deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-25 11:47:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/master' into jdrs2apn

Browse Source
This commit is contained in:
jdeckerMS 2017-05-01 07:14:40 -07:00
commit f39bd98273
4 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
devices/surface/manage-surface-dock-firmware-updates.md
View File

@ -87,7 +87,7 @@ For more information about how to deploy MSI packages see [Create and deploy an
>[!NOTE] >[!NOTE]
>When drivers are installed through Windows Update or the MSI package, registry keys are added that indicate the version of firmware installed on the Surface Dock and contained within the Surface Dock driver. These registry keys can be found in: >When drivers are installed through Windows Update or the MSI package, registry keys are added that indicate the version of firmware installed on the Surface Dock and contained within the Surface Dock driver. These registry keys can be found in:
> **HLKM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\WUDF\\Services\\SurfaceDockFwUpdate\\Parameters** > **HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\WUDF\\Services\\SurfaceDockFwUpdate\\Parameters**
Firmware status is displayed for both the main chipset (displayed as **Component10**) and the DisplayPort chipset (displayed as **Component20**). For each chipset there are four keys, where *xx* is **10** or **20** corresponding to each chipset: Firmware status is displayed for both the main chipset (displayed as **Component10**) and the DisplayPort chipset (displayed as **Component20**). For each chipset there are four keys, where *xx* is **10** or **20** corresponding to each chipset:

2
mdop/medv-v2/windows-virtual-pc-application-exclude-list.md
View File

@ -15,7 +15,7 @@ ms.prod: w7
In some instances, you might not want applications that are installed in the MED-V workspace to be published to the host computer **Start** menu. You can unpublish these applications by following the instructions at [How to Publish and Unpublish an Application on the MED-V Workspace](how-to-publish-and-unpublish-an-application-on-the-med-v-workspace.md). However, if the program ever automatically updates, it might also be automatically republished. This causes you to have to unpublish the application again. In some instances, you might not want applications that are installed in the MED-V workspace to be published to the host computer **Start** menu. You can unpublish these applications by following the instructions at [How to Publish and Unpublish an Application on the MED-V Workspace](how-to-publish-and-unpublish-an-application-on-the-med-v-workspace.md). However, if the program ever automatically updates, it might also be automatically republished. This causes you to have to unpublish the application again.
Windows Virtual PC includes a feature known as the "Exclude List" that lets you specify certain installed applications that you do not want published to the host **Start** menu. The "Exclude List" is located in the guest registry in the HLKM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Virtual Machine\\VPCVAppExcludeList key and lists those applications that are not published to the host **Start** menu. You can think of the “Exclude List” as permanently unpublishing the specified applications because any automatic updates to the applications that are listed will not cause them to be automatically republished. Windows Virtual PC includes a feature known as the "Exclude List" that lets you specify certain installed applications that you do not want published to the host **Start** menu. The "Exclude List" is located in the guest registry in the HKLM\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Virtual Machine\\VPCVAppExcludeList key and lists those applications that are not published to the host **Start** menu. You can think of the “Exclude List” as permanently unpublishing the specified applications because any automatic updates to the applications that are listed will not cause them to be automatically republished.
## Managing Applications by Using the Exclude List in Windows Virtual PC ## Managing Applications by Using the Exclude List in Windows Virtual PC

12
windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md
View File

@ -1,5 +1,5 @@
--- ---
title: Associate and deploy your Windows Information Protection (WIP) and VPN policies by using Microsoft Azure Intune (Windows 10) title: Associate and deploy your Windows Information Protection (WIP) and VPN policies by using Microsoft Intune (Windows 10)
description: After you've created and deployed your Windows Information Protection (WIP) policy, you can use Microsoft Intune to associate and deploy your Virtual Private Network (VPN) policy, linking it to your WIP policy. description: After you've created and deployed your Windows Information Protection (WIP) policy, you can use Microsoft Intune to associate and deploy your Virtual Private Network (VPN) policy, linking it to your WIP policy.
ms.assetid: d0eaba4f-6d7d-4ae4-8044-64680a40cf6b ms.assetid: d0eaba4f-6d7d-4ae4-8044-64680a40cf6b
keywords: WIP, Enterprise Data Protection keywords: WIP, Enterprise Data Protection
@ -11,22 +11,22 @@ author: eross-msft
localizationpriority: high localizationpriority: high
--- ---
# Associate and deploy your Windows Information Protection (WIP) and VPN policies by using Microsoft Azure Intune # Associate and deploy your Windows Information Protection (WIP) and VPN policies by using Microsoft Intune
**Applies to:** **Applies to:**
- Windows 10, version 1607 and later - Windows 10, version 1607 and later
- Windows 10 Mobile, version 1607 and later (except Microsoft Azure Rights Management, which is only available on the desktop) - Windows 10 Mobile, version 1607 and later (except Microsoft Azure Rights Management, which is only available on the desktop)
After you've created and deployed your Windows Information Protection (WIP) policy, you can use Microsoft Azure Intune to associate and deploy your Virtual Private Network (VPN) policy, linking it to your WIP policy. After you've created and deployed your Windows Information Protection (WIP) policy, you can use Microsoft Intune to associate and deploy your Virtual Private Network (VPN) policy, linking it to your WIP policy.
## Associate your WIP policy to your VPN policy by using Microsoft Azure Intune ## Associate your WIP policy to your VPN policy by using Microsoft Intune
Follow these steps to associate your WIP policy with your organization's existing VPN policy. Follow these steps to associate your WIP policy with your organization's existing VPN policy.
**To associate your policies** **To associate your policies**
1. Create your VPN profile. For info about how to do this, see [How to configure VPN settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune-azure/configure-devices/how-to-configure-vpn-settings) and [How to create custom VPN profiles in Microsoft Intune](https://docs.microsoft.com/en-us/intune-azure/configure-devices/create-custom-vpn-profiles#create-a-custom-configuration). 1. Create your VPN profile. For info about how to do this, see [How to configure VPN settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune-azure/configure-devices/how-to-configure-vpn-settings) and [How to create custom VPN profiles in Microsoft Intune](https://docs.microsoft.com/en-us/intune-azure/configure-devices/create-custom-vpn-profiles#create-a-custom-configuration).
2. Open the Microsoft Azure Intune mobile application management console, click **Device configuration**, and then click **Create Profile**. 2. Open the Microsoft Intune mobile application management console, click **Device configuration**, and then click **Create Profile**.
![Microsoft Azure Intune, Create a new policy using the the Azure portal](images/wip-azure-vpn-device-policy.png) ![Microsoft Azure Intune, Create a new policy using the the Azure portal](images/wip-azure-vpn-device-policy.png)
@ -70,4 +70,4 @@ After youve created your VPN policy, you'll need to deploy it to the same gro
![Microsoft Intune: Pick your user groups that should get the policy when it's deployed](images/wip-azure-add-user-groups.png) ![Microsoft Intune: Pick your user groups that should get the policy when it's deployed](images/wip-azure-add-user-groups.png)
>[!NOTE] >[!NOTE]
>Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to TechNet content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md). >Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to TechNet content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md).

18
windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md
View File

@ -1,6 +1,6 @@
--- ---
title: Create a Windows Information Protection (WIP) policy using Microsoft Azure Intune (Windows 10) title: Create a Windows Information Protection (WIP) policy using Microsoft Intune (Windows 10)
description: Microsoft Azure Intune helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network. description: Microsoft Intune helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
ms.assetid: 4b307c99-3016-4d6a-9ae7-3bbebd26e721 ms.assetid: 4b307c99-3016-4d6a-9ae7-3bbebd26e721
ms.prod: w10 ms.prod: w10
ms.mktglfcycl: explore ms.mktglfcycl: explore
@ -10,20 +10,20 @@ author: eross-msft
localizationpriority: high localizationpriority: high
--- ---
# Create a Windows Information Protection (WIP) policy using Microsoft Azure Intune # Create a Windows Information Protection (WIP) policy using Microsoft Intune
**Applies to:** **Applies to:**
- Windows 10, version 1607 and later - Windows 10, version 1607 and later
- Windows 10 Mobile, version 1607 and later (except Microsoft Azure Rights Management, which is only available on the desktop) - Windows 10 Mobile, version 1607 and later (except Microsoft Azure Rights Management, which is only available on the desktop)
Microsoft Azure Intune helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your allowed apps, your WIP-protection level, and how to find enterprise data on the network. Microsoft Intune helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your allowed apps, your WIP-protection level, and how to find enterprise data on the network.
## Add a WIP policy ## Add a WIP policy
After youve set up Intune for your organization, you must create a WIP-specific policy. After youve set up Intune for your organization, you must create a WIP-specific policy.
**To add a WIP policy** **To add a WIP policy**
1. Open the Microsoft Azure Intune mobile application management console, click **All settings**, and then click **App policy**. 1. Open the Microsoft Intune mobile application management console, click **All settings**, and then click **App policy**.
![Microsoft Azure Intune management console: App policy link](images/wip-azure-portal-start.png) ![Microsoft Azure Intune management console: App policy link](images/wip-azure-portal-start.png)
@ -293,9 +293,9 @@ For this example, were going to add an AppLocker XML file to the **Allowed ap
</AppLockerPolicy> </AppLockerPolicy>
``` ```
12. After youve created your XML file, you need to import it by using Microsoft Azure Intune. 12. After youve created your XML file, you need to import it by using Microsoft Intune.
**To import your list of Allowed apps using Microsoft Azure Intune** **To import your list of Allowed apps using Microsoft Intune**
1. From the **Allowed apps** area, click **Import apps**. 1. From the **Allowed apps** area, click **Import apps**.
@ -497,7 +497,7 @@ After you've decided where your protected apps can access enterprise data on you
### Choose to set up Azure Rights Management with WIP ### Choose to set up Azure Rights Management with WIP
WIP can integrate with Microsoft Azure Rights Management to enable secure sharing of files by using removable drives such as USB drives. For more info about Azure Rights Management, see [Microsoft Azure Rights Management](https://products.office.com/en-us/business/microsoft-azure-rights-management). To integrate Azure Rights Management with WIP, you must already have Azure Rights Management set up. WIP can integrate with Microsoft Azure Rights Management to enable secure sharing of files by using removable drives such as USB drives. For more info about Azure Rights Management, see [Microsoft Azure Rights Management](https://products.office.com/en-us/business/microsoft-azure-rights-management). To integrate Azure Rights Management with WIP, you must already have Azure Rights Management set up.
To configure WIP to use Azure Rights Management, you must set the **AllowAzureRMSForEDP** MDM setting to **1** in Microsoft Azure Intune. This setting tells WIP to encrypt files copied to removable drives with Azure Rights Management, so they can be shared amongst your employees on computers running at least Windows 10, version 1703. To configure WIP to use Azure Rights Management, you must set the **AllowAzureRMSForEDP** MDM setting to **1** in Microsoft Intune. This setting tells WIP to encrypt files copied to removable drives with Azure Rights Management, so they can be shared amongst your employees on computers running at least Windows 10, version 1703.
Optionally, if you dont want everyone in your organization to be able to share your enterprise data, you can set the **RMSTemplateIDForEDP** MDM setting to the **TemplateID** of the Azure Rights Management template used to encrypt the data. You must make sure to mark the template with the **EditRightsData** option. Optionally, if you dont want everyone in your organization to be able to share your enterprise data, you can set the **RMSTemplateIDForEDP** MDM setting to the **TemplateID** of the Azure Rights Management template used to encrypt the data. You must make sure to mark the template with the **EditRightsData** option.
@ -506,7 +506,7 @@ Optionally, if you dont want everyone in your organization to be able to shar
## Related topics ## Related topics
- [Deploy your Windows Information Protection (WIP) policy](deploy-wip-policy-using-intune.md) - [Deploy your Windows Information Protection (WIP) policy](deploy-wip-policy-using-intune.md)
- [Associate and deploy your Windows Information Protection (WIP) and VPN policies by using Microsoft Azure Intune](create-vpn-and-wip-policy-using-intune.md) - [Associate and deploy your Windows Information Protection (WIP) and VPN policies by using Microsoft Intune](create-vpn-and-wip-policy-using-intune.md)
- [General guidance and best practices for Windows Information Protection (WIP)](guidance-and-best-practices-wip.md) - [General guidance and best practices for Windows Information Protection (WIP)](guidance-and-best-practices-wip.md)
- [Azure RMS Documentation Update for May 2016](https://blogs.technet.microsoft.com/enterprisemobility/2016/05/31/azure-rms-documentation-update-for-may-2016/) - [Azure RMS Documentation Update for May 2016](https://blogs.technet.microsoft.com/enterprisemobility/2016/05/31/azure-rms-documentation-update-for-may-2016/)
- [What is Azure Rights Management?]( https://docs.microsoft.com/en-us/information-protection/understand-explore/what-is-azure-rms) - [What is Azure Rights Management?]( https://docs.microsoft.com/en-us/information-protection/understand-explore/what-is-azure-rms)