mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 05:17:22 +00:00
items reviewed through #168
This commit is contained in:
martyav
parent
ed439600b9
commit
f3b52cf990
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: What's new in MDM enrollment and management
|
||||
description: This topic provides information about what's new and breaking changes in Windows 10 mobile device management (MDM) enrollment and management experience across all Windows 10 devices.
|
||||
description: Discover what's new and breaking changes in Windows 10 mobile device management (MDM) enrollment and management experience across all Windows 10 devices.
|
||||
MS-HAID:
|
||||
- 'p\_phdevicemgmt.mdm\_enrollment\_and\_management\_overview'
|
||||
- 'p\_phDeviceMgmt.new\_in\_windows\_mdm\_enrollment\_management'
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Register your free Azure Active Directory subscription
|
||||
description: If you have paid subscriptions to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, you have a free subscription to Azure AD.
|
||||
description: Paid subscribers to Office 365, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, have a free subscription to Azure AD.
|
||||
ms.assetid: 97DCD303-BB11-4AFF-84FE-B7F14CDF64F7
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Reporting DDF file
|
||||
description: This topic shows the OMA DM device description framework (DDF) for the Reporting configuration service provider. This CSP was added in Windows 10, version 1511. Support for desktop security auditing was added for the desktop in Windows 10, version 1607.
|
||||
description: View the OMA DM device description framework (DDF) for the Reporting configuration service provider.
|
||||
ms.assetid: 7A5B79DB-9571-4F7C-ABED-D79CD08C1E35
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: UnifiedWriteFilter CSP
|
||||
description: The UnifiedWriteFilter (UWF) configuration service provider enables the IT administrator to remotely manage the UWF to help protect physical storage media including any writable storage type.
|
||||
description: The UnifiedWriteFilter (UWF) configuration service provider allows you to remotely manage the UWF. Understand how it helps protect physical storage media.
|
||||
ms.assetid: F4716AC6-0AA5-4A67-AECE-E0F200BA95EB
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Enterprise settings, policies, and app management
|
||||
description: The actual management interaction between the device and server is done via the DM client. The DM client communicates with the enterprise management server via DM v1.2 SyncML syntax.
|
||||
description: The DM client manages the interaction between a device and a server. Learn more about the client-server management workflow.
|
||||
MS-HAID:
|
||||
- 'p\_phdevicemgmt.enterprise\_settings\_\_policies\_\_and\_app\_management'
|
||||
- 'p\_phDeviceMgmt.windows\_mdm\_enterprise\_settings'
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
title: Cortana integration in your business or enterprise (Windows 10)
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
description: The world’s first personal digital assistant helps users get things done, even at work. Cortana includes powerful configuration options specifically to optimize for unique small to medium-sized business and enterprise environments.
|
||||
description: Cortana includes powerful configuration options specifically to optimize for unique small to medium-sized business and enterprise environments.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Replace a Windows 7 computer with a Windows 10 computer (Windows 10)
|
||||
description: A computer replace scenario for Windows 10 is quite similar to a computer refresh for Windows 10; however, because you are replacing a machine, you cannot store the backup on the old computer.
|
||||
description: Learn how to replace a Windows 7 device with a Windows 10 device. Although the process is similar to performing a refresh, you'll need to backup data externally
|
||||
ms.assetid: acf091c9-f8f4-4131-9845-625691c09a2a
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
|
||||
@ -1,117 +1,118 @@
|
||||
---
|
||||
title: Create a custom Windows PE boot image with Configuration Manager (Windows 10)
|
||||
description: In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features.
|
||||
ms.assetid: b9e96974-324d-4fa4-b0ce-33cfc49c4809
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
ms.author: greglin
|
||||
keywords: tool, customize, deploy, boot image
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: medium
|
||||
ms.sitesec: library
|
||||
audience: itpro
author: greg-lindsay
|
||||
ms.topic: article
|
||||
---
|
||||
|
||||
# Create a custom Windows PE boot image with Configuration Manager
|
||||
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10 versions 1507, 1511
|
||||
|
||||
>[!IMPORTANT]
|
||||
>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems).
|
||||
>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
|
||||
|
||||
In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This topic shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
|
||||
|
||||
For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. Both are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
|
||||
|
||||
## <a href="" id="sec01"></a>Add DaRT 10 files and prepare to brand the boot image
|
||||
|
||||
|
||||
The steps below outline the process for adding DaRT 10 installation files to the MDT installation directory. You also copy a custom background image to be used later. We assume you have downloaded Microsoft Desktop Optimization Pack (MDOP) 2015 and copied the x64 version of MSDaRT10.msi to the C:\\Setup\\DaRT 10 folder. We also assume you have created a custom background image and saved it in C:\\Setup\\Branding on CM01. In this section, we use a custom background image named ContosoBackground.bmp.
|
||||
|
||||
1. Install DaRT 10 (C:\\Setup\\DaRT 10\\MSDaRT10.msi) using the default settings.
|
||||
|
||||
2. Using File Explorer, navigate to the **C:\\Program Files\\Microsoft DaRT\\v10** folder.
|
||||
|
||||
3. Copy the Toolsx64.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x64** folder.
|
||||
|
||||
4. Copy the Toolsx86.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x86** folder.
|
||||
|
||||
5. Using File Explorer, navigate to the **C:\\Setup** folder.
|
||||
|
||||
6. Copy the **Branding** folder to **E:\\Sources\\OSD**.
|
||||
|
||||
## <a href="" id="sec02"></a>Create a boot image for Configuration Manager using the MDT wizard
|
||||
|
||||
|
||||
By using the MDT wizard to create the boot image in Configuration Manager, you gain additional options for adding components and features to the boot image. In this section, you create a boot image for Configuration Manager using the MDT wizard.
|
||||
|
||||
1. Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Boot Images**, and select **Create Boot Image using MDT**.
|
||||
|
||||
2. On the **Package Source** page, in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Boot\\Zero Touch WinPE x64** and click **Next**.
|
||||
|
||||
>[!NOTE]
|
||||
>The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later by the wizard.
|
||||
|
||||
3. On the **General Settings** page, assign the name **Zero Touch WinPE x64** and click **Next**.
|
||||
|
||||
4. On the **Options** page, select the **x64** platform, and click **Next**.
|
||||
|
||||
5. On the **Components** page, in addition to the default selected **Microsoft Data Access Components (MDAC/ADO)** support, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** check box.
|
||||
|
||||
|
||||
|
||||
Figure 15. Add the DaRT component to the Configuration Manager boot image.
|
||||
|
||||
6. On the **Customization** page, select the **Use a custom background bitmap file** check box, and in the **UNC path:** text box, browse to **\\\\CM01\\Sources$\\OSD\\Branding\\ ContosoBackground.bmp**. Then click **Next** twice.
|
||||
|
||||
>[!NOTE]
|
||||
>It will take a few minutes to generate the boot image.
|
||||
|
||||
7. Distribute the boot image to the CM01 distribution point by selecting the **Boot images** node, right-clicking the **Zero Touch WinPE x64** boot image, and selecting **Distribute Content**.
|
||||
|
||||
8. In the Distribute Content Wizard, add the CM01 distribution point, and complete the wizard.
|
||||
|
||||
9. Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file. Do not continue until you can see that the boot image is distributed. Look for the line that reads STATMSG: ID=2301. You also can view Content Status in the Configuration Manager Console by selecting **the Zero Touch WinPE x86** boot image.
|
||||
|
||||
|
||||
|
||||
Figure 16. Content status for the Zero Touch WinPE x64 boot image
|
||||
|
||||
10. Using the Configuration Manager Console, right-click the **Zero Touch WinPE x64** boot image and select **Properties**.
|
||||
|
||||
11. In the **Data Source** tab, select the **Deploy this boot image from the PXE-enabled distribution point** check box, and click **OK**.
|
||||
|
||||
12. Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for this text: Expanding PS10000B to E:\\RemoteInstall\\SMSImages.
|
||||
|
||||
13. Review the **E:\\RemoteInstall\\SMSImages** folder. You should see three folders containing boot images. Two are from the default boot images, and the third folder (PS10000B) is from your new boot image with DaRT.
|
||||
|
||||
## Related topics
|
||||
|
||||
|
||||
[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
|
||||
|
||||
[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
|
||||
|
||||
[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
|
||||
|
||||
[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
|
||||
|
||||
[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
|
||||
|
||||
[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
|
||||
|
||||
[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
|
||||
|
||||
[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
|
||||
|
||||
[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
|
||||
|
||||
|
||||
|
||||
|
||||
---
|
||||
title: Create a custom Windows PE boot image with Configuration Manager (Windows 10)
|
||||
description: Microsoft System Center 2012 R2 Configuration Manager can create custom Windows Preinstallation Environment (Windows PE) boot images with extra features.
|
||||
ms.assetid: b9e96974-324d-4fa4-b0ce-33cfc49c4809
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
ms.author: greglin
|
||||
keywords: tool, customize, deploy, boot image
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: medium
|
||||
ms.sitesec: library
|
||||
audience: itpro
|
||||
author: greg-lindsay
|
||||
ms.topic: article
|
||||
---
|
||||
|
||||
# Create a custom Windows PE boot image with Configuration Manager
|
||||
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10 versions 1507, 1511
|
||||
|
||||
>[!IMPORTANT]
|
||||
>For instructions to deploy the most recent version of Windows 10 with Configuration Manager, see [Scenarios to deploy enterprise operating systems with System Center Configuration Manager](https://docs.microsoft.com/sccm/osd/deploy-use/scenarios-to-deploy-enterprise-operating-systems).
|
||||
>Configuration Manager 2012 and 2012 R2 provide support for Windows 10 versions 1507 and 1511 only. Later versions of Windows 10 require an updated Configuration Manager release. For a list of Configuration Manager versions and the corresponding Windows 10 client versions that are supported, see [Support for Windows 10 for System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/configs/support-for-windows-10).
|
||||
|
||||
In Microsoft System Center 2012 R2 Configuration Manager, you can create custom Windows Preinstallation Environment (Windows PE) boot images that include extra components and features. This topic shows you how to create a custom Windows PE 5.0 boot image with the Microsoft Deployment Toolkit (MDT) wizard. You can also add the Microsoft Diagnostics and Recovery Toolset (DaRT) 10 to the boot image as part of the boot image creation process.
|
||||
|
||||
For the purposes of this topic, we will use two machines: DC01 and CM01. DC01 is a domain controller and CM01 is a machine running Windows Server 2012 R2 Standard. Both are members of the domain contoso.com for the fictitious Contoso Corporation. For more details on the setup for this topic, please see [Deploy Windows 10 with the Microsoft Deployment Toolkit](../deploy-windows-mdt/deploy-windows-10-with-the-microsoft-deployment-toolkit.md).
|
||||
|
||||
## <a href="" id="sec01"></a>Add DaRT 10 files and prepare to brand the boot image
|
||||
|
||||
|
||||
The steps below outline the process for adding DaRT 10 installation files to the MDT installation directory. You also copy a custom background image to be used later. We assume you have downloaded Microsoft Desktop Optimization Pack (MDOP) 2015 and copied the x64 version of MSDaRT10.msi to the C:\\Setup\\DaRT 10 folder. We also assume you have created a custom background image and saved it in C:\\Setup\\Branding on CM01. In this section, we use a custom background image named ContosoBackground.bmp.
|
||||
|
||||
1. Install DaRT 10 (C:\\Setup\\DaRT 10\\MSDaRT10.msi) using the default settings.
|
||||
|
||||
2. Using File Explorer, navigate to the **C:\\Program Files\\Microsoft DaRT\\v10** folder.
|
||||
|
||||
3. Copy the Toolsx64.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x64** folder.
|
||||
|
||||
4. Copy the Toolsx86.cab file to the **C:\\Program Files\\Microsoft Deployment Toolkit\\Templates\\Distribution\\Tools\\x86** folder.
|
||||
|
||||
5. Using File Explorer, navigate to the **C:\\Setup** folder.
|
||||
|
||||
6. Copy the **Branding** folder to **E:\\Sources\\OSD**.
|
||||
|
||||
## <a href="" id="sec02"></a>Create a boot image for Configuration Manager using the MDT wizard
|
||||
|
||||
|
||||
By using the MDT wizard to create the boot image in Configuration Manager, you gain additional options for adding components and features to the boot image. In this section, you create a boot image for Configuration Manager using the MDT wizard.
|
||||
|
||||
1. Using the Configuration Manager Console, in the Software Library workspace, expand **Operating Systems**, right-click **Boot Images**, and select **Create Boot Image using MDT**.
|
||||
|
||||
2. On the **Package Source** page, in the **Package source folder to be created (UNC Path):** text box, type **\\\\CM01\\Sources$\\OSD\\Boot\\Zero Touch WinPE x64** and click **Next**.
|
||||
|
||||
>[!NOTE]
|
||||
>The Zero Touch WinPE x64 folder does not yet exist. The folder will be created later by the wizard.
|
||||
|
||||
3. On the **General Settings** page, assign the name **Zero Touch WinPE x64** and click **Next**.
|
||||
|
||||
4. On the **Options** page, select the **x64** platform, and click **Next**.
|
||||
|
||||
5. On the **Components** page, in addition to the default selected **Microsoft Data Access Components (MDAC/ADO)** support, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** check box.
|
||||
|
||||
|
||||
|
||||
Figure 15. Add the DaRT component to the Configuration Manager boot image.
|
||||
|
||||
6. On the **Customization** page, select the **Use a custom background bitmap file** check box, and in the **UNC path:** text box, browse to **\\\\CM01\\Sources$\\OSD\\Branding\\ ContosoBackground.bmp**. Then click **Next** twice.
|
||||
|
||||
>[!NOTE]
|
||||
>It will take a few minutes to generate the boot image.
|
||||
|
||||
7. Distribute the boot image to the CM01 distribution point by selecting the **Boot images** node, right-clicking the **Zero Touch WinPE x64** boot image, and selecting **Distribute Content**.
|
||||
|
||||
8. In the Distribute Content Wizard, add the CM01 distribution point, and complete the wizard.
|
||||
|
||||
9. Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file. Do not continue until you can see that the boot image is distributed. Look for the line that reads STATMSG: ID=2301. You also can view Content Status in the Configuration Manager Console by selecting **the Zero Touch WinPE x86** boot image.
|
||||
|
||||
|
||||
|
||||
Figure 16. Content status for the Zero Touch WinPE x64 boot image
|
||||
|
||||
10. Using the Configuration Manager Console, right-click the **Zero Touch WinPE x64** boot image and select **Properties**.
|
||||
|
||||
11. In the **Data Source** tab, select the **Deploy this boot image from the PXE-enabled distribution point** check box, and click **OK**.
|
||||
|
||||
12. Using Configuration Manager Trace, review the E:\\Program Files\\Microsoft Configuration Manager\\Logs\\distmgr.log file and look for this text: Expanding PS10000B to E:\\RemoteInstall\\SMSImages.
|
||||
|
||||
13. Review the **E:\\RemoteInstall\\SMSImages** folder. You should see three folders containing boot images. Two are from the default boot images, and the third folder (PS10000B) is from your new boot image with DaRT.
|
||||
|
||||
## Related topics
|
||||
|
||||
|
||||
[Integrate Configuration Manager with MDT](../deploy-windows-mdt/integrate-configuration-manager-with-mdt.md)
|
||||
|
||||
[Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
|
||||
|
||||
[Add a Windows 10 operating system image using Configuration Manager](add-a-windows-10-operating-system-image-using-configuration-manager.md)
|
||||
|
||||
[Create an application to deploy with Windows 10 using Configuration Manager](create-an-application-to-deploy-with-windows-10-using-configuration-manager.md)
|
||||
|
||||
[Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager](add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md)
|
||||
|
||||
[Create a task sequence with Configuration Manager and MDT](../deploy-windows-mdt/create-a-task-sequence-with-configuration-manager-and-mdt.md)
|
||||
|
||||
[Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-10-using-pxe-and-configuration-manager.md)
|
||||
|
||||
[Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager](refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md)
|
||||
|
||||
[Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager](replace-a-windows-7-client-with-windows-10-using-configuration-manager.md)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Searching for Fixed Applications in Compatibility Administrator (Windows 10)
|
||||
description: With the search functionality in Compatibility Administrator, you can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages.
|
||||
description: Compatibility Administrator can locate specific executable (.exe) files with previously applied compatibility fixes, compatibility modes, or AppHelp messages.
|
||||
ms.assetid: 1051a2dc-0362-43a4-8ae8-07dae39b1cb8
|
||||
ms.reviewer:
|
||||
manager: laurawi
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: How Windows Defender Credential Guard works
|
||||
description: Using virtualization-based security, Windows Defender Credential Guard features a new component called the isolated LSA process, which stores and protects secrets, isolating them from the rest of the operating system, so that only privileged system software can access them.
|
||||
description: Learn how Windows Defender Credential Guard uses virtualization to protect secrets, so that only privileged system software can access them.
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: explore
|
||||
ms.sitesec: library
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: General guidance and best practices for Windows Information Protection (WIP) (Windows 10)
|
||||
description: This section includes info about the enlightened Microsoft apps, including how to add them to your Protected Apps list in Microsoft Intune. It also includes some testing scenarios that we recommend running through with Windows Information Protection (WIP).
|
||||
description: Find resources about apps that can work with Windows Information Protection (WIP) to protect data. Enlightened apps can tell corporate and personal data apart.
|
||||
ms.assetid: aa94e733-53be-49a7-938d-1660deaf52b0
|
||||
ms.reviewer:
|
||||
keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Account Lockout (Windows 10)
|
||||
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Account Lockout, which enables you to audit security events that are generated by a failed attempt to log on to an account that is locked out.
|
||||
description: The policy setting, Audit Account Lockout, enables you to audit security events generated by a failed attempt to log on to an account that is locked out.
|
||||
ms.assetid: da68624b-a174-482c-9bc5-ddddab38e589
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Computer Account Management (Windows 10)
|
||||
description: This topic for the IT professional describes the advanced security audit policy setting, Audit Computer Account Management, which determines whether the operating system generates audit events when a computer account is created, changed, or deleted.
|
||||
description: The policy setting, Audit Computer Account Management, determines if audit events are generated when a computer account is created, changed, or deleted.
|
||||
ms.assetid: 6c406693-57bf-4411-bb6c-ff83ce548991
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit IPsec Driver (Windows 10)
|
||||
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit IPsec Driver, which determines whether the operating system generates audit events for the activities of the IPsec driver.
|
||||
description: The Advanced Security Audit policy setting, Audit IPsec Driver, determines if audit events are generated for the activities of the IPsec driver.
|
||||
ms.assetid: c8b8c02f-5ad0-4ee5-9123-ea8cdae356a5
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit IPsec Extended Mode (Windows 10)
|
||||
description: This topic for the IT professional describes the advanced security audit policy setting, Audit IPsec Extended Mode, which determines whether the operating system generates audit events for the results of the Internet Key Exchange (IKE) protocol and Authenticated Internet Protocol (AuthIP) during Extended Mode negotiations.
|
||||
description: The setting, Audit IPsec Extended Mode, determines if audit events are generated for the results of IKE protocol and AuthIP during Extended Mode negotiations.
|
||||
ms.assetid: 2b4fee9e-482a-4181-88a8-6a79d8fc8049
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit PNP Activity (Windows 10)
|
||||
description: This topic for the IT professional describes the advanced security audit policy setting, Audit PNP Activity, which determines when plug and play detects an external device.
|
||||
description: The advanced security audit policy setting, Audit PNP Activity, determines when plug and play detects an external device.
|
||||
ms.assetid: A3D87B3B-EBBE-442A-953B-9EB75A5F600E
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Security State Change (Windows 10)
|
||||
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Security State Change, which determines whether Windows generates audit events for changes in the security state of a system.
|
||||
description: The policy setting, Audit Security State Change, which determines whether Windows generates audit events for changes in the security state of a system.
|
||||
ms.assetid: decb3218-a67d-4efa-afc0-337c79a89a2d
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Special Logon (Windows 10)
|
||||
description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Special Logon, which determines whether the operating system generates audit events under special sign on (or log on) circumstances.
|
||||
description: The Advanced Security Audit policy setting, Audit Special Logon, determines if audit events are generated under special sign in (or logon) circumstances.
|
||||
ms.assetid: e1501bac-1d09-4593-8ebb-f311231567d3
|
||||
ms.reviewer:
|
||||
manager: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy. (Windows 10)
|
||||
description: Describes security event 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy.
|
||||
description: Details on security event 5027(F) The Windows Firewall Service was unable to retrieve the security policy from the local storage.
|
||||
ms.pagetype: security
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: 5148(F) The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded. (Windows 10)
|
||||
description: Describes security event 5148(F) The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded.
|
||||
description: Details on Security event 5148(F), The Windows Filtering Platform has detected a DoS attack and entered a defensive mode.
|
||||
ms.pagetype: security
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Threat & Vulnerability Management scenarios
|
||||
description: Learn how to use Threat & Vulnerability Management in the context of scenarios that Security Administrators encounter when you collaborate with IT Administrators and SecOps as you protect your organization from cybersecurity threats.
|
||||
description: Learn how Threat & Vulnerability Management can be used to help security admins, IT admins, and SecOps collaborate in defending against security threats.
|
||||
keywords: mdatp-tvm scenarios, mdatp, tvm, tvm scenarios, reduce threat & vulnerability exposure, reduce threat and vulnerability, improve security configuration, increase configuration score, increase threat & vulnerability configuration score, configuration score, exposure score, security controls
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Remediation and exception
|
||||
description: You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations or filing exceptions provided there are compensation controls. Threat & Vulnerability Management bridges the gap between security administration and IT administration during remediation process. It does so by creating a security task or ticket through integration with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM).
|
||||
description: Remediate security weaknesses and fill exceptions by integrating Microsoft Intune and Microsoft System Center Configuration Manager (SCCM).
|
||||
keywords: microsoft defender atp tvm remediation, mdatp tvm, threat & vulnerability management, threat & vulnerability management remediation, tvm remediation intune, tvm remediation sccm
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Interactive logon Number of previous logons to cache (in case domain controller is not available) (Windows 10)
|
||||
description: Describes the best practices, location, values, policy management and security considerations for the Interactive logon Number of previous logons to cache (in case domain controller is not available) security policy setting.
|
||||
description: Best practices and more for the security policy setting, Interactive logon Number of previous logons to cache (in case domain controller is not available).
|
||||
ms.assetid: 660e925e-cc3e-4098-a41e-eb8db8062d8d
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Microsoft network server Disconnect clients when logon hours expire (Windows 10)
|
||||
description: Describes the best practices, location, values, and security considerations for the Microsoft network server Disconnect clients when logon hours expire security policy setting.
|
||||
description: Best practices, location, values, and security considerations for the policy setting, Microsoft network server Disconnect clients when logon hours expire.
|
||||
ms.assetid: 48b5c424-9ba8-416d-be7d-ccaabb3f49af
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Network access Sharing and security model for local accounts (Windows 10)
|
||||
description: Describes the best practices, location, values, policy management and security considerations for the Network access Sharing and security model for local accounts security policy setting.
|
||||
description: Best practices, security considerations, and more for the security policy setting, Network access Sharing and security model for local accounts.
|
||||
ms.assetid: 0b3d703c-ea27-488f-8f59-b345af75b994
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Network security Allow Local System to use computer identity for NTLM (Windows 10)
|
||||
description: Describes the location, values, policy management, and security considerations for the Network security Allow Local System to use computer identity for NTLM security policy setting.
|
||||
description: Location, values, policy management, and security considerations for the policy setting, Network security Allow Local System to use computer identity for NTLM.
|
||||
ms.assetid: c46a658d-b7a4-4139-b7ea-b9268c240053
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: User Account Control Virtualize file and registry write failures to per-user locations (Windows 10)
|
||||
description: Describes the best practices, location, values, policy management and security considerations for the User Account Control Virtualize file and registry write failures to per-user locations security policy setting.
|
||||
description: Best practices, security considerations and more for the policy setting, User Account Control Virtualize file and registry write failures to per-user locations.
|
||||
ms.assetid: a7b47420-cc41-4b1c-b03e-f67a05221261
|
||||
ms.reviewer:
|
||||
ms.author: dansimp
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: WannaCrypt ransomware worm targets out-of-date systems
|
||||
description: In this blog, we provide an early analysis of the end-to-end ransomware attack. Please note this threat is still under investigation. The attack is still active, and there is a possibility that the attacker will attempt to react to our detection response.
|
||||
description: This is an early analysis of the WannaCrypt ransomware attack. Microsoft antimalware diagnostic data immediately picked up signs of this campaign in May 2017.
|
||||
keywords: wannacry, wannacrypt, wanna, ransomware
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.pagetype: security
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Understand AppLocker policy design decisions (Windows 10)
|
||||
description: This topic for the IT professional lists the design questions, possible answers, and ramifications of the decisions when you plan a deployment of application control policies by using AppLocker within a Windows operating system environment.
|
||||
description: Review some common considerations while you are planning to use AppLocker to deploy application control policies within a Windows environment.
|
||||
ms.assetid: 3475def8-949a-4b51-b480-dc88b5c1e6e6
|
||||
ms.reviewer:
|
||||
ms.author: macapara
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Authorize apps deployed with a WDAC managed installer (Windows 10)
|
||||
description: Explains how you can use a managed installer to automatically authorize applications deployed and installed by a designated software distribution solution, such as System Center Configuration Manager.
|
||||
description: Learn how to use a managed installer to automatically authorize apps added by a designated software distribution solution, such as SCCM.
|
||||
keywords: whitelisting, security, malware
|
||||
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
|
||||
ms.prod: w10
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user