ce500fde9b
* Updated deployment-vdi-windows-defender-antivirus.md * Updated deployment-vdi-windows-defender-antivirus.md * Updated deployment-vdi-windows-defender-antivirus.md * updates for new vdi stuff * Adding important note to solve #3493 * Update windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Typo "<"→"<", ">"→">" https://docs.microsoft.com/en-us/windows/application-management/manage-windows-mixed-reality * Issue #2297 * Update windows/security/identity-protection/hello-for-business/hello-identity-verification.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Clarification * Update windows/security/identity-protection/hello-for-business/hello-identity-verification.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Update windows/security/identity-protection/hello-for-business/hello-identity-verification.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * update troubleshoot-np.md * update configure-endpoints-gp.md * Removing a part which is not supported * Name change * update troubleshoot-np.md * removed on-premises added -hello * Added link into Domain controller guide * Line corections * corrected formatting of xml code samples When viewing the page in Win 10/Edge, the xml code samples stretched across the page, running into the side menu. The lack of line breaks also made it hard to read. This update adds line breaks and syntax highlighting, replaces curly double quotes with standard double quotes, and adds a closing tag for <appv:appconnectiongroup>for each code sample * Update windows/security/identity-protection/hello-for-business/hello-identity-verification.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Update windows/deployment/update/waas-delivery-optimization-reference.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Update windows/deployment/update/waas-delivery-optimization-reference.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * corrected formating of XML examples The XML samples here present the same formatting problems as in about-the-connection-group-file51.md (see https://github.com/MicrosoftDocs/windows-itpro-docs/pull/3847/) Perhaps we should open an issue to see if we have more versions of this code sample in the docs * corrected formatting of XML example section In the XML example on this page, the whitespace had been stripped out, so there were no spaces between adjacent attribute values or keys. This made it hard to read, though the original formatting allowed for a scroll bar, so the text was not running into the side of the page (compare to https://github.com/MicrosoftDocs/windows-itpro-docs/pull/3847 and https://github.com/MicrosoftDocs/windows-itpro-docs/pull/3850, where the uncorrected formatting forced the text to run into the side menu). * update configure-endpoints-gp.md * Fixed error in registry path and improved description * Update windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-dir-sync.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> * Removing extra line in 25 Suggested by * update windows-analytics-azure-portal.md * re: broken links, credential-guard-considerations Context: * #3513, MVA is being retired and producing broken links * #3860 Microsoft Virtual Academy video links This page contains two links to deprecated video content on Microsoft Virtual Academy (MVA). MVA is being retired. In addition, the Deep Dive course the two links point to is already retired, and no replacement course exists. I removed the first link, as I could not find a similar video available describing which credentials are covered by credential guard. I replaced the second link with a video containing similar material, though it is not a "deep dive". Suggestions on handling this problem, as many pages contain similar links, would be appreciated,. * removed link to retired video re: #3867 Context: * #3513, MVA is being retired and producing broken links * #3867, Microsoft Virtual Academy video links This page contains a broken link to deprecated video content on Microsoft Virtual Academy (MVA). MVA is being retired. In addition, the Deep Dive course is already retired, and no replacement course exists. I removed the whole _See Also_ section, as I could not find a video narrowly or deeply addressing how to protect privelaged users with Credential Guard. The most likely candidate is too short and general: https://www.linkedin.com/learning/cism-cert-prep-1-information-security-governance/privileged-account-management * addressing broken mva links, #3817 Context: * #3513, MVA is being retired and producing broken links * #3817, Another broken link This page contains two links to deprecated video content on Microsoft Virtual Academy (MVA). MVA is being retired. In addition, the Deep Dive course the two links point to is already retired, and no replacement course exists. I removed the first link, as we no longer have a video with similar content for a similar audience. The most likely candidate is https://www.linkedin.com/learning/programming-foundations-web-security-2/types-of-credential-attacks, which is more general and for a less technical audience. I removed the second link and the _See Also_ section, as I could not find a similar video narrowly focused on which credentials are covered by Credential Guard. Most of the related material available now describes how to perform a task. * Update deployment-vdi-windows-defender-antivirus.md * typo fix re: #3876; DMSA -> DSMA * Addressing dead MVA links, #3818 This page, like its fellows in the mva-links label, contains links to a retired video course on a website that is retiring soon. The links listed by the user in issue #3818 were also on several other pages, related to Credentials Guard. These links were addressed in the pull requests #3875, #3872, and #3871 Credentials threat & lateral threat link: removed (see PR #3875 for reasoning) Virtualization link: replaced (see #3871 for reasoning) Credentials protected link: removed (see #3872 for reasoning) * Adding notes for known issue in script Solves #3869 * Updated the download link admx files Windows 10 Added link for April 2018 and Oct 2018 ADMX files. * added event logs path Referenced : https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard * Update browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md Suggestions applied. Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md Co-Authored-By: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> * Update deployment-vdi-windows-defender-antivirus.md * screenshot update * Add files via upload * update 4 scrrenshots * Update deployment-vdi-windows-defender-antivirus.md * Update browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Update browsers/internet-explorer/ie11-deploy-guide/administrative-templates-and-ie11.md Co-Authored-By: Nicole Turner <39884432+nenonix@users.noreply.github.com> * Re: #3909 Top link is broken, #3909 > The link here does not work: > Applies to: Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) The link to the pdf describing MDATP was broken. Thankfully, PR #2897 updated the same link in another page some time ago, so I didn't have to go hunting for an equivalent * CI Update * Updated as per task 3405344 * Updated author * Update windows-analytics-azure-portal.md * added the example query * Updated author fields * Update office-csp.md * update video for testing * update video * Update surface-hub-site-readiness-guide.md line 134 Fixed video link MD formatting * fixing video url * updates from Albert * Bulk replaced author to manikadhiman * Bulk replaced ms.author to v-madhi * Latest content is published (#371) * Added 1903 policy DDF link and fixed a typo * Reverted the DDF version * Latest update (#375) * Update deployment-vdi-windows-defender-antivirus.md * Update deployment-vdi-windows-defender-antivirus.md
11 KiB
title, description, ms.assetid, ms.reviewer, manager, ms.author, ms.prod, ms.mktglfcycl, ms.sitesec, author, ms.date, ms.topic
| title | description | ms.assetid | ms.reviewer | manager | ms.author | ms.prod | ms.mktglfcycl | ms.sitesec | author | ms.date | ms.topic |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Customize USMT XML Files (Windows 10) | Customize USMT XML Files | d58363c1-fd13-4f65-8b91-9986659dc93e | dansimp | lomayor | w10 | deploy | library | lomayor | 04/19/2017 | article |
Customize USMT XML Files
In This Topic
Overview
If you want the ScanState and LoadState tools to use any of the migration .xml files, specify these files at the command line using the /i option. Because the ScanState and LoadState tools need the .xml files to control the migration, specify the same set of .xml files for both the ScanState and LoadState commands. However, you do not have to specify the Config.xml file with the /config option, unless you want to exclude some of the files and settings that you migrated to the store. For example, you might want to migrate the My Documents folder to the store but not to the destination computer. To do this, modify the Config.xml file and specify the updated file with the LoadState command. Then the LoadState command will migrate only the files and settings that you want to migrate.
If you leave out an .xml file from the LoadState command, all of the data in the store that was migrated with the missing .xml files will be migrated. However, the migration rules that were specified with the ScanState command will not apply. For example, if you leave out an .xml file, and it contains a rerouting rule such as: MigsysHelperFunction.RelativeMove("c:\data", "%CSIDL_PERSONAL%"), USMT will not reroute the files, and they will be migrated to C:\data.
To modify the migration, do one or more of the following.
-
Modify the migration .xml files. If you want to exclude a portion of a component—for example, you want to migrate C:\ but exclude all of the .mp3 files—or if you want to move data to a new location on the destination computer, modify the .xml files. To modify these files, you must be familiar with the migration rules and syntax. If you want ScanState and LoadState to use these files, specify them at the command line when each command is entered.
-
Create a custom .xml file. You can also create a custom .xml file to migrate settings for another application, or to change the migration behavior to suit your needs. For ScanState and LoadState to use this file, specify them on both command lines.
-
Create and modify a Config.xml file. Do this if you want to exclude an entire component from the migration. For example, you can use a Config.xml file to exclude the entire My Documents folder, or exclude the settings for an application. Excluding components using a Config.xml file is easier than modifying the migration .xml files because you do not need to be familiar with the migration rules and syntax. In addition, using a Config.xml file is the only way to exclude the operating system settings from being migrated.
For more information about excluding data, see the Exclude Files and Settings topic.
Migration .xml Files
This section describes the migration .xml files that are included with USMT. Each file contains migration rules that control which components are migrated and where they are migrated to on the destination computer.
Note You can use the asterisk (*) wildcard character in each of these files. However, you cannot use a question mark (?) as a wildcard character.
-
The MigApp.xml file. Specify this file with both the ScanState and LoadState commands to migrate application settings.
-
The MigDocs.xml file. Specify this file with both the ScanState and LoadState tools to migrate all user folders and files that are found by the MigXmlHelper.GenerateDocPatterns helper function. This helper function finds user data that resides on the root of any drive and in the Users directory. However, it does not find and migrate any application data, program files, or any files in the Windows directory. You can modify the MigDocs.xml file.
-
The MigUser.xml file. Specify this file with both the ScanState and LoadState commands to migrate user folders, files, and file types. You can modify the MigUser.xml file. This file does not contain rules that migrate specific user accounts. The only way to specify which user accounts to migrate is on the command line using the ScanState and the LoadState user options.
Note Do not use the MigUser.xml and MigDocs.xml files together. For more information, see the Identify File Types, Files, and Folders and USMT Best Practices topics.
Custom .xml Files
You can create custom .xml files to customize the migration for your unique needs. For example, you may want to create a custom file to migrate a line-of-business application or to modify the default migration behavior. If you want ScanState and LoadState to use this file, specify it with both commands. For more information, see the How to Create a Custom .xml File topic.
The Config.xml File
The Config.xml file is an optional file that you create using the /genconfig option with the ScanState command. You should create and modify this file if you want to exclude certain components from the migration. In addition, you must create and modify this file if you want to exclude any of the operating system settings from being migrated. The Config.xml file format is different from that of the migration .xml files because it does not contain any migration rules. It contains only a list of the operating system components, applications, and the user documents that can be migrated. For an example, see the Config.xml File topic. For this reason, excluding components using this file is easier than modifying the migration .xml files because you do not need to be familiar with the migration rules and syntax. However, you cannot use wildcard characters in a Config.xml file.
If you want to include all of the default components, you do not need to create the Config.xml file. Alternatively, if you are satisfied with the default migration behavior defined in the MigApp.xml, MigDocs.xml, and MigUser.xml files, and you want to exclude only some components, you can create and modify a Config.xml file and leave the other .xml files in their original state.
When you run the ScanState command with the /genconfig option, ScanState reads the other .xml files that you specify using the /i option to create a custom list of components that can be migrated from the computer. This file will contain only operating system components, applications, and the user document sections that are in both of the .xml files and that are installed on the computer when you run the ScanState command with the /genconfig option. Therefore, you should create this file on a source computer that contains all of the components, applications, and settings that will be present on the destination computers. This will ensure that this file contains every component that can be migrated. The components are organized into sections: <Applications>, <WindowsComponents>, and <Documents>. To choose not to migrate a component, change its entry to migrate="no".
After you create this file, you need to specify it only with the ScanState command using the /Config option for it to affect the migration. However, if you want to exclude additional data that you migrated to the store, modify the Config.xml file and specify the updated file with the LoadState command. For example, if you collected the My Documents folder in the store, but you decide that you do not want to migrate the My Documents folder to a destination computer, you can modify the Config.xml file to indicate migrate="no" before you run the LoadState command, and the file will not be migrated. For more information about the precedence that takes place when excluding data, see the Exclude Files and Settings topic.
In addition, note the following functionality with the Config.xml file:
-
If a parent component is removed from the migration in the Config.xml file by specifying
migrate="no", all of its child components will automatically be removed from the migration, even if the child component is set tomigrate="yes". -
If you mistakenly have two lines of code for the same component where one line specifies
migrate="no"and the other line specifiesmigrate="yes", the component will be migrated. -
In USMT there are several migration policies that can be configured in the Config.xml file. For example, you can configure additional <ErrorControl>, <ProfileControl>, and <HardLinkStoreControl> options. For more information, see the Config.xml File topic.
Note To exclude a component from the Config.xml file, set the migrate value to "no". Deleting the XML tag for the component from the Config.xml file will not exclude the component from your migration.
Examples
-
The following command creates a Config.xml file in the current directory, but it does not create a store:
scanstate /i:migapp.xml /i:migdocs.xml /genconfig:config.xml /v:5 -
The following command creates an encrypted store using the Config.xml file and the default migration .xml files:
scanstate \\server\share\migration\mystore /i:migapp.xml /i:migdocs.xml /o /config:config.xml /v:5 /encrypt /key:"mykey" -
The following command decrypts the store and migrates the files and settings:
loadstate \\server\share\migration\mystore /i:migapp.xml /i:migdocs.xml /v:5 /decrypt /key:"mykey"
Additional Information
-
For more information about how to change the files and settings that are migrated, see the User State Migration Tool (USMT) How-to topics.
-
For more information about each .xml element, see the XML Elements Library topic.
-
For answers to common questions, see ".xml files" in the Frequently Asked Questions topic.