) - title: Deployment planning linkLists: - - linkListType: design-guide + - linkListType: how-to-guide links: - text: Create a deployment plan url: file1.md @@ -60,7 +60,7 @@ landingContent: # Card - title: Prepare to deploy Windows 10 linkLists: - - linkListType: guide + - linkListType: how-to-guide links: - text: Prepare to deploy Windows 10 url: file1.md @@ -72,7 +72,7 @@ landingContent: # Card - title: Deploy Windows 10 linkLists: - - linkListType: checklist + - linkListType: deploy links: - text: Deploy Windows 10 url: file1.md @@ -84,7 +84,7 @@ landingContent: # Card (optional) - title: Also see linkLists: - - linkListType: reference + - linkListType: learn links: - text: Windows 10 release information url: file1.md From 086e79cb2500c0c0598bcb36960e964945fbc546 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 11:22:29 -0700 Subject: [PATCH 129/338] update --- windows/deployment/index.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index a0a99a13b0..3a168c88e5 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -24,7 +24,7 @@ landingContent: # Card (optional) - title: Concepts linkLists: - - linkListType: overview + - linkListType: concept links: - text: Windows 10 deployment scenarios url: file1.md @@ -48,7 +48,7 @@ landingContent: # Card (optional) - title: Deployment planning linkLists: - - linkListType: how-to-guide + - linkListType: architecture links: - text: Create a deployment plan url: file1.md @@ -84,7 +84,7 @@ landingContent: # Card (optional) - title: Also see linkLists: - - linkListType: learn + - linkListType: reference links: - text: Windows 10 release information url: file1.md From 896f2990c31fcece8d5f3c8c03c62b15a182c72f Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 11:38:13 -0700 Subject: [PATCH 130/338] update --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index e17a0e3b80..12f65f4266 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -14,7 +14,7 @@ - name: Windows update fundamentals href: update/waas-overview.md - name: Types of Windows updates - href: update/servicing-stack-updates + href: update/servicing-stack-updates.md - name: Servicing the Windows 10 operating system href: update/windows-update-overview.md From cc84a3c427b6cc3b6a9f76d97af31007978ceac2 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 13:07:07 -0700 Subject: [PATCH 131/338] update --- windows/deployment/file1.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/file1.md b/windows/deployment/file1.md index 44279dc9af..e82335c2cd 100644 --- a/windows/deployment/file1.md +++ b/windows/deployment/file1.md @@ -1,10 +1,10 @@ --- -title: Configure a test lab to deploy Windows 10 +title: Placeholder ms.reviewer: manager: laurawi ms.audience: itpro author: greg-lindsay -description: Concepts and procedures for deploying Windows 10 in a proof of concept lab environment. +description: Placeholder ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library @@ -16,7 +16,7 @@ author: greg-lindsay ms.topic: article --- -# Step by step guide: Configure a test lab to deploy Windows 10 +# Document title **Applies to** From 24855d7c82d2b800f1cfa172b8b93e5fd22b3a8c Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 13:25:11 -0700 Subject: [PATCH 132/338] update --- windows/deployment/index.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml index 3a168c88e5..70eed4e823 100644 --- a/windows/deployment/index.yml +++ b/windows/deployment/index.yml @@ -22,9 +22,9 @@ landingContent: # Cards and links should be based on top customer tasks or top subjects # Start card title with a verb # Card (optional) - - title: Concepts + - title: Overview linkLists: - - linkListType: concept + - linkListType: overview links: - text: Windows 10 deployment scenarios url: file1.md From d342e8c3d8a23979cb53ccfccc82f558fca2b04c Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 13:31:30 -0700 Subject: [PATCH 133/338] update --- windows/deployment/planning/TOC.md | 37 ------------------------------ 1 file changed, 37 deletions(-) delete mode 100644 windows/deployment/planning/TOC.md diff --git a/windows/deployment/planning/TOC.md b/windows/deployment/planning/TOC.md deleted file mode 100644 index fc4cb8fefa..0000000000 --- a/windows/deployment/planning/TOC.md +++ /dev/null @@ -1,37 +0,0 @@ -# [Plan for Windows 10 deployment](index.md) -## [Windows 10 Enterprise FAQ for IT Pros](windows-10-enterprise-faq-itpro.md) -## [Windows 10 deployment considerations](windows-10-deployment-considerations.md) -## [Windows 10 compatibility](windows-10-compatibility.md) -## [Windows 10 infrastructure requirements](windows-10-infrastructure-requirements.md) - -## Features removed or planned for replacement -### [Windows 10 features lifecycle](features-lifecycle.md) -### [Features we're no longer developing](windows-10-deprecated-features.md) -### [Features we removed](windows-10-removed-features.md) - -## Application Compatibility Toolkit (ACT) -### [Application Compatibility Toolkit (ACT) Technical Reference](act-technical-reference.md) -### [SUA User's Guide](sua-users-guide.md) -#### [Using the SUA Wizard](using-the-sua-wizard.md) -#### [Using the SUA Tool](using-the-sua-tool.md) -##### [Tabs on the SUA Tool Interface](tabs-on-the-sua-tool-interface.md) -##### [Showing Messages Generated by the SUA Tool](showing-messages-generated-by-the-sua-tool.md) -##### [Applying Filters to Data in the SUA Tool](applying-filters-to-data-in-the-sua-tool.md) -##### [Fixing Applications by Using the SUA Tool](fixing-applications-by-using-the-sua-tool.md) -### [Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md) -#### [Using the Compatibility Administrator Tool](using-the-compatibility-administrator-tool.md) -##### [Available Data Types and Operators in Compatibility Administrator](available-data-types-and-operators-in-compatibility-administrator.md) -##### [Searching for Fixed Applications in Compatibility Administrator](searching-for-fixed-applications-in-compatibility-administrator.md) -##### [Searching for Installed Compatibility Fixes with the Query Tool in Compatibility Administrator](searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md) -##### [Creating a Custom Compatibility Fix in Compatibility Administrator](creating-a-custom-compatibility-fix-in-compatibility-administrator.md) -##### [Creating a Custom Compatibility Mode in Compatibility Administrator](creating-a-custom-compatibility-mode-in-compatibility-administrator.md) -##### [Creating an AppHelp Message in Compatibility Administrator](creating-an-apphelp-message-in-compatibility-administrator.md) -##### [Viewing the Events Screen in Compatibility Administrator](viewing-the-events-screen-in-compatibility-administrator.md) -##### [Enabling and Disabling Compatibility Fixes in Compatibility Administrator](enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md) -##### [Installing and Uninstalling Custom Compatibility Databases in Compatibility Administrator](installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md) -#### [Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md) -##### [Understanding and Using Compatibility Fixes](understanding-and-using-compatibility-fixes.md) -##### [Compatibility Fix Database Management Strategies and Deployment](compatibility-fix-database-management-strategies-and-deployment.md) -##### [Testing Your Application Mitigation Packages](testing-your-application-mitigation-packages.md) -#### [Using the Sdbinst.exe Command-Line Tool](using-the-sdbinstexe-command-line-tool.md) -### [Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md) From 671ec29e8c0d38f86707a19a83acbf4397ba6ecc Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 14:13:22 -0700 Subject: [PATCH 134/338] update --- windows/deployment/TOC.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 12f65f4266..13d32de15d 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -3,12 +3,10 @@ items: - name: Get started items: - - name: What's new in Windows 10 deployment + - name: What's new href: deploy-whats-new.md - name: Windows 10 deployment scenarios href: windows-10-deployment-scenarios.md - - name: Deployment process posters - href: windows-10-deployment-posters.md - name: What is Windows as a service? href: update/waas-quick-start.md - name: Windows update fundamentals @@ -29,11 +27,13 @@ - name: Deploy Windows 10 in a test lab using MDT href: windows-10-poc-mdt.md - name: Deploy Windows 10 in a test lab using Configuration Manager - href: windows-10-poc-sc-config-mgr.md + href: windows-10-poc-sc-config-mgr.md + - name: Deployment process posters + href: windows-10-deployment-posters.md - name: Plan items: - - name: Windows 10 deployment considerations + - name: Deployment considerations href: planning/windows-10-deployment-considerations.md - name: Create a deployment plan href: file1.md From 8bc0006e64fddccf12cabdbfd7e4b4a17480f41a Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 14:37:19 -0700 Subject: [PATCH 135/338] update --- windows/deployment/TOC.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 13d32de15d..1fadc89258 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -58,19 +58,19 @@ - name: Prepare items: - - name: Prepare to deploy Windows 10 (new) + - name: Prepare to deploy Windows 10 href: file1.md - - name: Evaluate and update infrastructure (new) + - name: Evaluate and update infrastructure href: file1.md - - name: Evaluate and update deployment processes (new) + - name: Evaluate and update deployment processes href: file1.md - - name: Test and remediate your applications (new) + - name: Test and remediate your applications href: file1.md - name: Set up Delivery Optimization for Windows 10 updates href: file1.md - name: Configure BranchCache for Windows 10 updates href: file1.md - - name: Prepare your deployment tools (new) + - name: Prepare your deployment tools items: - name: Register devices for deployment with Windows Autopilot href: file1.md @@ -84,7 +84,7 @@ href: file1.md - name: Prepare updates using Windows Update for Business href: file1.md - - name: Prepare updates using WSUS (retitle) + - name: Prepare updates using WSUS href: file1.md - name: Deploy @@ -115,7 +115,7 @@ href: file1.md - name: Subscription Activation items: - - name: Windows 10 Subscription Activation (update) + - name: Windows 10 Subscription Activation href: file1.md - name: Windows 10 Enterprise E3 in CSP href: file1.md @@ -125,7 +125,7 @@ href: file1.md - name: Deploy Windows 10 updates items: - - name: Assign devices to servicing channels (retitle) + - name: Assign devices to servicing channels href: file1.md - name: Deploy updates with Configuration Manager href: file1.md @@ -167,7 +167,7 @@ items: - name: Get started items: - - name: Get started with Update Compliance (consolidate) + - name: Get started with Update Compliance href: file1.md - name: Update Compliance configuration script href: file1.md @@ -250,7 +250,7 @@ href: file1.md - name: Windows 10 deployment tools items: - - name: Windows 10 deployment scenarios and tools (retitle) + - name: Windows 10 deployment scenarios and tools items: - name: Convert MBR partition to GPT href: file1.md From 6a0cb2f036a84e139a0e718104e44480f6d26cb4 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 14:51:17 -0700 Subject: [PATCH 136/338] update --- windows/deployment/TOC.yml | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 1fadc89258..11ffb40e89 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -50,11 +50,11 @@ - name: Features removed or planned for replacement items: - name: Windows 10 features lifecycle - href: file1.md + href: planning/features-lifecycle.md - name: Features we're no longer developing - href: file1.md + href: planning/windows-10-deprecated-features.md - name: Features we removed - href: file1.md + href: planning/windows-10-removed-features.md - name: Prepare items: @@ -73,11 +73,11 @@ - name: Prepare your deployment tools items: - name: Register devices for deployment with Windows Autopilot - href: file1.md + href: windows-autopilot/add-devices.md - name: Prepare for deployment with MDT - href: file1.md + href: deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md - name: Prepare for deployment with Configuration Manager - href: file1.md + href: deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md - name: Build a successful servicing strategy items: - name: Build deployment rings for Windows 10 updates @@ -92,37 +92,37 @@ - name: Deploy Windows 10 items: - name: Deploy Windows 10 with Autopilot - href: file1.md + href: windows-autopilot/windows-autopilot-scenarios.md - name: Deploy Windows 10 with Configuration Manager items: - name: Deploy to a new device - href: file1.md + href: deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md - name: Refresh a device - href: file1.md + href: deploy-windows-cm/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md - name: Replace a device - href: file1.md + href: deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md - name: In-place upgrade - href: file1.md + href: deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md - name: Deploy Windows 10 with MDT items: - name: Deploy to a new device - href: file1.md + href: deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md - name: Refresh a device - href: file1.md + href: deploy-windows-mdt/refresh-a-windows-7-computer-with-windows-10.md - name: Replace a device - href: file1.md + href: deploy-windows-mdt/replace-a-windows-7-computer-with-a-windows-10-computer.md - name: In-place upgrade - href: file1.md + href: deploy-windows-mdt/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md - name: Subscription Activation items: - name: Windows 10 Subscription Activation - href: file1.md + href: windows-10-subscription-activation.md - name: Windows 10 Enterprise E3 in CSP - href: file1.md + href: windows-10-enterprise-e3-overview.md - name: Configure VDA for Subscription Activation - href: file1.md + href: vda-subscription-activation.md - name: Deploy Windows 10 Enterprise licenses - href: file1.md + href: deploy-enterprise-licenses.md - name: Deploy Windows 10 updates items: - name: Assign devices to servicing channels From b7f6ce444f2682471230de68aa4e4d45df3c9d6b Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 19 May 2020 16:30:20 -0700 Subject: [PATCH 137/338] update --- windows/deployment/TOC.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml index 11ffb40e89..91af4b650a 100644 --- a/windows/deployment/TOC.yml +++ b/windows/deployment/TOC.yml @@ -102,7 +102,7 @@ - name: Replace a device href: deploy-windows-cm/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md - name: In-place upgrade - href: deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md + href: deploy-windows-cm/upgrade-to-windows-10-with-configuraton-manager.md - name: Deploy Windows 10 with MDT items: - name: Deploy to a new device From 2a5b0d5c0696e674daac125255dbb747f38ac5ba Mon Sep 17 00:00:00 2001 From: illfated Date: Wed, 20 May 2020 01:55:31 +0200 Subject: [PATCH 138/338] #6744 follow-up: convert Note text to Note blob Description: In PR #6744, a Note text line was added to the page, but without the common Note blob used in the default MS Docs code style. This PR updates the Note to follow the MS Docs code style by adding the MarkDown Note blob indent markers and the [!NOTE] tag or header. The text content itself remains unchanged. Changes proposed: - Convert the Note text line to a standard MS Docs Note blob - Remove redundant end-of-line whitespace (blanks) throughout the page Ticket closure or reference: Ref. PR #6744 --- .../hello-hybrid-cert-whfb-settings-dir-sync.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md index b9c99d4bae..98e4ceb61e 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md @@ -16,6 +16,7 @@ localizationpriority: medium ms.date: 10/23/2017 ms.reviewer: --- + # Configure Hybrid Windows Hello for Business: Directory Synchronization **Applies to** @@ -26,7 +27,7 @@ ms.reviewer: ## Directory Synchronization -In hybrid deployments, users register the public portion of their Windows Hello for Business credential with Azure. Azure AD Connect synchronizes the Windows Hello for Business public key to Active Directory. +In hybrid deployments, users register the public portion of their Windows Hello for Business credential with Azure. Azure AD Connect synchronizes the Windows Hello for Business public key to Active Directory. The key-trust model needs Windows Server 2016 domain controllers, which configures the key registration permissions automatically; however, the certificate-trust model does not and requires you to add the permissions manually. @@ -45,12 +46,12 @@ Sign-in a domain controller or management workstations with *Domain Admin* equiv 6. In the **Applies to** list box, select **Descendant User objects**. 7. Using the scroll bar, scroll to the bottom of the page and click **Clear all**. 8. In the **Properties** section, select **Read msDS-KeyCredentialLink** and **Write msDS-KeyCredentialLink**. -9. Click **OK** three times to complete the task. +9. Click **OK** three times to complete the task. ### Group Memberships for the Azure AD Connect Service Account -The KeyAdmins or KeyCredential Admins global group provides the Azure AD Connect service with the permissions needed to read and write the public key to Active Directory. +The KeyAdmins or KeyCredential Admins global group provides the Azure AD Connect service with the permissions needed to read and write the public key to Active Directory. Sign-in a domain controller or management workstation with _Domain Admin_ equivalent credentials. @@ -61,14 +62,15 @@ Sign-in a domain controller or management workstation with _Domain Admin_ equiva 5. In the **Enter the object names to select** text box, type the name of the Azure AD Connect service account. Click **OK**. 6. Click **OK** to return to **Active Directory Users and Computers**. -Note: if your AD forest has multiple domains. Please make sure you add the ADConnect sync service account (ie. MSOL_12121212) into "Enterprise Key Admins" group to gain permission across the domains in the forest. +> [!NOTE] +> if your AD forest has multiple domains. Please make sure you add the ADConnect sync service account (ie. MSOL_12121212) into "Enterprise Key Admins" group to gain permission across the domains in the forest. ### Section Review > [!div class="checklist"] > * Configure Permissions for Key Synchronization > * Configure group membership for Azure AD Connect -> +> > [!div class="step-by-step"] > [< Configure Active Directory](hello-hybrid-cert-whfb-settings-ad.md) > [Configure PKI >](hello-hybrid-cert-whfb-settings-pki.md) From 6c6a89b9f73f346c41305a528c155ff1f13afc6e Mon Sep 17 00:00:00 2001 From: "Trond B. Krokli" <38162891+illfated@users.noreply.github.com> Date: Wed, 20 May 2020 19:18:35 +0200 Subject: [PATCH 139/338] Add grammar correction - by mapalko Co-authored-by: mapalko --- .../hello-hybrid-cert-whfb-settings-dir-sync.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md index 98e4ceb61e..78b43b43e2 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md @@ -63,7 +63,7 @@ Sign-in a domain controller or management workstation with _Domain Admin_ equiva 6. Click **OK** to return to **Active Directory Users and Computers**. > [!NOTE] -> if your AD forest has multiple domains. Please make sure you add the ADConnect sync service account (ie. MSOL_12121212) into "Enterprise Key Admins" group to gain permission across the domains in the forest. +> If your AD forest has multiple domains, make sure you add the ADConnect sync service account (ie. MSOL_12121212) into "Enterprise Key Admins" group to gain permission across the domains in the forest. ### Section Review From 6b855cf38df89a4a9691a84f2459877a0d5e69b5 Mon Sep 17 00:00:00 2001 From: "Jeff Reeds (Aquent LLC)" Date: Wed, 20 May 2020 15:46:27 -0700 Subject: [PATCH 140/338] changed windows to microsoft As part of rebrand, changed Windows Defender Offline to Microsoft Defender Offline and windows-defender-offline to microsoft-defender-offline --- windows/security/threat-protection/TOC.md | 4 ++-- .../threat-protection/intelligence/rootkits-malware.md | 2 +- .../troubleshoot-windows-defender-antivirus.md | 2 +- windows/whats-new/ltsc/whats-new-windows-10-2016.md | 2 +- windows/whats-new/whats-new-windows-10-version-1607.md | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 06efa1c47e..6dfcebce9c 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -155,7 +155,7 @@ ###### [Configure scheduled scans](windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md) ###### [Configure and run scans](windows-defender-antivirus/run-scan-windows-defender-antivirus.md) ###### [Review scan results](windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md) -###### [Run and review the results of an offline scan](windows-defender-antivirus/windows-defender-offline.md) +###### [Run and review the results of an offline scan](windows-defender-antivirus/microsoft-defender-offline.md) ##### [Restore quarantined files](windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md) @@ -183,7 +183,7 @@ ###### [Configure scheduled scans](windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md) ###### [Configure and run scans](windows-defender-antivirus/run-scan-windows-defender-antivirus.md) ###### [Review scan results](windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md) -###### [Run and review the results of an offline scan](windows-defender-antivirus/windows-defender-offline.md) +###### [Run and review the results of an offline scan](windows-defender-antivirus/microsoft-defender-offline.md) ###### [Restore quarantined files](windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md) ##### [Manage next-generation protection in your business]() diff --git a/windows/security/threat-protection/intelligence/rootkits-malware.md b/windows/security/threat-protection/intelligence/rootkits-malware.md index 3b66e178f2..ad80fad7fe 100644 --- a/windows/security/threat-protection/intelligence/rootkits-malware.md +++ b/windows/security/threat-protection/intelligence/rootkits-malware.md @@ -55,7 +55,7 @@ For more general tips, see [prevent malware infection](prevent-malware-infection Microsoft security software includes a number of technologies designed specifically to remove rootkits. If you think you might have a rootkit on your device and your antimalware software isn’t detecting it, you might need an extra tool that lets you boot to a known trusted environment. -[Microsoft Defender Offline](https://support.microsoft.com/help/17466/windows-defender-offline-help-protect-my-pc) can be launched from Windows Security Center and has the latest anti-malware updates from Microsoft. It’s designed to be used on devices that aren't working correctly due to a possible malware infection. +[Microsoft Defender Offline](https://support.microsoft.com/help/17466/microsoft-defender-offline-help-protect-my-pc) can be launched from Windows Security Center and has the latest anti-malware updates from Microsoft. It’s designed to be used on devices that aren't working correctly due to a possible malware infection. [System Guard](https://cloudblogs.microsoft.com/microsoftsecure/2017/10/23/hardening-the-system-and-maintaining-integrity-with-windows-defender-system-guard/) in Windows 10 protects against rootkits and threats that impact system integrity. diff --git a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md index 8b02e56f61..0655ccb826 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md @@ -2891,7 +2891,7 @@ Run a full system scan. This error indicates that an offline scan is required. Resolution -Run offline Windows Defender Antivirus. You can read about how to do this in the offline Windows Defender Antivirus article. +Run offline Windows Defender Antivirus. You can read about how to do this in the offline Windows Defender Antivirus article. diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2016.md b/windows/whats-new/ltsc/whats-new-windows-10-2016.md index 6abe9d8dfc..60d3674825 100644 --- a/windows/whats-new/ltsc/whats-new-windows-10-2016.md +++ b/windows/whats-new/ltsc/whats-new-windows-10-2016.md @@ -117,7 +117,7 @@ Windows Information Protection (WIP) helps to protect against this potential dat Several new features and management options have been added to Windows Defender in this version of Windows 10. -- [Microsoft Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media. +- [Microsoft Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/microsoft-defender-offline) can be run directly from within Windows, without having to create bootable media. - [Use PowerShell cmdlets for Windows Defender](/windows/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus) to configure options and run scans. - [Enable the Block at First Sight feature in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware. - [Configure enhanced notifications for Windows Defender in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus) to see more information about threat detections and removal. diff --git a/windows/whats-new/whats-new-windows-10-version-1607.md b/windows/whats-new/whats-new-windows-10-version-1607.md index 0107a9c65a..272b5ec918 100644 --- a/windows/whats-new/whats-new-windows-10-version-1607.md +++ b/windows/whats-new/whats-new-windows-10-version-1607.md @@ -103,7 +103,7 @@ Windows Information Protection (WIP) helps to protect against this potential dat ### Windows Defender Several new features and management options have been added to Windows Defender in Windows 10, version 1607. -- [Microsoft Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media. +- [Microsoft Defender Offline in Windows 10](/windows/threat-protection/windows-defender-antivirus/microsoft-defender-offline) can be run directly from within Windows, without having to create bootable media. - [Use PowerShell cmdlets for Windows Defender](/windows/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus) to configure options and run scans. - [Enable the Block at First Sight feature in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware. - [Configure enhanced notifications for Windows Defender in Windows 10](/windows/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus) to see more information about threat detections and removal. From fd2fc009bede7d527aeb5f9d841e03c9938e14a6 Mon Sep 17 00:00:00 2001 From: "Jeff Reeds (Aquent LLC)" Date: Thu, 21 May 2020 14:21:37 -0700 Subject: [PATCH 141/338] Changed Windows to Microsoft Changed only UX content; will change links later. --- .../update/how-windows-update-works.md | 2 +- .../update/update-compliance-monitor.md | 4 ++-- .../update/update-compliance-using.md | 4 ++-- windows/privacy/gdpr-win10-whitepaper.md | 18 +++++++++--------- ...-system-components-to-microsoft-services.md | 10 +++++----- .../privacy/manage-windows-1809-endpoints.md | 2 +- .../privacy/windows-diagnostic-data-1703.md | 2 +- windows/privacy/windows-diagnostic-data.md | 2 +- windows/security/threat-protection/TOC.md | 8 ++++---- .../control-usb-devices-using-intune.md | 14 +++++++------- .../threat-protection/intelligence/criteria.md | 4 ++-- .../intelligence/developer-faq.md | 4 ++-- .../intelligence/developer-resources.md | 2 +- .../intelligence/malware-naming.md | 2 +- .../intelligence/safety-scanner-download.md | 4 ++-- .../intelligence/support-scams.md | 4 ++-- .../intelligence/trojans-malware.md | 2 +- .../intelligence/unwanted-software.md | 2 +- .../intelligence/worms-malware.md | 2 +- .../advanced-features.md | 2 +- .../advanced-hunting-deviceevents-table.md | 2 +- .../advanced-hunting-schema-reference.md | 2 +- .../microsoft-defender-atp/alerts-queue.md | 4 ++-- .../auto-investigation-action-center.md | 2 +- .../behavioral-blocking-containment.md | 2 +- .../configure-machines-security-baseline.md | 2 +- .../configure-proxy-internet.md | 2 +- .../configure-server-endpoints.md | 2 +- ...view-of-threat-mitigations-in-windows-10.md | 14 +++++++------- ...re-worm-targets-out-of-date-systems-wdsi.md | 4 ++-- 30 files changed, 65 insertions(+), 65 deletions(-) diff --git a/windows/deployment/update/how-windows-update-works.md b/windows/deployment/update/how-windows-update-works.md index 7284fecba7..e427a2f861 100644 --- a/windows/deployment/update/how-windows-update-works.md +++ b/windows/deployment/update/how-windows-update-works.md @@ -80,7 +80,7 @@ Windows Update takes the following sets of actions when it runs a scan. #### Starts the scan for updates When users start scanning in Windows Update through the Settings panel, the following occurs: -- The scan first generates a “ComApi” message. The caller (Windows Defender Antivirus) tells the WU engine to scan for updates. +- The scan first generates a “ComApi” message. The caller (Microsoft Defender Antivirus) tells the WU engine to scan for updates. - "Agent" messages: queueing the scan, then actually starting the work: - Updates are identified by the different IDs ("Id = 10", "Id = 11") and from the different thread ID numbers. - Windows Update uses the thread ID filtering to concentrate on one particular task. diff --git a/windows/deployment/update/update-compliance-monitor.md b/windows/deployment/update/update-compliance-monitor.md index 55e6f693d9..8e4da6a05c 100644 --- a/windows/deployment/update/update-compliance-monitor.md +++ b/windows/deployment/update/update-compliance-monitor.md @@ -18,8 +18,8 @@ ms.topic: article # Monitor Windows Updates with Update Compliance > [!IMPORTANT] -> While [Windows Analytics was retired on January 31, 2020](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), support for Update Compliance has continued through the Azure Portal. Two planned feature removals for Update Compliance – Windows Defender Antivirus reporting and Perspectives – are now scheduled to be removed beginning Monday, May 11, 2020. -> * The retirement of Windows Defender Antivirus reporting will begin Monday, May 11, 2020. You can continue to review malware definition status and manage and monitor malware attacks with Microsoft Endpoint Manager's [Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune). Configuration Manager customers can monitor Endpoint Protection with [Endpoint Protection in Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection). +> While [Windows Analytics was retired on January 31, 2020](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), support for Update Compliance has continued through the Azure Portal. Two planned feature removals for Update Compliance – Microsoft Defender Antivirus reporting and Perspectives – are now scheduled to be removed beginning Monday, May 11, 2020. +> * The retirement of Microsoft Defender Antivirus reporting will begin Monday, May 11, 2020. You can continue to review malware definition status and manage and monitor malware attacks with Microsoft Endpoint Manager's [Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune). Configuration Manager customers can monitor Endpoint Protection with [Endpoint Protection in Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection). > * The Perspectives feature of Update Compliance will be retired Monday, May 11, 2020. The Perspectives feature is part of the Log Search portal of Log Analytics, which was deprecated on February 15, 2019 in favor of [Azure Monitor Logs](https://docs.microsoft.com/azure/azure-monitor/log-query/log-search-transition). Your Update Compliance solution will be automatically upgraded to Azure Monitor Logs, and the data available in Perspectives will be migrated to a set of queries in the [Needs Attention section](update-compliance-need-attention.md) of Update Compliance. ## Introduction diff --git a/windows/deployment/update/update-compliance-using.md b/windows/deployment/update/update-compliance-using.md index 47ea2040ed..b61cef1778 100644 --- a/windows/deployment/update/update-compliance-using.md +++ b/windows/deployment/update/update-compliance-using.md @@ -17,7 +17,7 @@ ms.topic: article # Use Update Compliance -In this section you'll learn how to use Update Compliance to monitor your device's Windows updates and Windows Defender Antivirus status. To configure your environment for use with Update Compliance, refer to [Get started with Update Compliance](update-compliance-get-started.md). +In this section you'll learn how to use Update Compliance to monitor your device's Windows updates and Microsoft Defender Antivirus status. To configure your environment for use with Update Compliance, refer to [Get started with Update Compliance](update-compliance-get-started.md). Update Compliance: @@ -50,7 +50,7 @@ When you select this tile, you will be redirected to the Update Compliance works Update Compliance's overview blade summarizes all the data Update Compliance provides. It functions as a hub from which you can navigate to different sections. The total number of devices detected by Update Compliance is reported in the title of this blade. What follows is a distribution for all devices as to whether they are up to date on the following items: * Security updates: A device is up to date on quality updates whenever it has the latest applicable quality update installed. Quality updates are monthly cumulative updates that are specific to a version of Windows 10. * Feature updates: A device is up to date on feature updates whenever it has the latest applicable feature update installed. Update Compliance considers [Servicing Channel](waas-overview.md#servicing-channels) when determining update applicability. -* AV Signature: A device is up to date on Antivirus Signature when the latest Windows Defender Signatures have been downloaded. This distribution only considers devices that are running Windows Defender Antivirus. +* AV Signature: A device is up to date on Antivirus Signature when the latest Windows Defender Signatures have been downloaded. This distribution only considers devices that are running Microsoft Defender Antivirus. The blade also provides the time at which your Update Compliance workspace was [refreshed](#update-compliance-data-latency). diff --git a/windows/privacy/gdpr-win10-whitepaper.md b/windows/privacy/gdpr-win10-whitepaper.md index 302909fefa..ce2c263dfe 100644 --- a/windows/privacy/gdpr-win10-whitepaper.md +++ b/windows/privacy/gdpr-win10-whitepaper.md @@ -132,24 +132,24 @@ As seen with recent ransomware attacks, once called the "black plague" of the In In response to these threats and as a part of your mechanisms to resist these types of breaches so that you remain in compliance with the GDPR, Windows 10 provides built in technology, detailed below including the following: -- Windows Defender Antivirus to respond to emerging threats on data. +- Microsoft Defender Antivirus to respond to emerging threats on data. - Microsoft Edge to systemically disrupt phishing, malware, and hacking attacks. - Windows Defender Device Guard to block all unwanted applications on client machines. #### Responding to emerging data threats -Windows Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. In Windows 10, it uses a multi-pronged approach to improve antimalware: +Microsoft Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. In Windows 10, it uses a multi-pronged approach to improve antimalware: - **Cloud-delivered protection.** Helps to detect and block new malware within seconds, even if the malware has never been seen before. -- **Rich local context.** Improves how malware is identified. Windows 10 informs Windows Defender Antivirus not only about content like files and processes, but also where the content came from, where it's been stored, and more. +- **Rich local context.** Improves how malware is identified. Windows 10 informs Microsoft Defender Antivirus not only about content like files and processes, but also where the content came from, where it's been stored, and more. -- **Extensive global sensors.** Help to keep Windows Defender Antivirus current and aware of even the newest malware. This is accomplished in two ways: by collecting the rich local context data from end points and by centrally analyzing that data. +- **Extensive global sensors.** Help to keep Microsoft Defender Antivirus current and aware of even the newest malware. This is accomplished in two ways: by collecting the rich local context data from end points and by centrally analyzing that data. -- **Tamper proofing.** Helps to guard Windows Defender Antivirus itself against malware attacks. For example, Windows Defender Antivirus uses Protected Processes, which prevents untrusted processes from attempting to tamper with Windows Defender Antivirus components, its registry keys, and so on. +- **Tamper proofing.** Helps to guard Microsoft Defender Antivirus itself against malware attacks. For example, Microsoft Defender Antivirus uses Protected Processes, which prevents untrusted processes from attempting to tamper with Microsoft Defender Antivirus components, its registry keys, and so on. -- **Enterprise-level features.** Give IT pros the tools and configuration options necessary to make Windows Defender Antivirus an enterprise-class antimalware solution. +- **Enterprise-level features.** Give IT pros the tools and configuration options necessary to make Microsoft Defender Antivirus an enterprise-class antimalware solution. #### Systemically disrupting phishing, malware, and hacking attacks In today’s threat landscape, your ability to provide those mechanisms should be tied to the specific data-focused attacks you face through phishing, malware and hacking due to the browser-related attacks. @@ -204,7 +204,7 @@ Among the key benefits of ATP are the following: - Built in, not bolted on - agentless with high performance and low impact, cloud-powered; easy management with no deployment. -- Single pane of glass for Windows security - explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Windows Defender Antivirus. +- Single pane of glass for Windows security - explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Microsoft Defender Antivirus. - Power of the Microsoft graph - leverages the Microsoft Intelligence Security Graph to integrate detection and exploration with Office 365 ATP subscription, to track back and respond to attacks. @@ -216,7 +216,7 @@ To provide Detection capabilities, Windows 10 improves our OS memory and kernel We continue to upgrade our detections of ransomware and other advanced attacks, applying our behavioral and machine-learning detection library to counter changing attacks trends. Our historical detection capability ensures new detection rules apply to up to six months of stored data to detect attacks that previously went unnoticed. Customers can also add customized detection rules or IOCs to augment the detection dictionary. -Customers asked us for a single pane of glass across the entire Windows security stack. Windows Defender Antivirus detections and Windows Defender Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections. The new user entity adds identity as a pivot, providing insight into actions, relationships, and alerts that span machines and allow us to track attackers moving laterally across the network. +Customers asked us for a single pane of glass across the entire Windows security stack. Microsoft Defender Antivirus detections and Windows Defender Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections. The new user entity adds identity as a pivot, providing insight into actions, relationships, and alerts that span machines and allow us to track attackers moving laterally across the network. Our alert page now includes a new process tree visualization that aggregates multiple detections and related events into a single view that helps security teams reduce the time to resolve cases by providing the information required to understand and resolve incidents without leaving the alert page. @@ -314,7 +314,7 @@ Azure Information Protection also helps your users share sensitive data in a sec - **Windows Hello for Business:** https://www.youtube.com/watch?v=WOvoXQdj-9E and https://docs.microsoft.com/windows/access-protection/hello-for-business/hello-identity-verification -- **Windows Defender Antivirus:** https://www.youtube.com/watch?v=P1aNEy09NaI and https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10 +- **Microsoft Defender Antivirus:** https://www.youtube.com/watch?v=P1aNEy09NaI and https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10 - **Windows Defender Advanced Threat Protection:** https://www.youtube.com/watch?v=qxeGa3pxIwg and https://docs.microsoft.com/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 4bbec23cef..6085890428 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -1595,7 +1595,7 @@ You can disconnect from the Microsoft Antimalware Protection Service. >1. Ensure Windows and Windows Defender are fully up to date. >2. Search the Start menu for "Tamper Protection" by clicking on the search icon next to the Windows Start button. Then scroll down to the Tamper Protection toggle and turn it **Off**. This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, you can go to **Windows Security Settings -> Virus & threat protection, click on Manage Settings** link and then scroll down to the Tamper Protection toggle to set it to **Off**. -- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop-down box named **Join Microsoft MAPS** +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop-down box named **Join Microsoft MAPS** -OR- @@ -1608,7 +1608,7 @@ You can disconnect from the Microsoft Antimalware Protection Service. You can stop sending file samples back to Microsoft. -- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**. +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**. -or- @@ -1617,11 +1617,11 @@ You can stop sending file samples back to Microsoft. You can stop downloading **Definition Updates**: -- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**. +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**. -and- -- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**. +- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**. -or- @@ -1645,7 +1645,7 @@ You can turn off **Enhanced Notifications** as follows: -or- -- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Reporting**. +- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Reporting**. -or- diff --git a/windows/privacy/manage-windows-1809-endpoints.md b/windows/privacy/manage-windows-1809-endpoints.md index 6367bb1968..789a9029a6 100644 --- a/windows/privacy/manage-windows-1809-endpoints.md +++ b/windows/privacy/manage-windows-1809-endpoints.md @@ -398,7 +398,7 @@ The following endpoint is used to retrieve Skype configuration values. To turn o ## Windows Defender The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection. For a detailed list of Windows Defender Antivirus cloud service connections, see [Allow connections to the Windows Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service). +If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection. For a detailed list of Microsoft Defender Antivirus cloud service connections, see [Allow connections to the Microsoft Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service). | Source process | Protocol | Destination | |----------------|----------|------------| diff --git a/windows/privacy/windows-diagnostic-data-1703.md b/windows/privacy/windows-diagnostic-data-1703.md index 73ccd75c12..ef7ec52739 100644 --- a/windows/privacy/windows-diagnostic-data-1703.md +++ b/windows/privacy/windows-diagnostic-data-1703.md @@ -74,7 +74,7 @@ This type of data includes details about the health of the device, operating sys | Category Name | Description and Examples | | - | - | |Device health and crash data | Information about the device and software health such as: