Merge branch 'master' into live

2025-06-18 03:43:39 +00:00 · 2016-08-29 10:02:27 -07:00
parent e934ba71f2 47c3a03ad2
commit fc80774647
8 changed files with 36 additions and 12 deletions
--- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md
@ -26,12 +26,19 @@ The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to repo

 The embedded Windows Defender ATP sensor runs in system context using the LocalSystem account. The sensor uses Microsoft Windows HTTP Services (WinHTTP) to enable communication with the Windows Defender ATP cloud service.

-The WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery method:
+The WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery methods:

 - Configure the proxy server manually using a static proxy

-## Configure the proxy server manually using a static proxy
-Configure a static proxy to allow only Windows Defender ATP sensor to report telemetry and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet.
+    - Auto-discovery methods:
+        - Transparent proxy
+
+    - Manual static proxy configuration
+      - WinHTTP configured using netsh command
+      -	Registry based configuration
+
+## Configure the proxy server manually using a registry-based static proxy
+Configure a registry-based static proxy to allow only Windows Defender ATP sensor to report telemetry and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet.

 The static proxy is configurable through Group Policy (GP). The group policy can be found under: **Administrative Templates > Windows Components > Data Collection and Preview Builds > Configure connected user experiences and telemetry**.

@ -46,6 +53,25 @@ For example: 10.0.0.6:8080

 If the static proxy settings are configured after onboarding, then you must restart the PC to apply the proxy settings.

+## Configure the proxy server manually using netsh command
+
+Use netsh to configure a system-wide static proxy.
+
+> [!NOTE]
+> This will affect all applications including Windows services which use WinHTTP with default proxy.
+
+1. Open an elevated command-line:
+
+    a. Go to **Start** and type **cmd**.
+
+    b. Right-click **Command prompt** and select **Run as administrator**.
+
+4. Enter the following command and press **Enter**:
+```
+netsh winhttp set proxy <proxy>:<port>
+```
+For example: netsh winhttp set proxy 10.0.0.6:8080
+
 ## Enable access to Windows Defender ATP service URLs in the proxy server
 If a proxy or firewall is blocking all traffic by default and allowing only specific domains through, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service in port 80 and 443:

--- a/windows/keep-secure/manage-tpm-lockout.md
+++ b/windows/keep-secure/manage-tpm-lockout.md
@ -29,11 +29,12 @@ The industry standards from the Trusted Computing Group (TCG) specify that TPM m
 **TPM 2.0**
 TPM 2.0 devices have standardized lockout behavior which is configured by Windows. TPM 2.0 devices have a maximum count threshold and a healing time. Windows configures the maximum count to be 32 and the healing time to be 2 hours. This means that every continuous two hours of powered on operation without an event which increases the counter will cause the counter to decrease by 1.

-If your TPM has entered lockout mode or is responding slowly to commands, you can reset the lockout value by using the following procedures. Resetting the TPM lockout requires the TPM owner’s authorization.
+If your TPM has entered lockout mode or is responding slowly to commands, you can reset the lockout value by using the following procedures. Resetting the TPM lockout requires the TPM owner’s authorization.  This value is no longer retained by default starting with Windows 10 version 1607.

 ## Reset the TPM lockout by using the TPM MMC
+**Note:** This procedure is only available if you have configured Windows to retain the TPM Owner Password. By default, this password is not available in Windows 10 starting with version 1607.

-The following procedure explains the steps to reset the TPM lockout by using the TPM MMC.  Note that this procedure is only available if you have configured Windows to retain the TPM owner password. By default, this behavior is not available in Windows 10.
+The following procedure explains the steps to reset the TPM lockout by using the TPM MMC.  

 **To reset the TPM lockout**

--- a/windows/manage/TOC.md
+++ b/windows/manage/TOC.md
@ -35,7 +35,6 @@
 ## [Join Windows 10 Mobile to Azure Active Directory](join-windows-10-mobile-to-azure-active-directory.md)
 ## [Configure devices without MDM](configure-devices-without-mdm.md)
 ## [Windows 10 servicing options](introduction-to-windows-10-servicing.md)
-## [Application development for Windows as a service](application-development-for-windows-as-a-service.md)
 ## [Application Virtualization (App-V) for Windows](appv-for-windows.md)
 ### [Getting Started with App-V](appv-getting-started.md)
 #### [What's new in App-V](appv-about-appv.md)
--- a/windows/manage/application-development-for-windows-as-a-service.md
+++ b/windows/manage/application-development-for-windows-as-a-service.md
@ -7,6 +7,7 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security, servicing
 author: jdeckerMS
+redirect_url: https://msdn.microsoft.com/windows/uwp/get-started/application-development-for-windows-as-a-service
 ---

 # Application development for Windows as a service
--- a/windows/manage/change-history-for-manage-and-update-windows-10.md
+++ b/windows/manage/change-history-for-manage-and-update-windows-10.md
@ -19,6 +19,7 @@ This topic lists new and updated topics in the [Manage and update Windows 10](in
 | --- | --- |
 | [Configure Windows 10 taskbar](configure-windows-10-taskbar.md) | Updated sample XML for combined Start and taskbar layout; added note to explain the difference between applying taskbar configuration by Group Policy and by provisioning package |
 | [Set up a kiosk on Windows 10 Pro, Enterprise, or Education](set-up-a-kiosk-for-windows-10-for-desktop-editions.md) | Updated instructions for exiting assigned access mode. |
+| Application development for Windows as a service  |  Topic moved to MSDN: [Application development for Windows as a service](https://msdn.microsoft.com/windows/uwp/get-started/application-development-for-windows-as-a-service)

 ## RELEASE: Windows 10, version 1607

--- a/windows/manage/index.md
+++ b/windows/manage/index.md
@ -60,10 +60,6 @@ Learn about managing and updating Windows 10.
 <td align="left"><p>[Windows 10 servicing options](introduction-to-windows-10-servicing.md)</p></td>
 <td align="left"><p>This article describes the new servicing options available in Windows 10, Windows 10 Mobile, and Windows 10 IoT Core (IoT Core) and how they enable enterprises to keep their devices current with the latest feature upgrades. It also covers related topics, such as how enterprises can make better use of Windows Update, and what the new servicing options mean for support lifecycles.</p></td>
 </tr>
-<tr class="odd">
-<td align="left"><p>[Application development for Windows as a service](application-development-for-windows-as-a-service.md)</p></td>
-<td align="left"><p>In today’s environment, where user expectations frequently are set by device-centric experiences, complete product cycles need to be measured in months, not years. Additionally, new releases must be made available on a continual basis, and must be deployable with minimal impact on users. Microsoft designed Windows 10 to meet these requirements by implementing a new approach to innovation, development, and delivery called [Windows as a service (WaaS)](introduction-to-windows-10-servicing.md). The key to enabling significantly shorter product cycles while maintaining high quality levels is an innovative community-centric approach to testing that Microsoft has implemented for Windows 10. The community, known as Windows Insiders, is comprised of millions of users around the world. When Windows Insiders opt in to the community, they test many builds over the course of a product cycle and provide feedback to Microsoft through an iterative methodology called flighting.</p></td>
-</tr>
 <tr class="even">
 <td align="left"><p>[Application Virtualization for Windows (App-V)](appv-for-windows.md)</p></td>
 <td align="left"><p>When you deploy Application Virtualization (App-V) in your orgnazation, you can deliver Win32 applications to users as virtual applications. Virtual applications are installed on centrally managed servers and delivered to users as a service – in real time and on as as-needed basis. Users launch virtual applications from familiar access points, including the Windows Store, and interact with them as if they were installed locally.</p></td>
--- a/windows/manage/reset-a-windows-10-mobile-device.md
+++ b/windows/manage/reset-a-windows-10-mobile-device.md
@ -19,7 +19,7 @@ localizationpriority: high

 There are two methods for resetting a Windows 10 Mobile device: factory reset and "wipe and persist" reset.

-   **Factory reset** restores the state of the device back to its first-boot state plus any update packages. The reset will not return device to the original factory state. To return the device to the original factory state, you must flash it with the original factory image.All the provisioning applied to the device by the enterprise will be lost and will need to be re-applied if needed. For details on what is removed or persists, see [Resetting a mobile device](http://go.microsoft.com/fwlink/p/?LinkID=703715).
+-   **Factory reset** restores the state of the device back to its first-boot state plus any update packages. The reset will not return device to the original factory state. To return the device to the original factory state, you must flash it with the original factory image by using the [Windows Device Recovery Tool](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). All the provisioning applied to the device by the enterprise will be lost and will need to be re-applied if needed. For details on what is removed or persists, see [Resetting a mobile device](http://go.microsoft.com/fwlink/p/?LinkID=703715).
 -   **"Wipe and persist" reset** preserves all the provisioning applied to the device before the reset. After the "wipe and persist" reset, all the preserved provisioning packages are automatically applied on the device and the data in the enterprise shared storage folder \\Data\\SharedData\\Enterprise\\Persistent is restored in that folder. For more information on the enterprise shared storage folder, see [EnterpriseExtFileSystem CSP](http://go.microsoft.com/fwlink/p/?LinkId=703716).

 You can trigger a reset using your mobile device management (MDM) service, or a user can trigger a reset in the user interface (UI) or by using hardware buttons.