deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-19 12:23:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/master' into rs2

Browse Source
This commit is contained in:
jdeckerMS
2017-02-14 10:57:20 -08:00
parent c42d8382bb 625383a844
commit f3d583bf9c
10 changed files with 57 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
windows/keep-secure/bcd-settings-and-bitlocker.md
View File

@ -131,6 +131,7 @@ This following is a full list of BCD settings with friendly names which are igno
| 0x15000052 | all| graphicsresolution|
| 0x15000065 | all| displaymessage|
| 0x15000066| all| displaymessageoverride|
| 0x15000081 | all| logcontrol|
| 0x16000009 | all| recoveryenabled|
| 0x1600000b | all| badmemoryaccess|
| 0x1600000f | all| traditionalkseg|

2
windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
View File

@ -52,7 +52,7 @@ You'll need to configure HP ArcSight so that it can consume Windows Defender ATP
## Configure HP ArcSight
The following steps assume that you have completed all the required steps in [Before you begin](#before-you-begin). For more information, see the ArcSight FlexConnector Developer's guide.
1. Save the [WDATP-connector.jsonparser.properties file](http://download.microsoft.com/download/0/8/A/08A4957D-0923-4353-B25F-395EAE363E8C/WDATP-connector.jsonparser.properties) file into the connector installation folder. The
1. Save the [WDATP-connector.jsonparser.properties file](http://download.microsoft.com/download/0/8/A/08A4957D-0923-4353-B25F-395EAE363E8C/WDATP-connector.jsonparser.properties) file into the connector installation folder.
2. Save the [WDATP-connector.properties](http://download.microsoft.com/download/3/9/C/39C703C2-487C-4C3E-AFD8-14C2253C2F12/WDATP-connector.properties) file into the `<root>\current\user\agent\flexagent` folder of the connector installation folder.

35
windows/keep-secure/troubleshoot-windows-defender-advanced-threat-protection.md
View File

@ -26,40 +26,15 @@ This section addresses issues that might arise as you use the Windows Defender A
If you encounter a server error when trying to access the service, youll need to change your browser cookie settings.
Configure your browser to allow cookies.
### No data is shown on the portal
If no data is displayed on the Dashboard portal even if no errors were encountered in the portal logs or in the browser console, you'll need to whitelist the threat intelligence, data access, and detonation endpoints that also use this protocol.
### Data is missing on the portal
If data is missing on the Windows Defender ATP portal its possible that proxy settings are blocking it.
Make sure that `*.securitycenter.windows.com` is included the proxy whitelist.
> [!NOTE]
> You must use the HTTPS protocol when adding the following endpoints.
Depending on your region, add the following endpoints to the whitelist:
U.S. region:
- daasmon-cus-prd.cloudapp.net
- daasmon-eus-prd.cloudapp.net
- dataaccess-cus-prd.cloudapp.net
- dataaccess-eus-prd.cloudapp.net
- threatintel-cus-prd.cloudapp.net
- threatintel-eus-prd.cloudapp.net
- winatpauthorization.windows.com
- winatpfeedback.windows.com
- winatpmanagement.windows.com
- winatponboarding.windows.com
- winatpservicehealth.windows.com
EU region:
- dataaccess-neu-prd.cloudapp.net
- dataaccess-weu-prd.cloudapp.net
- threatintel-neu-prd.cloudapp.net
- threatintel-weu-prd.cloudapp.net
- winatpauthorization.windows.com
- winatpfeedback.windows.com
- winatpmanagement.windows.com
- winatponboarding.windows.com
- winatpservicehealth.windows.com
### Windows Defender ATP service shows event or error logs in the Event Viewer
See the topic [Review events and errors on endpoints with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md) for a list of event IDs that are reported by the Windows Defender ATP service. The topic also contains troubleshooting steps for event errors.

2
windows/manage/manage-windows-10-in-your-organization-modern-management.md
View File

@ -81,7 +81,7 @@ You can envision user and device management as falling into these two categories
Domain joined PCs and tablets can continue to be managed with the [System Center Configuration Manager](https://docs.microsoft.com/sccm/core/understand/introduction) client or Group Policy.
For more information about how Windows 10 and Azure AD optimize access to work resources across a mix of devices and scenarios, see [Using Windows 10 devices in your workplace](https://azure.microsoft.com/en-us/documentation/articles/active-directory-azureadjoin-windows10-devices/).
For more information about how Windows 10 and Azure AD optimize access to work resources across a mix of devices and scenarios, see [Using Windows 10 devices in your workplace](https://azure.microsoft.com/documentation/articles/active-directory-azureadjoin-windows10-devices/).
As you review the roles in your organization, you can use the following generalized decision tree to begin to identify users or devices that require domain join. Consider switching the remaining users to Azure AD.

14
windows/manage/mandatory-user-profile.md
View File

@ -60,7 +60,7 @@ First, you create a default user profile with the customizations that you want,
3. [Create an answer file (Unattend.xml)](https://msdn.microsoft.com/library/windows/hardware/dn915085.aspx) that sets the [CopyProfile](https://msdn.microsoft.com/library/windows/hardware/dn922656.aspx) parameter to **True**. The CopyProfile parameter causes Sysprep to copy the currently signed-on users profile folder to the default user profile. You can use [Windows System Image Manager](https://msdn.microsoft.com/library/windows/hardware/dn922445.aspx), which is part of the Windows Assessment and Deployment Kit (ADK) to create the Unattend.xml file.
3. Use the [Remove-AppxProvisionedPackage](https://technet.microsoft.com/library/dn376476%28v=wps.620%29.aspx) cmdlet in Windows PowerShell to uninstall the following applications:
3. For devices running Windows 10, use the [Remove-AppxProvisionedPackage](https://technet.microsoft.com/library/dn376476%28v=wps.620%29.aspx) cmdlet in Windows PowerShell to uninstall the following applications:
- Microsoft.windowscommunicationsapps_8wekyb3d8bbwe
- Microsoft.BingWeather_8wekyb3d8bbwe
@ -146,14 +146,14 @@ It may take some time for this change to replicate to all domain controllers.
## Apply policies to improve sign-in time
When a user is configured with a mandatory profile, Windows 10 starts as though it was the first sign-in each time the user signs in. To improve sign-in performance for users with mandatory user profiles, apply the following Group Policy settings.
- Computer Configuration > Administrative Templates > System > Logon > **Show first sign-in animation** = Disabled
- Computer Configuration > Administrative Templates > Windows Components > Search > **Allow Cortana** = Disabled
- Computer Configuration > Administrative Templates > Windows Components > Cloud Content > **Turn off Microsoft consumer experience** = Enabled
When a user is configured with a mandatory profile, Windows 10 starts as though it was the first sign-in each time the user signs in. To improve sign-in performance for users with mandatory user profiles, apply the Group Policy settings shown in the following table. (The table shows which operating system versions each policy setting can apply to.)
| Group Policy setting | Windows 10 | Windows Server 2016 | Windows 8.1 | Windows Server 2012 |
| --- | --- | --- | --- | --- |
| Computer Configuration > Administrative Templates > System > Logon > **Show first sign-in animation** = Disabled | ![supported](images/checkmark.png) | ![supported](images/checkmark.png) | ![supported](images/checkmark.png) | ![supported](images/checkmark.png) |
| Computer Configuration > Administrative Templates > Windows Components > Search > **Allow Cortana** = Disabled | ![supported](images/checkmark.png) | ![supported](images/checkmark.png) | ![not supported](images/crossmark.png) | ![not supported](images/crossmark.png) |
| Computer Configuration > Administrative Templates > Windows Components > Cloud Content > **Turn off Microsoft consumer experience** = Enabled | ![supported](images/checkmark.png) | ![not supported](images/crossmark.png) | ![not supported](images/crossmark.png) | ![not supported](images/crossmark.png) |

4
windows/manage/windows-spotlight.md
View File

@ -21,6 +21,10 @@ Windows Spotlight is an option for the lock screen background that displays diff
For managed devices running Windows 10 Enterprise and Windows 10 Education, enterprise administrators can configure a mobile device management (MDM) or Group Policy setting to prevent users from using the Windows Spotlight background. For managed devices running Windows 10 Pro, version 1607, administrators can disable suggestions for third party apps.
>[!NOTE]
>In Windows 10, version 1607, the lock screen background does not display if you disable the **Animate windows when minimizing and mazimizing** setting in **This PC** > **Properties** > **Advanced system settings** > **Performance settings** > **Visual Effects**, or if you enable the Group Policy setting **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Desktop Windows Manager** > **Do not allow windows animations**.
## What does Windows Spotlight include?