Updates from: 03/28/2024 02:25:13
Category Microsoft Docs article Related commit history on GitHub Change details
microsoft-365-copilot-page Microsoft 365 Copilot Page https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/microsoft-365-copilot-page.md
To turn on or turn off Copilot for Microsoft 365 in Bing, Edge, and Windows, fol
4. Run the PowerShell script. 5. Follow the instructions prompted by the script. 6. The cmdlet prompts you to sign in with your Entra ID account, which must be a Search Admin or Global Admin account.
-7. To get the current status of Copilot for Microsoft 365 in Bing, Edge, and Windows in your tenant, run: ΓÇÿ*.\ConfigureM365Copilot.ps1*ΓÇÖ.
-8. To turn on Copilot for Microsoft 365 in Bing, Edge, and Windows, run: ΓÇÿ*.\ConfigureM365Copilot.ps1 -enable $true*ΓÇÖ.
-9. To turn off Copilot for Microsoft 365 in Bing, Edge, and Windows, run: ΓÇÿ*.\ConfigureM365Copilot.ps1 -enable $false*ΓÇÖ.
-10. If you encounter a problem, try running the script again. If the problem persists, you can contact support.
+7. Follow these steps:
+
+ - To get the **current status** of Copilot for Microsoft 365 in Bing, Edge, and Windows in your tenant, run: *'.\ConfigureM365Copilot.ps1'*
+ - To **turn on** Copilot for Microsoft 365 in Bing, Edge, and Windows, run: *'.\ConfigureM365Copilot.ps1 -enable $true'*
+ - To **turn off** Copilot for Microsoft 365 in Bing, Edge, and Windows, run: *'.\ConfigureM365Copilot.ps1 -enable $false'*
+8. If you encounter a problem, try running the script again. If the problem persists, you can contact support.
### Manage plugins that work with Microsoft Copilot for Microsoft 365
admin Microsoft 365 Copilot Organizational Messages https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/activity-reports/microsoft-365-copilot-organizational-messages.md
There are certain policies, if not configured properly, that can block the deliv
In the Microsoft 365 admin center, go to **Reports** > **Usage > Copilot for Microsoft 365**. Select **Schedule message** within the recommendation card and follow these steps to create an Organizational message:
admin Add Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/add-users.md
Check out this video and others on our [YouTube channel](https://go.microsoft.co
::: moniker range="o365-worldwide"
-1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
::: moniker-end
If you're seeing this page in the admin center, you're on the **admin simplified
::: moniker range="o365-worldwide"
-1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
::: moniker-end
admin Admin Center Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/admin-center-overview.md
The <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">
Specialist workspaces, like Security or Device management, allow for more granular control. For more information about how the admin centers work together, see [What about the specific types of IT roles and other workspaces like Security, Device Management, or Exchange?](#what-about-the-specific-types-of-it-roles-and-other-workspaces-like-security-device-management-or-exchange) in this article.
-To get to the Microsoft 365 admin center, go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">admin.cloud.microsoft.com</a> or, if you're already signed in, select the app launcher, and choose **Admin**.
+To get to the Microsoft 365 admin center, go to <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">admin.cloud.microsoft</a> or, if you're already signed in, select the app launcher, and choose **Admin**.
On the home page, you can create cards for tasks that you perform frequently. To add a new card, select **Add card**, then select the plus sign next to the card you want to add. When you are finished, close the window. You can rearrange the cards by selecting and then dragging them to where you want. To remove a card, select the three dots (more actions), and then choose **Remove**.
If you have no idea who to contact at your work or school for help, try asking t
## Turn on Targeted release
-1. Sign in at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">admin.cloud.microsoft.com</a>, go to the navigation pane and select **Settings** > **Org settings** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=2067339" target="_blank">**Organization profile** tab</a>.
+1. Sign in at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">admin.cloud.microsoft</a>, go to the navigation pane and select **Settings** > **Org settings** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=2067339" target="_blank">**Organization profile** tab</a>.
2. Go to the **Release preferences** card, and then select **Edit**.
admin Organizational Messages https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/adoption/organizational-messages.md
The desktop teaching call-out is supported by Microsoft 365 Consumer and Commerc
*The user sees an in-product notification recommending they save to OneDrive more.* *The user sees an in-product notification recommending they use interactive features during Teams meetings.*
admin Set Up https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/basic-mobility-security/set-up.md
Have questions? For a FAQ to help address common questions, see [Basic Mobility
1. Sign in to Microsoft 365 with your global admin account.
-2. Go to <a href="https://admin.cloud.microsoft.com/EAdmin/Device/IntuneInventory.aspx" target="_blank">Activate Basic Mobility and Security</a>.
+2. Go to <a href="https://admin.cloud.microsoft/EAdmin/Device/IntuneInventory.aspx" target="_blank">Activate Basic Mobility and Security</a>.
It can take some time to activate Basic Mobility and Security. When it finishes, select **Manage devices** on the page. You'll also receive an email that explains the next steps to take if you don't see the Manage devices page.
admin Manage Groups https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/create-groups/manage-groups.md
description: "Learn to manage Microsoft 365 Groups, including adding remove grou
After you have [created a Microsoft 365 group](create-groups.md) and added group members, you can configure your group. You can edit the group name or description, manage owners or members, and specify whether external senders can email the group and whether to send copies of group conversations to members.
-Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
## Edit the group name or description
admin Get Help Support https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-support.md
Save time by starting your service request online. We can help you find a soluti
> [!IMPORTANT] > You must have bought at least one subscription through Microsoft to access Microsoft support. If you bought all your subscriptions through a partner, contact your partner for support.
-1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>. If you get a message that says you don't have permission to access this page or perform this action, you aren't an admin. For more information, see [Who has admin permissions in my business?](../admin/admin-overview/admin-center-overview.md#who-has-admin-permissions-in-my-business).
+1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>. If you get a message that says you don't have permission to access this page or perform this action, you aren't an admin. For more information, see [Who has admin permissions in my business?](../admin/admin-overview/admin-center-overview.md#who-has-admin-permissions-in-my-business).
2. On the bottom right side of the page, select **Help & support**. 3. Type a question or keyword into the text box. If you get a drop-down list, select the one closest to your question, or continue typing your question, then press **Enter**. 4. If the results don't help, at the bottom, select **Contact Support**.
admin Pin Apps To App Launcher https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/pin-apps-to-app-launcher.md
For more information about the app launcher and Microsoft365.com, see [meet the
> [!NOTE] > Microsoft 365 apps are excluded from this list since theyΓÇÖre already displayed in the App launcher.
-1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
2. In the left nav, choose **Show all**, and under **Admin centers**, choose **Microsoft Entra**. 3. In Microsoft Entra admin center, under **Microsoft Entra ID (Azure AD)**, choose **Go to Microsoft Entra ID**. 4. In the left nav, select **Applications** and then **Enterprise applications**.
For more information about the app launcher and Microsoft365.com, see [meet the
> [!NOTE] > The user interface will indicate if you need need to purchase additional Microsoft Entra ID licenses to use this feature. For more information see [Microsoft Entra pricing](https://azure.microsoft.com/pricing/details/active-directory/).
-1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
2. In the left nav, choose **Show all**, and under **Admin centers**, choose **Microsoft Entra**. 3. In Microsoft Entra admin center, under **Microsoft Entra ID (Azure AD)**, choose **Go to Microsoft Entra ID**. 4. In the left nav, select **Applications** and then **Enterprise applications**.
admin Admin Controls Profile Videos https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/admin-controls-profile-videos.md
As the Microsoft 365 administrator, you can turn the profile video feature on or
By default, profile video creation is turned on in Microsoft 365 organizations.
-1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
2. In the left nav, go to **Settings** -> **Org Settings**.
admin Azure Ad Setup Guides https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/azure-ad-setup-guides.md
ms.localizationpriority: medium
- Tier3 - scotvorg+
+- admindeeplinkMAC
description: "Learn about setup guides for Microsoft Entra ID."
This catalog contains some basic security features you can use to ensure your us
Using features in this catalog requires either Microsoft Entra ID Governance or Microsoft Entra ID P2 license. To find the right license for your requirements, see [Compare generally available features of Microsoft Entra ID](https://www.microsoft.com/security/business/identity-access-management/azure-ad-pricing).
-[Open the Identity security for Teams catalog](https://portal.office.com/AdminPortal/home?Q=azuredocs#/teamsidentity)
+[Open the Identity security for Teams catalog.](https://portal.office.com/AdminPortal/home?Q=azuredocs#/teamsidentity)
## Identity Governance
Respond faster to identity changes in your HR app and eliminate manual provision
Easily manage your users' lifecycle in Microsoft Entra ID by creating custom workflows to automate repetitive onboarding and offboarding tasks, eliminating the need for manual processes. Lifecycle workflows automatically execute configured tasks when users join or leave your org and provide insights for easy troubleshooting.
-[Open the Identity Governance setup guide](https://admin.microsoft.com/adminportal/home?Q=azuredocs#/modernonboarding/identitygovernance)
+<a href="https://go.microsoft.com/fwlink/p/?linkid=386330" target="_blank">Open the Identity Governance setup guide.</a>
> [!NOTE] > A Microsoft Entra ID Governance or Microsoft Entra ID P2 license is required to utilize the security features in this catalog.
The Microsoft Entra setup guide will help you set up the most common Microsoft E
The setup guides contain a checklist of the tasks you need to complete, and you can track your progress as you go through the guides. The guides will also link to the other setup guides when necessary.
-[Open the Microsoft Entra setup guide](https://admin.microsoft.com/adminportal/home?Q=azuredocs#/modernonboarding/azureadsetup).
+<a href="https://go.microsoft.com/fwlink/p/?linkid=2134390
+" target="_blank">Open the Microsoft Entra setup guide.</a>
## Add or sync users to Microsoft Entra ID
This guide helps you set up user accounts setup in Microsoft Entra ID and Micros
Using Microsoft Entra ID Sync tools is free and included with all Microsoft 365 subscriptions.
-[Open the Add or Sync users setup guide](https://admin.microsoft.com/adminportal/home?Q=azuredocs#/modernonboarding/identitywizard).
+<a href="https://go.microsoft.com/fwlink/p/?linkid=2264742" target="_blank">Open the Add or Sync users setup guide.</a>
## Secure your cloud apps with Single Sign On (SSO)
This guide is designed to help you add cloud apps to Microsoft 365. In our guide
Every paid subscription to Microsoft 365 comes with a free subscription to Microsoft Entra ID. You can use Microsoft Entra ID to manage your apps and create and manage user and group accounts.
-[Open the Add a cloud app to Microsoft 365 setup guide](https://portal.office.com/AdminPortal/home?Q=azuredocs#/azureadappintegration)
+<a href="https://go.microsoft.com/fwlink/p/?linkid=2204974" target="_blank">Open the Add a cloud app to Microsoft 365 setup guide.</a>
## Azure Self-Service password reset (SSPR) guide
SSPR requires one of the following licenses:
- Enterprise Mobility and Security E3 or E5
-[Open the self-service password reset setup guide](https://admin.microsoft.com/adminportal/home?Q=azuredocs#/modernonboarding/ssprsetup).
+<a href="https://go.microsoft.com/fwlink/p/?linkid=2264852" target="_blank">Open the self-service password reset setup guide.</a>
-## Configure multi-factor authentication (MFA)
+## Configure multifactor authentication (MFA)
For customers with Microsoft Entra ID Governance, Microsoft Entra ID P1, or P2, we provide customizable Conditional Access templates that include the most common and least intrusive security standards. When Microsoft Entra ID licensing isnΓÇÖt available, we provide a one-click solution to enable Security Defaults, a baseline protection policy for all users, or we provide steps to enable legacy (per-user) MFA.
For customers with Microsoft Entra ID Governance, Microsoft Entra ID P1, or P2,
Conditional Access requires Microsoft Entra ID Governance or a Microsoft Entra ID P1 or P2 license. Security defaults and per-user MFA are included with all Microsoft 365 subscriptions.
-[Open the multi-factor authentication (MFA) guide](https://admin.microsoft.com/adminportal/home?Q=azuredocs#/modernonboarding/mfasetupguide)
+<a href="https://go.microsoft.com/fwlink/p/?linkid=2264944" target=")_blank">Open the multifactor authentication (MFA) guide.</a>
## Plan your passwordless setup guide
Use the passwordless deployment guide to discover the best authentication method
Every paid subscription to Microsoft 365 comes with a free subscription to Microsoft Entra ID. You can use Microsoft Entra ID to manage your apps and create and manage user and group accounts.
-[Open the passwordless setup guide](https://admin.microsoft.com/adminportal/home?Q=azuredocs#/modernonboarding/passwordlesssetup).
+<a href="https://go.microsoft.com/fwlink/p/?linkid=2204974" target="_blank">Open the passwordless setup guide.</a>
<a name='migrate-from-adfs-to-azure-ad'></a>
Every paid subscription to Microsoft 365 comes with a free subscription to Micro
We offer custom guidance for migrating from ADFS to Microsoft Entra ID. Answer a few questions about your Active Directory Federation Services (AD FS) infrastructure and then implement either pass-through authentication (PTA) or password hash sync (PHS) to give users a streamlined experience while accessing your org's apps.
-[Open the Migrate from ADFS to Microsoft Entra ID guide](https://admin.microsoft.com/adminportal/home?Q=azuredocs#/modernonboarding/MigrateADFSToMicrosoftAzureAD).
+<a href="https://go.microsoft.com/fwlink/p/?linkid=2264847
+" target="_blank">Open the Migrate from ADFS to Microsoft Entra ID guide.</a>
admin Become The Admin https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/become-the-admin.md
When a user signs up for Microsoft 365 services using an email address, an accou
## Step 3: Verify domain ownership and become the admin
-1. After you complete Step 2, select the admin center icon in the left navigation pane (alternatively, go to a browser and type in `https://admin.cloud.microsoft.com`).
+1. After you complete Step 2, select the admin center icon in the left navigation pane (alternatively, go to a browser and type in `https://admin.cloud.microsoft`).
You're redirected to the admin takeover wizard.
admin Remove A Domain From Another Account https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/remove-a-domain-from-another-account.md
After you've become an admin for the unmanaged account, you can remove the domai
## Step 3: Verify domain ownership and become the admin
-1. After you complete Step 2, select the admin center icon in the left navigation pane (alternatively, go to a browser and type in `https://admin.cloud.microsoft.com`).
+1. After you complete Step 2, select the admin center icon in the left navigation pane (alternatively, go to a browser and type in `https://admin.cloud.microsoft`).
You're redirected to the admin takeover wizard.
admin Self Service Sign Up https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/self-service-sign-up.md
The following example describes how self-sign up works for a school. The same pr
1. Students and faculty members have school email addresses that indicate they're associated with your institution. For example, the email address jakob@uw.edu may indicate a student at the University of Washington. 2. Students and faculty go to [our web site](https://go.microsoft.com/fwlink/p/?LinkId=536628), and use their email address to sign up for the services that your organization offers, such Microsoft 365 Apps for enterprise. They can also sign up for other free services that we offer. 3. We validate their email address, and then they can start using Microsoft 365, Power BI, or other services right away.
-4. As the business admin, you can see who has signed up for a subscription by selecting the subscription on the **Licensing** page in the Microsoft 365 admin center. This way you can see when there are new or unrecognized licenses for services in your tenant. To control whether users can sign up for self-service subscriptions, use the [Update-MgPolicyAuthorizationPolicy](/powershell/module/msonline/set-msolcompanysettings) PowerShell cmdlet with the **AllowAdHocSubscriptions** parameter. For more information, see [How do I control self-service settings?](/azure/active-directory/users-groups-roles/directory-self-service-signup#how-do-i-control-self-service-settings)
+1. As the business admin, you can see who signs up for a subscription by selecting the subscription on the **Licensing** page in the Microsoft 365 admin center. This way you can see when there are new or unrecognized licenses for services in your tenant. To control whether users can sign up for self-service subscriptions, use the [Update-MgPolicyAuthorizationPolicy](/powershell/module/msonline/set-msolcompanysettings) PowerShell cmdlet with the **AllowAdHocSubscriptions** parameter. For more information, see [How do I control self-service settings?](/azure/active-directory/users-groups-roles/directory-self-service-signup#how-do-i-control-self-service-settings)
## Available self-service programs
Following are the currently available self-service programs. This list is update
| Program <br/> | Description <br/> | More Info <br/> | Website for self-service sign-up <br/> | |:--|:--|:--|:--| |****Office 365 A1**** <br/> |Any student or teacher can use a school email address to sign up for free Office 365 and get Office apps for the web, maximum limit of 100 GB of OneDrive cloud storage and SharePoint Online for class, team and project sites. <br/> |[Office 365 Education Technical FAQ](/microsoft-365/education/deploy/office-365-education-self-sign-up) <br/> |[Office 365 Education](https://go.microsoft.com/fwlink/p/?linkid=140841) <br/> |
-|**Power BI** <br/> |Power BI enables users to visualize data, share discoveries, and collaborate in intuitive new ways. <br/> If your organization already subscribes you may additionally see licenses for "Power BI Pro Individual User Trial," which offer users limited, free access to advanced capabilities. <br/> |[Power BI in your organization](/power-bi/enterprise/service-admin-org-subscription) <br/> |[Microsoft Power BI](https://go.microsoft.com/fwlink/p/?LinkId=536629) <br/> |
-|**Rights Management Services (RMS)** <br/> |RMS for individuals is a free self-service subscription for users in an organization who have been sent sensitive files that have been protected by Azure Rights Management (Azure RMS), but their IT department hasn't implemented Azure Rights Management (Azure RMS), or Active Directory Rights Management Services (AD RMS). <br/> |[RMS for Individuals and Azure Rights Management](/azure/information-protection/rms-for-individuals) <br/> |[Microsoft Rights Management portal](https://portal.azure.com/) so you can check whether you can open a given rights-protected document. <br/> |
+|**Power BI service**<br/> |Power BI enables users to visualize data, share discoveries, and collaborate in intuitive new ways. <br/>If your organization already subscribes, you may see options to upgrade your license to Power BI Pro or Power BI Premium Per User (PPU). These options offer you limited, free access to advanced capabilities. The Power BI service is available as a stand-alone service and as part of Microsoft Fabric. <br/> |[Power BI in your organization](https://go.microsoft.com/fwlink/?linkid=2264871) <br/> |[Microsoft Power BI](https://go.microsoft.com/fwlink/p/?LinkId=536629) <br/> |
+|**Fabric**<br/> |Microsoft Fabric (Free) is a cloud-based business analytics service. <br/>The free trial includes full access to all of the Fabric experiences and features and up to 1 TB of OneLake storage. <br/> |[Fabric in your organization](https://go.microsoft.com/fwlink/?linkid=2265065) <br/> |[Microsoft Fabric](https://go.microsoft.com/fwlink/?linkid=2264760) <br/> |
+|**Rights Management Services (RMS)** <br/> |RMS for individuals is a free self-service subscription for users in an organization who have been sent sensitive files that are protected by Azure Rights Management (Azure RMS), but their IT department didn't implement Azure Rights Management (Azure RMS), or Active Directory Rights Management Services (AD RMS). <br/> |[RMS for Individuals and Azure Rights Management](/azure/information-protection/rms-for-individuals) <br/> |[Microsoft Rights Management portal](https://portal.azure.com/) so you can check whether you can open a given rights-protected document. <br/> |
|**Microsoft Power Apps** <br/> |In Power Apps, you can manage organizational data by running an app that you created or that someone else created and shared with you. Apps run on mobile devices such as phones, or you can run them in a browser by opening Dynamics 365. You can create an infinite variety of apps - all without learning a programming language such as C#. <br/> |[Self-service sign up for Power Apps](/powerapps/maker/signup-for-powerapps) <br/> |[Microsoft Power Apps](https://go.microsoft.com/fwlink/p/?linkid=841462) <br/> | |**Dynamics 365 for Financials** <br/> |Get a complete business and financial management solution for small and medium-sized businesses. Dynamics 365 for Financials makes ordering, selling, invoicing, and reporting easierΓÇöstarting on day one. <br/> |[Microsoft Dynamics 365 for Financials](https://go.microsoft.com/fwlink/p/?linkid=841466) <br/> |[Microsoft Dynamics 365 for Financials](https://go.microsoft.com/fwlink/p/?linkid=841466) <br/> | |**Microsoft Dynamics 365 for Operations** <br/> |Increase your speed of doing business. The complete ERP tools in Dynamics 365 for Operations provide global scalability and digital intelligence to help you grow at your pace. <br/> |[Microsoft Dynamics 365 for Operations](https://go.microsoft.com/fwlink/p/?linkid=841467) <br/> |[Microsoft Dynamics 365 for Operations](https://go.microsoft.com/fwlink/p/?linkid=841467) <br/> | |**Microsoft AppSource** <br/> |Microsoft AppSource is a destination for software-as-a-service business apps built on the Microsoft cloud platform. AppSource features hundreds of apps, add-ons, and content packs that extend the functionality of Microsoft products like Azure, Dynamics 365, Office 365, and Power BI. <br/> |[Microsoft AppSource](https://go.microsoft.com/fwlink/p/?linkid=841474) <br/> |[Microsoft AppSource](https://go.microsoft.com/fwlink/p/?linkid=841474) <br/> | |**Microsoft Partner Incentives** <br/> |The Microsoft Partner Network provides three types of memberships. Each type provides a set of benefits to help your business grow. As you achieve your goals, participate in the program at the level that suits your unique needs to access more benefits and develop your relationship with us and other partners in the network. <br/> |[Microsoft Partner Incentives](https://go.microsoft.com/fwlink/p/?linkid=841469) <br/> |[Microsoft Partner Incentives](https://go.microsoft.com/fwlink/p/?linkid=841469) <br/> |
-|**Microsoft Business Center** <br/> |The Microsoft Business Center is the portal for customers who have made purchases through the Microsoft Products and Services Agreement (MPSA). <br/> |[Quick Start: Register for the Microsoft Business Center](https://go.microsoft.com/fwlink/p/?linkid=841479) <br/> |[Microsoft Business Center](https://go.microsoft.com/fwlink/p/?linkid=841470) <br/> |
+|**Microsoft Business Center** <br/> |The Microsoft Business Center is the portal for customers who make purchases through the Microsoft Products and Services Agreement (MPSA). <br/> |[Quick Start: Register for the Microsoft Business Center](https://go.microsoft.com/fwlink/p/?linkid=841479) <br/> |[Microsoft Business Center](https://go.microsoft.com/fwlink/p/?linkid=841470) <br/> |
|**Microsoft Volume License Service Center** <br/> |The Microsoft Volume License Service Center displays licenses purchased under Enterprise, Select, Education (Campus or School), Open Value, Open License, and ISV Royalty agreements. <br/> |[VLSC Training and Resources](https://www.microsoft.com/en-us/Licensing/existing-customer/vlsc-training-and-resources.aspx) <br/> |[Volume License Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx) <br/> | |**Minecraft Education Edition** <br/> |By using Minecraft as a platform for learning, educators can motivate and inspire every student to achieve more, and ignite a passion for learning. Join a community of educators learning how to use Minecraft to unlock student potential. <br/> |[Minecraft Education Edition](https://go.microsoft.com/fwlink/p/?linkid=841480) <br/> |[Minecraft Education Edition](https://go.microsoft.com/fwlink/p/?linkid=841471) <br/> | |**Microsoft Stream** <br/> |Upload and share videos across your organization to improve communication, participation, and learning. <br/> |[Sign up &amp; Day 0 experience](https://go.microsoft.com/fwlink/p/?linkid=841472) <br/> |[Microsoft Stream](https://go.microsoft.com/fwlink/p/?linkid=841473) <br/> | |**Power Automate** <br/> |Power Automate is a product to help you set up automated workflows between your favorite apps and services to synchronize files, get notifications, collect data, and more. <br/> |[Sign up and sign in for Power Automate](/power-automate/sign-up-sign-in) <br/> |[Power Automate](https://go.microsoft.com/fwlink/p/?linkid=841465) <br/> | |**Power Virtual Agents** <br/> |Power Virtual Agents empowers teams to easily create powerful bots using a guided, no-code graphical interface without the need for data scientists or developers. Power Virtual Agents addresses many of the major issues with bot building in the industry today. It eliminates the gap between the subject matter experts and the development teams building the bots, and the long latency between teams recognizing an issue and updating the bot to address it. <br/> |[Licensing and access details](/power-virtual-agents/requirements-licensing) <br/> |[Sign up for Power Virtual Agents](https://aka.ms/TryPVA) <br/> |
-|**Microsoft Entra B2B** <br/> |Microsoft Entra business-to-business (B2B) collaboration lets you invite External Users (or "guest users") to use your paid Microsoft Entra services. Some features are free, but for any paid Microsoft Entra features, you can invite up to five guest users for each Microsoft Entra edition license that you own for an employee or a non-guest user in your tenant. <br/> |[Self-service for Microsoft Entra B2B collaboration sign-up](/azure/active-directory/b2b/self-service-portal) <br/> |[Microsoft Entra B2B collaboration licensing guidance](/azure/active-directory/b2b/licensing-guidance) <br/> |
+|**Microsoft Entra B2B** <br/> |Microsoft Entra business-to-business (B2B) collaboration lets you invite External Users (or "guest users") to use your paid Microsoft Entra services. Some features are free, but for any paid Microsoft Entra features, you can invite up to five guest users for each Microsoft Entra edition license that you own for an employee or a nonguest user in your tenant. <br/> |[Self-service for Microsoft Entra B2B collaboration sign-up](/azure/active-directory/b2b/self-service-portal) <br/> |[Microsoft Entra B2B collaboration licensing guidance](/azure/active-directory/b2b/licensing-guidance) <br/> |
admin Create Distribution Lists https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/create-distribution-lists.md
Use distribution lists (sometimes called distribution groups) when you want to s
::: moniker range="o365-worldwide"
-Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
::: moniker-end
admin Create Signatures And Disclaimers https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/create-signatures-and-disclaimers.md
If you found this video helpful, check out the [complete training series for sma
::: moniker range="o365-worldwide"
-Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
::: moniker-end
admin Priority Accounts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/priority-accounts.md
You can also add priority accounts from the Active users page.
Add priority accounts from the Active users page.
-1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
2. Go to **Users** > **Active users** and select the three dots (more actions) at the top of the page. Select **Manage priority accounts**.
Add priority accounts from the Active users page.
## Remove a user from the priority accounts list
-1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
2. Go to **Setup** > **Organizational knowledge**, and choose **View** under **Monitor your most important accounts**.
admin Setup Apps For Business https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/setup-apps-for-business.md
- TRN_M365B - OKR_SMB_Videos - AdminSurgePortfolio
+- admindeeplinkMAC
search.appverid: - MET150 - MOE150
You can add users in the wizard, but you can also [add users later](../add-users
::: moniker range="o365-worldwide"
-1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.microsoft.com</a>.
+1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
::: moniker-end
You can add users in the wizard, but you can also [add users later](../add-users
2. Choose **Go to setup** to start the wizard.
-3. On the first page you will get the option to install Microsoft 365 apps on your computer. You can also do this later.
+3. On the first page, you'll get the option to install Microsoft 365 apps on your computer. You can also do this later.
-3. On the next page you can add users and they will automatically get assigned the Microsoft 365 apps for business license. After you've added the users, you'll also get an option to share credentials with the new users you added. You can choose to print them out, email them, or download them.
+3. On the next page, you can add users and they'll automatically get assigned the Microsoft 365 apps for business license. After you've added the users, you'll also get an option to share credentials with the new users you added. You can choose to print them out, email them, or download them.
When the sign-up process is complete, you'll be directed to the admin center, where you can add users, and assign licenses.
Once you've created accounts for other people in your business, you and your tea
::: moniker range="o365-worldwide"
-Go to [https://admin.microsoft.com/OLS/MySoftware.aspx](https://admin.microsoft.com/OLS/MySoftware.aspx).
+Go to **My accounts** > <a href="https://go.microsoft.com/fwlink/?linkid=2265141" target="_blank">Apps & devices</a>.
::: moniker-end
Need more detailed steps or want to install the 64-bit version of Microsoft 365?
## Set up mobile
-Install Microsoft 365 on your mobile device, and set up Outlook to work with your new Microsoft mailbox. Everyone on your team will need to do this step. Each person can install the Microsoft 365 mobile apps on up to 5 phones and 5 tablets.
+Install Microsoft 365 on your mobile device, and set up Outlook to work with your new Microsoft mailbox. Everyone on your team will need to do this step. Each person can install the Microsoft 365 mobile apps on up to five phones and 5 tablets.
Get the steps for your device: [Android](https://support.microsoft.com/office/6ef2ebf2-fc2d-474a-be4a-5a801365c87f) | [iOS](https://support.microsoft.com/office/0402b37e-49c4-4419-a030-f34c2013041f) | [Windows Phone](https://support.microsoft.com/office/9bccc8b8-a321-4d0d-a45e-6e06a3438e43)
admin Setup Business Basic https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/setup-business-basic.md
- OKR_SMB_Videos - AdminSurgePortfolio - AdminTemplateSet
+- admindeeplinkMAC
search.appverid: - MET150 - MOE150
When you purchase Microsoft 365 Business Basic, you have the option of using a d
::: moniker range="o365-worldwide"
-1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft.com</a>.
+1. Go to the Microsoft 365 admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">https://admin.cloud.microsoft</a>.
::: moniker-end
bookings Comparison Chart https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/comparison-chart.md
description: "A comparison chart that shows the feature differences between the
# Comparison chart: Bookings web app vs. Bookings Teams app
-The Bookings app in Teams lets schedulers handle their main tasks and change some settings. However, the Bookings web includes advanced features and settings that are not yet available in the Teams app.
+The Bookings app in Teams lets schedulers handle their main tasks and change some settings. However, the Bookings web includes advanced features and settings that aren't available in the Teams app.
-Teams app features are being added all the time and we will continue to update this list. See the **Is all the functionality of the original Bookings Web app available in Microsoft Teams?** section in the [FAQ](bookings-faq.yml) for more details.
+See the **Is all the functionality of the original Bookings Web app available in Microsoft Teams?** section in the [FAQ](bookings-faq.yml) for more details.
| Feature | Bookings web app | Bookings Teams app | |:|:|:|
commerce Cancel Your Subscription https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/cancel-your-subscription.md
Last updated 10/13/2023
Check out all of our small business content on [Small business help & learning](https://go.microsoft.com/fwlink/?linkid=2224585).
-This article only applies to canceling **Dynamics 365**, **Intune**, **Power Platform**, **Windows 365**, **Microsoft Defender for Business**, and **Microsoft 365 for business** subscriptions. If you have an Azure subscription, see [Cancel your Azure subscription](/azure/cost-management-billing/manage/cancel-azure-subscription). If you have Microsoft 365 Family or Personal, see [Cancel a Microsoft 365 subscription](https://support.microsoft.com/office/cancel-a-microsoft-365-subscription-46e2634c-c64b-4c65-94b9-2cc9c960e91b?OCID=M365_DocsCancel_Link).
+This article only applies to canceling **Dynamics 365**, **Intune**, **Power Platform**, **Windows 365**, **Microsoft Defender for Business**, and **Microsoft 365 for business** subscriptions. If you have an **Azure** subscription, see [Cancel your Azure subscription](/azure/cost-management-billing/manage/cancel-azure-subscription). If you have the **Power BI service**, see [Close your account](/power-bi/enterprise/service-admin-closing-your-account). If you have the **Fabric trial**, see [Cancel your trial](/power-bi/fundamentals/service-self-service-signup-for-power-bi#trial-expiration).
+
+If you have **Microsoft 365 Family** or **Microsoft 365 Personal**, see [Cancel a Microsoft 365 subscription](https://support.microsoft.com/office/cancel-a-microsoft-365-subscription-46e2634c-c64b-4c65-94b9-2cc9c960e91b?OCID=M365_DocsCancel_Link).
> [!WARNING] > Before you cancel a subscription, make sure your users [save their data](#save-your-data).
frontline Flw Licensing Options https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/flw-licensing-options.md
Title: Understand frontline worker user types and licensing
+ audience: admin
frontline Flw Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/flw-overview.md
search.appverid: MET150
+ audience: admin
security Android Configure Mam https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/android-configure-mam.md
End users also need to take steps to install Microsoft Defender for Endpoint on
*Example: Outlook as a managed app*
- :::image type="content" source="images/managed-app.png" alt-text="The Public apps pane in the Microsoft Defender portal." lightbox="images/managed-app.png":::
+ :::image type="content" source="media/managed-app.png" alt-text="The Public apps pane in the Microsoft Defender portal." lightbox="media/managed-app.png":::
3. Set sign-in security requirements for your protection policy.
security Android Intune https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/android-intune.md
Learn how to deploy Defender for Endpoint on Android with Microsoft Intune Compa
1. In [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \> **Android Apps** \> **Add** \> **Android store app** and choose **Select**.
- :::image type="content" source="images/mda-addandroidstoreapp.png" alt-text="The Add Android store application pane in the Microsoft Intune admin center portal" lightbox="images/mda-addandroidstoreapp.png":::
+ :::image type="content" source="media-addandroidstoreapp.png":::
2. On the **Add app** page and in the *App Information* section enter:
Learn how to deploy Defender for Endpoint on Android with Microsoft Intune Compa
Other fields are optional. Select **Next**.
- :::image type="content" source="images/mda-addappinfo.png" alt-text=" The Add App page displaying the application's publisher and URL information in the Microsoft Intune admin center portal" lightbox="images/mda-addappinfo.png":::
+ :::image type="content" source="media-addappinfo.png":::
3. In the *Assignments* section, go to the **Required** section and select **Add group.** You can then choose the user group(s) that you would like to target Defender for Endpoint on Android app. Choose **Select** and then **Next**.
Follow the steps below to add Microsoft Defender for Endpoint app into your mana
10. Select **Microsoft Defender** app in the list \> **Properties** \> **Assignments** \> **Edit**.
- :::image type="content" source="images/mda-properties.png" alt-text="The Edit option on the Properties page" lightbox="images/mda-properties.png":::
+ :::image type="content" source="media-properties.png":::
11. Assign the app as a *Required* app to a user group. It is automatically installed in the *work profile* during the next sync of the device via Company Portal app. This assignment can be done by navigating to the *Required* section \> **Add group,** selecting the user group and click **Select**.
The device configuration profile is now assigned to the selected user group.
3. When the app is installed, open the app and accept the permissions and then your onboarding should be successful.
- :::image type="content" source="images/MDE_new.png" alt-text="Th display of a Microsoft Defender for Endpoint application on a mobile device" lightbox="images/MDE_new.png":::
+ :::image type="content" source="mediE_new.png":::
4. At this stage the device is successfully onboarded onto Defender for Endpoint on Android. You can verify this on the [Microsoft Defender portal](https://security.microsoft.com) by navigating to the **Device Inventory** page.
security Management Apis https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/api/management-apis.md
The Microsoft Defender for Endpoint solution is built on top of an integration-r
Defender for Endpoint exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Defender for Endpoint capabilities. The Defender for Endpoint APIs can be grouped into three:
security Application Deployment Via Mecm https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/application-deployment-via-mecm.md
Copy the unified solution package, onboarding script and migration script to the
1. In the MECM console, follow these steps: **Software Library>Applications>Create Application**. 2. Select **Manually specify the application information**.
- :::image type="content" source="images/manual-application-information.png" alt-text="Screenshot of manually specifying the application information selection." lightbox="images/manual-application-information.png":::
+ :::image type="content" source="media/manual-application-information.png" alt-text="Screenshot of manually specifying the application information selection." lightbox="media/manual-application-information.png":::
3. Select **Next** on the Software Center screen of the wizard. 4. On the Deployment Types, click **Add**. 5. Select **Manually to specify the deployment type information** and select **Next**. 6. Give a name to your script deployment and select **Next**.
- :::image type="content" source="images/manual-deployment-information.png" alt-text="Screenshot specifying the script deployment information.":::
+ :::image type="content" source="media/manual-deployment-information.png" alt-text="Screenshot specifying the script deployment information.":::
7. On this step, copy the UNC path that your content is located. Example: `\\ServerName\h$\SOFTWARE_SOURCE\path`. :::image type="content" source="media/deployment-type-wizard.png" alt-text="Screenshot that shows UNC path copy.":::
security Auto Investigation Action Center https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/auto-investigation-action-center.md
During and after an automated investigation, remediation actions for threat dete
Recently, the Action center was updated. You now have a unified Action center experience. To access your Action center, go to [https://security.microsoft.com/action-center](https://security.microsoft.com/action-center) and sign in. ### What's changed?
security Cloud Protection Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus.md
search.appverid: met150
Next-generation technologies in Microsoft Defender Antivirus provide near-instant, automated protection against new and emerging threats. To identify new threats dynamically, next-generation technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models. Cloud protection works together with Microsoft Defender Antivirus to deliver accurate, real-time, and intelligent protection.
-[:::image type="content" source="images/mde-cloud-protection.png" alt-text="Diagram showing how cloud protection works together with Microsoft Defender Antivirus" lightbox="images/mde-cloud-protection.png":::](enable-cloud-protection-microsoft-defender-antivirus.md)
+[:::image type="content" source="medi)
> [!TIP] > We recommend keeping cloud protection turned on. To learn more, see [Why cloud protection should be turned on](enable-cloud-protection-microsoft-defender-antivirus.md#why-cloud-protection-should-be-turned-on).
security Comprehensive Guidance On Linux Deployment https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
This step of the setup process involves adding Defender for Endpoint to the excl
- To check if there's a non-Microsoft antimalware that is running FANotify, you can run `mdatp health`, then check the result:
- :::image type="content" source="images/mdatp-health-result.png" alt-text="Image of mdatp health result":::
+ :::image type="content" source="mediatp health result":::
Under "conflicting_applications", if you see a result other than "unavailable", uninstall the non-Microsoft antimalware.
security Data Collection Analyzer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/data-collection-analyzer.md
When collaborating with Microsoft support professionals, you might be asked to u
Run `MDEClientAnalyzer.cmd /?` to see the list of available parameters and their description: | Switch | Description | When to use| Process that you're troubleshooting. | |:|:|:|:|
security Defender Endpoint Antivirus Exclusions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-antivirus-exclusions.md
Most organizations have several different types of exclusions and indicators to
The following image summarizes how exclusions and indicators are handled across Defender for Endpoint and Microsoft Defender Antivirus: Here's how it works:
security Enable Attack Surface Reduction https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction.md
You can use Microsoft Intune OMA-URI to configure custom attack surface reductio
1. Open the Microsoft Intune admin center. In the **Home** menu, click **Devices**, select **Configuration profiles**, and then click **Create profile**.
- :::image type="content" source="images/mem01-create-profile.png" alt-text="The Create profile page in the Microsoft Intune admin center portal." lightbox="images/mem01-create-profile.png":::
+ :::image type="content" source="media/mem01-create-profile.png" alt-text="The Create profile page in the Microsoft Intune admin center portal." lightbox="media/mem01-create-profile.png":::
2. In **Create a profile**, in the following two drop-down lists, select the following:
You can use Microsoft Intune OMA-URI to configure custom attack surface reductio
Select **Custom**, and then select **Create**.
- :::image type="content" source="images/mem02-profile-attributes.png" alt-text="The rule profile attributes in the Microsoft Intune admin center portal." lightbox="images/mem02-profile-attributes.png":::
+ :::image type="content" source="media/mem02-profile-attributes.png" alt-text="The rule profile attributes in the Microsoft Intune admin center portal." lightbox="media/mem02-profile-attributes.png":::
3. The Custom template tool opens to step **1 Basics**. In **1 Basics**, in **Name**, type a name for your template, and in **Description** you can type a description (optional).
- :::image type="content" source="images/mem03-1-basics.png" alt-text="The basic attributes in the Microsoft Intune admin center portal" lightbox="images/mem03-1-basics.png":::
+ :::image type="content" source="media/mem03-1-basics.png" alt-text="The basic attributes in the Microsoft Intune admin center portal" lightbox="media/mem03-1-basics.png":::
4. Click **Next**. Step **2 Configuration settings** opens. For OMA-URI Settings, click **Add**. Two options now appear: **Add** and **Export**.
- :::image type="content" source="images/mem04-2-configuration-settings.png" alt-text="The configuration settings in the Microsoft Intune admin center portal." lightbox="images/mem04-2-configuration-settings.png":::
+ :::image type="content" source="media/mem04-2-configuration-settings.png" alt-text="The configuration settings in the Microsoft Intune admin center portal." lightbox="media/mem04-2-configuration-settings.png":::
1. Click **Add** again. The **Add Row OMA-URI Settings** opens. In **Add Row**, do the following:
You can use Microsoft Intune OMA-URI to configure custom attack surface reductio
- 2: Audit (Evaluate how the attack surface reduction rule would impact your organization if enabled) - 6: Warn (Enable the attack surface reduction rule but allow the end-user to bypass the block)
- :::image type="content" source="images/mem05-add-row-oma-uri.png" alt-text="The OMA URI configuration in the Microsoft Intune admin center portal" lightbox="images/mem05-add-row-oma-uri.png":::
+ :::image type="content" source="media/mem05-add-row-oma-uri.png" alt-text="The OMA URI configuration in the Microsoft Intune admin center portal" lightbox="media/mem05-add-row-oma-uri.png":::
1. Select **Save**. **Add Row** closes. In **Custom**, select **Next**. In step **3 Scope tags**, scope tags are optional. Do one of the following:
You can use Microsoft Intune OMA-URI to configure custom attack surface reductio
- **Add all users** - **Add all devices**
- :::image type="content" source="images/mem06-4-assignments.png" alt-text="The assignments in the Microsoft Intune admin center portal" lightbox="images/mem06-4-assignments.png":::
+ :::image type="content" source="media/mem06-4-assignments.png" alt-text="The assignments in the Microsoft Intune admin center portal" lightbox="media/mem06-4-assignments.png":::
1. In **Excluded groups**, select any groups that you want to exclude from this rule, and then select **Next**.
You can use Microsoft Intune OMA-URI to configure custom attack surface reductio
- In **Property**, select the property to which you want this rule to apply - In **Value**, enter the applicable value or value range
- :::image type="content" source="images/mem07-5-applicability-rules.png" alt-text="The applicability rules in the Microsoft Intune admin center portal" lightbox="images/mem07-5-applicability-rules.png":::
+ :::image type="content" source="media/mem07-5-applicability-rules.png" alt-text="The applicability rules in the Microsoft Intune admin center portal" lightbox="media/mem07-5-applicability-rules.png":::
10. Select **Next**. In step **6 Review + create**, review the settings and information you've selected and entered, and then select **Create**.
- :::image type="content" source="images/mem08-6-review-create.png" alt-text="The Review and create option in the Microsoft Intune admin center portal" lightbox="images/mem08-6-review-create.png":::
+ :::image type="content" source="media/mem08-6-review-create.png" alt-text="The Review and create option in the Microsoft Intune admin center portal" lightbox="media/mem08-6-review-create.png":::
Rules are active and live within minutes.
security Enable Cloud Protection Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/enable-cloud-protection-microsoft-defender-antivirus.md
search.appverid: met150
Microsoft Defender Antivirus cloud protection helps protect against malware on your endpoints and across your network. We recommend keeping cloud protection turned on, because certain security features and capabilities in Microsoft Defender for Endpoint only work when cloud protection is enabled.
-[![alt-text="Diagram showing things that depend on cloud protection](images/mde-cloud-protection.png#lightbox)](enable-cloud-protection-microsoft-defender-antivirus.md)
+[![alt-text="Diagram showing things that depend on cloud protection](medi)
The following table summarizes the features and capabilities that depend on cloud protection: <br/><br/>
security Ios Install Unmanaged https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/ios-install-unmanaged.md
Because mobile app management doesn't require device management, you can protect
*Example: Outlook as a managed app*
- :::image type="content" source="images/managed-app.png" alt-text="The Microsoft Outlook menu item on the left navigation pane" lightbox="images/managed-app.png":::
+ :::image type="content" source="media/managed-app.png" alt-text="The Microsoft Outlook menu item on the left navigation pane" lightbox="media/managed-app.png":::
Select the **Platform, Apps, Data protection, Access requirements** settings that your organization requires for your policy.
security Linux Whatsnew https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-whatsnew.md
ms.localizationpriority: medium Previously updated : 02/12/2024 Last updated : 03/27/2024 audience: ITPro
This article is updated frequently to let you know what's new in the latest rele
- [What's new in Defender for Endpoint on macOS](mac-whatsnew.md) - [What's new in Defender for Endpoint on iOS](ios-whatsnew.md)
+<details>
+<summary> March-2024 (Build: 101.24022.0001 | Release version: 30.124022.0001.0)</summary>
+
+## March-2024 Build: 101.24022.0001 | Release version: 30.124022.0001.0
+
+&ensp;Released: **March 22,2024**<br/>
+&ensp;Published: **March 22,2024**<br/>
+&ensp;Build: **101.24022.0001**<br/>
+&ensp;Release version: **30.124022.0001.0**<br/>
+&ensp;Engine version: **1.1.23110.4**<br/>
+&ensp;Signature version: **1.403.87.0**<br/>
+
+**What's new**
+
+There are multiple fixes and new changes in this release:
+
+- Addition of `microsoft_defender_scan_skip.log` file which logs scans that mdatp is unable to complete due to any reason.
+- Stability and performance improvements.
+- Bug fixes.
+
+</details>
++ <details> <summary> March-2024 (Build: 101.24012.0001 | Release version: 30.124012.0001.0)</summary>
There are multiple fixes and new changes in this release:
**What's new** There are multiple fixes and new changes in this release: -- Microsoft Defender for Endpoint on Linux now officially supports Mariner 2, Rocky 8.7 and higher, Alma 9.2 and higher version distros. If you already have Defender for Endpoint running on any of these distros and facing any issues in the older versions, please upgrade to the latest Defender for Endpoint version. Refer our public deployment docs for more details. - Updated default engine version to `1.1.23100.2010`, and default signatures version to `1.399.1389.0`. - General stability and performance improvements. - Bug fixes.
+- Microsoft Defender for Endpoint on Linux now officially supports the following distros and versions:
+
+ | Distro & version | Ring | Package |
+ ||||
+ | Mariner 2 | Production | https://packages.microsoft.com/cbl-mariner/2.0/prod/extras/x86_64/config.repo |
+ | Rocky 8.7 and higher | Insiders Slow | https://packages.microsoft.com/config/rocky/8/insiders-slow.repo |
+ | Rocky 9.2 and higher | Insiders Slow | https://packages.microsoft.com/config/rocky/9/insiders-slow.repo |
+ | Alma 8.4 and higher | Insiders Slow | https://packages.microsoft.com/config/alma/8/insiders-slow.repo |
+ | Alma 9.2 and higher | Insiders Slow | https://packages.microsoft.com/config/alma/9/insiders-slow.repo |
+
+If you already have Defender for Endpoint running on any of these distros and facing any issues in the older versions, please upgrade to the latest Defender for Endpoint version from the corresponding ring mentioned above. Refer our [public deployment docs](comprehensive-guidance-on-linux-deployment.md) for more details.
+
+> [!NOTE]
+> Known issues:
+>
+> Microsoft Defender for Endpoint for Linux on Rocky and Alma currently has the following known issues:
+> - Live Response and Threat Vulnerability Management are currently not supported (work in progress).
+> - Operating system info for devices is not visible in the Microsoft Defender portal
</details>
security Mac Exclusions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-exclusions.md
For more information on how to configure exclusions from JAMF, Intune, or anothe
1. Open the Defender for Endpoint application and navigate to **Manage settings** \> **Add or Remove Exclusion...**, as shown in the following screenshot: 2. Select the type of exclusion that you wish to add and follow the prompts.
security Mac Install Manually https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-install-manually.md
Once you have installed the MDE on macOS client, you must now onboard the packag
After installation, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner. > [!div class="mx-imgBorder"]
- > :::image type="content" source="images/mdatp-icon-bar.png" alt-text="Screenshot that shows the Microsoft Defender icon in status bar":::
+ > :::image type="content" source="media/mdatp-icon-bar.png" alt-text="Screenshot that shows the Microsoft Defender icon in status bar":::
You can [troubleshoot license issues for Microsoft Defender for Endpoint on macOS](mac-support-license.md).
security Mac Install With Intune https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-install-with-intune.md
After completing the profile configuration, you'll be able to review the status
Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** \> **Device status**: #### Client device setup
A standard [Company Portal installation](/intune-user-help/enroll-your-device-in
1. Confirm device management.
- :::image type="content" source="images/mdatp-3-confirmdevicemgmt.png" alt-text="The Confirm device management page" lightbox="images/mdatp-3-confirmdevicemgmt.png":::
+ :::image type="content" source="medievicemgmt.png":::
Select **Open System Preferences**, locate **Management Profile** on the list, and select **Approve...**. Your Management Profile would be displayed as **Verified**:
- :::image type="content" source="images/mdatp-4-managementprofile.png" alt-text="The Management profile page" lightbox="images/mdatp-4-managementprofile.png":::
+ :::image type="content" source="mediatp-4-managementprofile.png":::
2. Select **Continue** and complete the enrollment.
A standard [Company Portal installation](/intune-user-help/enroll-your-device-in
3. In Intune, open **Manage** \> **Devices** \> **All devices**. Here you can see your device among the listed:
- :::image type="content" source="images/mdatp-5-alldevices.png" alt-text="The All Devices page" lightbox="images/mdatp-5-alldevices.png":::
+ :::image type="content" source="mediatp-5-alldevices.png":::
#### Verify client device state 1. After the configuration profiles are deployed to your devices, open **System Preferences** > **Profiles** on your Mac device.
- :::image type="content" source="images/mdatp-13-systempreferences.png" alt-text="The System preferences page":::
+ :::image type="content" source="media/mdatp-13-systempreferences.png" alt-text="The System preferences page":::
- :::image type="content" source="images/mdatp-14-systempreferencesprofiles.png" alt-text="The System Preferences Profiles page" lightbox="images/mdatp-14-systempreferencesprofiles.png":::
+ :::image type="content" source="mediatp-14-systempreferencesprofiles.png":::
2. Verify that the following configuration profiles are present and installed. The **Management Profile** should be the Intune system profile. _Wdav-config_ and _wdav-kext_ are system configuration profiles that were added in Intune:
- :::image type="content" source="images/mdatp-15-managementprofileconfig.png" alt-text="The Profiles page" lightbox="images/mdatp-15-managementprofileconfig.png":::
+ :::image type="content" source="mediatp-15-managementprofileconfig.png":::
3. You should also see the Microsoft Defender for Endpoint icon in the top-right corner.
- :::image type="content" source="images/mdatp-icon-bar.png" alt-text="The icon for Microsoft Defender for Endpoint in the status bar":::
+ :::image type="content" source="media/mdatp-icon-bar.png" alt-text="The icon for Microsoft Defender for Endpoint in the status bar":::
### Step 13: Publish application
This step enables deploying Microsoft Defender for Endpoint to enrolled machines
1. In the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431), open **Apps**.
- :::image type="content" source="images/mdatp-8-app-before.png" alt-text="The application's overview page" lightbox="images/mdatp-8-app-before.png":::
+ :::image type="content" source="mediatp-8-app-before.png":::
1. Select **By platform** > **macOS** > **Add**. 1. Under **App type**, select **macOS**. Click **Select**.
- :::image type="content" source="images/mdatp-9-app-type.png" alt-text="The specific application type" lightbox="images/mdatp-9-app-type.png":::
+ :::image type="content" source="mediatp-9-app-type.png":::
1. On the **App information**, keep the default values and click **Next**.
- :::image type="content" source="images/mdatp-10-properties.png" alt-text="The application properties page" lightbox="images/mdatp-10-properties.png":::
+ :::image type="content" source="mediatp-10-properties.png":::
1. On the **Assignments** tab, click **Next**.
- :::image type="content" source="images/mdatp-11-assignments.png" alt-text="The Intune assignments information page" lightbox="images/mdatp-11-assignments.png":::
+ :::image type="content" source="mediatp-11-assignments.png":::
1. Review and **Create**. You can visit **Apps** > **By platform** > **macOS** to see it on the list of all applications.
- :::image type="content" source="images/mdatp-12-applications.png" alt-text="The application lists page" lightbox="images/mdatp-12-applications.png":::
+ :::image type="content" source="mediatp-12-applications.png":::
For more information, see [Add Microsoft Defender for Endpoint to macOS devices using Microsoft Intune](/mem/intune/apps/apps-advanced-threat-protection-macos).
To deploy the onboarding package:
1. Under **Template name**, select **Custom**. 1. Click **Create**.
- :::image type="content" alt-text="Deploy onboarding package" source="images/mdatp-6-systemconfigurationprofiles-1.png" lightbox="images/mdatp-6-systemconfigurationprofiles-1.png":::
+ :::image type="content" alt-text="Deploy onboarding package" source="mediatp-6-systemconfigurationprofiles-1.png":::
1. On the **Basics** tab, **Name** the profile. For example, 'Autoupdate-prod-macOS-Default-MDE'. Click **Next**.
- :::image type="content" alt-text="click next" source="images/mdatp-6-systemconfigurationprofiles-2.png" lightbox="images/mdatp-6-systemconfigurationprofiles-2.png":::
+ :::image type="content" alt-text="click next" source="mediatp-6-systemconfigurationprofiles-2.png":::
1. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, 'Autoupdate.mobileconfig'. 1. Choose a **Deployment channel**. 1. Click **Next**. 1. Select a **Configuration profile file**.
- :::image type="content" alt-text="configuration profile" source="images/mdatp-6-systemconfigurationprofiles.png" lightbox="images/mdatp-6-systemconfigurationprofiles.png":::
+ :::image type="content" alt-text="configuration profile" source="mediatp-6-systemconfigurationprofiles.png":::
1. On the **Assignments** tab, assign the profile to a group where the macOS devices and/or users are located, or All Users and All devices.
- :::image type="content" alt-text="assign users" source="images/mdatp-6-systemconfigurationprofiles-3.png" lightbox="images/mdatp-6-systemconfigurationprofiles-3.png":::
+ :::image type="content" alt-text="assign users" source="mediatp-6-systemconfigurationprofiles-3.png":::
1. Review the configuration profile. Click **Create**. 1. Open **Devices** > **Configuration profiles** to see the created profile.
security Mac Support Sys Ext https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-support-sys-ext.md
Starting with macOS BigSur (11), Apple's macOS requires all system extensions to
You'll notice that the Microsoft Defender for Endpoint has an **x** symbol in the shield, as shown in the following screenshot: If you click the shield with the **x** symbol, you'll get options as shown in the following screenshot:
security Mac Updates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-updates.md
Microsoft regularly publishes software updates to improve performance, security,
To update Microsoft Defender for Endpoint on macOS, a program named Microsoft AutoUpdate (MAU) is used. MAU checks updates periodically, and automatically downloads and installs them. You can deploy preferences to configure how and when MAU checks for updates for the Macs in your organization.
security Machine Tags https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/machine-tags.md
To add device tags using API, see [Add or remove device tags API](api/add-or-rem
2. Select **Manage tags** from the row of Response actions.
- :::image type="content" source="images/manage-tags-option.png" alt-text="Image of manage tags button" lightbox="images/manage-tags-option.png":::
+ :::image type="content" source="media/manage-tags-option.png" alt-text="Image of manage tags button" lightbox="media/manage-tags-option.png":::
3. Type to find or create tags
security Manage Sys Extensions Manual Deployment https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-sys-extensions-manual-deployment.md
You might see the prompt that's shown in the following screenshot:
1. On the screen displaying the **Installation succeeded** notification message, select **OK**. You'll return to the following screen:
- :::image type="content" source="images/mde-menu.png" alt-text="The Microsoft Defender for Endpoint menu containing the x symbol." lightbox="images/mde-menu.png":::
+ :::image type="content" source="medie-menu.png":::
1. From the menu bar, click the **x** symbol on the shield. You'll get the options shown in the following screenshot:
If you run systemextensionsctl list, the following screen appears:
#### mdatp health output #### Check the system extensions
security Mde P1 Setup Configuration https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mde-p1-setup-configuration.md
This article describes how to set up and configure Defender for Endpoint Plan 1.
## The setup and configuration process The general setup and configuration process for Defender for Endpoint Plan 1 is as follows: <br/><br/>
security Microsoft Defender Antivirus Pilot Ring Deployment Group Policy Wsus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-pilot-ring-deployment-group-policy-wsus.md
The following resources provide information for using and managing Windows Serve
This section provides information about setting up the pilot (UAT/Test/QA) environment using Group Policy and Windows Server Update Services (WSUS). > [!NOTE] > Security intelligence update (SIU) is equivalent to signature updates, which is the same as definition updates.
On about 10-500* Windows and/or Windows Server systems, depending on how many to
1. On the **Choose Products** page, scroll down to **Forefront**, select **Forefront Client Security** and **System Center Endpoint Protection** This is shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-choose-products-av.png" alt-text="Screenshot that shows a screen capture of the WSUS configuration wizard Choose Products page." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-choose-products-av.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-choose-products-av.png" alt-text="Screenshot that shows a screen capture of the WSUS configuration wizard Choose Products page." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-choose-products-av.png":::
While still on the **Choose Products** page, scroll down to **Windows** and select **Microsoft Defender Antivirus**.
The Windows Server Update Services Configuration Wizard is complete.
1. Open the **Update Services** snap-in console, and navigate to **YR2K19**. The console is shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-synch.png" alt-text="Screenshot that shows a screen capture of the Update Services snap-in console with YR2K19 shown." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-synch.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-synch.png" alt-text="Screenshot that shows a screen capture of the Update Services snap-in console with YR2K19 shown." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-synch.png":::
1. When synchronization is complete, you can see how many products and classifications have been added in the last 30 days. Check to ensure the status for **Last synchronization result** indicates _Succeeded_. You may see a warning indicating **"Your WSUS server currently shows that no computers are registered to receive updates"**. This warning is normal at this point of the deployment configuration process.
The Windows Server Update Services Configuration Wizard is complete.
See [ Viewing and Managing Updates](/windows-server/administration/windows-server-update-services/manage/viewing-and-managing-updates).
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-search-defender.png" alt-text="Screenshot that shows a screen capture of the Update Services for Microsoft Defender Antivirus." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-search-defender.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-search-defender.png" alt-text="Screenshot that shows a screen capture of the Update Services for Microsoft Defender Antivirus." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-update-service-search-defender.png":::
1. In the **Search** dialog, under **Update Title**, double-click one of the listed KB items. One of two things happens: - If you don't have **Microsoft Report Viewer 2012 Redistributable** installed, the following error message appears:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-error.png" alt-text="Screenshot that shows a screen capture of an error message indicating the Microsoft Report Viewer 2012 Redistributable isn't installed." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-error.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-error.png" alt-text="Screenshot that shows a screen capture of an error message indicating the Microsoft Report Viewer 2012 Redistributable isn't installed." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-error.png":::
Follow the link in the error message to install the Microsoft Report Viewer 2012 Redistributable before proceeding to the next numbered step of this procedure. - If **Microsoft Report Viewer 2012 Redistributable** installed, **Update Report for YR2k19** opens, presenting a report with information related to the KB you previously selected. An example report is shown in the following image.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-update-info.png" alt-text="Screenshot that shows a screen capture with details about a KB update reported in **Update Report for Yr2k19**." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-update-info.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-update-info.png" alt-text="Screenshot that shows a screen capture with details about a KB update reported in **Update Report for Yr2k19**." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-update-info.png":::
To learn more about the different Microsoft Defender Antivirus Update channels, see [Manage the gradual rollout process for Microsoft Defender updates](manage-gradual-rollout.md)
The Windows Server Update Services Configuration Wizard is complete.
For example, on April 11, 2023, the latest production version is **4.18.2302.7**, where **23** == _2023_, **02** == _February_, and **.7** is the _minor revision_.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-search.png" alt-text="Screenshot that shows a screen capture of the results from a Microsoft Update Catalog search for KB4052623." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-search.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-search.png" alt-text="Screenshot that shows a screen capture of the results from a Microsoft Update Catalog search for KB4052623." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-viewer-kb-search.png":::
#### To determine if updates are synchronized
The Windows Server Update Services Configuration Wizard is complete.
The **All Updates** view lists "Platform Updates" and "Security Intelligence Updates" (also known as signatures/definitions). For example, KB4052623 platform updates. KB4052623 platform update is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-view-signature-platform-updates.png" alt-text="Screenshot that shows a screen capture of the results from a Microsoft Update Catalog search for KB4052623 platform updates." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-view-signature-platform-updates.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-view-signature-platform-updates.png" alt-text="Screenshot that shows a screen capture of the results from a Microsoft Update Catalog search for KB4052623 platform updates." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-report-view-signature-platform-updates.png":::
1. Select **KB4052623** version **4.18.2302.7** to see the synchronization status.
The Windows Server Update Services Configuration Wizard is complete.
In **Step 3: Specify a name**, type a name for your rule. For example, type _Microsoft Defender Antivirus updates_. These settings are shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-updates-add-rule.png" alt-text="Screenshot that shows a screen capture of an example name for a rule." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-updates-add-rule.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-updates-add-rule.png" alt-text="Screenshot that shows a screen capture of an example name for a rule." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-updates-add-rule.png":::
1. Select **OK**. The work flow returns to the **Update Rules** page. Select your new rule, For example, select **Microsoft Defender Antivirus updates**. 1. In **Rule Properties**, verify the information is correct, and then select **OK**.
The Windows Server Update Services Configuration Wizard is complete.
- In **Options**, type _InternalDefinitionUpdateServer_, and then select **OK**. The configured **Define the order of sources for downloading security intelligence updates** page is shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png" alt-text="Screenshot that shows a screen capture of how to define the order of sources for downloading security intelligence updates." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png" alt-text="Screenshot that shows a screen capture of how to define the order of sources for downloading security intelligence updates." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png":::
For more information, see [Manage how and where Microsoft Defender Antivirus receives updates](manage-protection-updates-microsoft-defender-antivirus.md).
security Microsoft Defender Antivirus Production Ring Deployment Group Policy Wsus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-production-ring-deployment-group-policy-wsus.md
This article assumes that you have experience with Windows Server Update Service
This section provides information about setting up the production environment using Group Policy and Windows Server Update Services (WSUS). > [!NOTE] > Security intelligence update (SIU) is equivalent to signature updates, which is the same as definition updates.
This section provides information about setting up the production environment us
This is shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-production-update-service-upstream.png" alt-text="Screenshot that shows a screen capture of the Update Services snap-in console, Choose Upstream Server page." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-production-update-service-upstream.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-production-update-service-upstream.png" alt-text="Screenshot that shows a screen capture of the Update Services snap-in console, Choose Upstream Server page." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-production-update-service-upstream.png":::
1. Select **Next**.
This section provides information about setting up the production environment us
- In **Options**, type _InternalDefinitionUpdateServer_, and then select **OK**. The configured **Define the order of sources for downloading security intelligence updates** page is shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png" alt-text="Screenshot that shows a screen capture of the results from a Microsoft Update Catalog search for KB4052623." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png" alt-text="Screenshot that shows a screen capture of the results from a Microsoft Update Catalog search for KB4052623." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-download-order.png":::
1. In **Define the order of sources for downloading security intelligence updates**, select **Enabled**. In **Options**, enter the order of sources for downloading security intelligence updates. For example, type _InternalDefinitionUpdateServer_.
If you encounter problems with your deployment, create or append your Microsoft
Go to **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > (administrator-defined) _PolicySettingName_. For example, _MDAV\_Settings\_Production_, right-click, and then select **Edit**. **Edit** for **MDAV\_Settings\_Production** is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png" alt-text="Screenshot that shows a screen capture of the administrator-defined Microsoft Defender Antivirus policy Edit option." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png" alt-text="Screenshot that shows a screen capture of the administrator-defined Microsoft Defender Antivirus policy Edit option." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png":::
1. Select **Define the order of sources for downloading security intelligence updates**.
If you encounter problems with your deployment, create or append your Microsoft
1. Under **Options**, change the entry to _FileShares_, select **Apply**, and then select **OK**. This change is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png":::
1. Select **Define the order of sources for downloading security intelligence updates**. 1. Select the radio button named **Disabled**, select **Apply**, and then select **OK**. The disabled option is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page with Security Intelligence updates disabled." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page with Security Intelligence updates disabled." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png":::
1. The change is active when Group Policy updates. There are two methods to refresh Group Policy:
If you encounter problems with your deployment, create or append your Microsoft
- Right-click on an organizational unit (OU) that contains the machines (for example, Desktops), select **Group Policy Update**. This UI command is the equivalent of doing a gpupdate.exe /force on every machine in that OU. The feature to force Group Policy to refresh is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png" alt-text="Screenshot that shows a screen capture of the Group Policy Management console, initiating a forced update." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png" alt-text="Screenshot that shows a screen capture of the Group Policy Management console, initiating a forced update." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png":::
1. After the issue is resolved, set the **Signature Update Fallback Order** back to the original setting. `InternalDefinitionUpdateServer|MicrosoftUpdateServer|MMPC|FileShare`.
security Microsoft Defender Antivirus Ring Deployment Group Policy Microsoft Update https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-ring-deployment-group-policy-microsoft-update.md
Copy the latest .admx and .adml to the Domain Controller [Central Store](/troubl
This section describes the process for setting up the pilot UAT / Test / QA environment. > [!NOTE] > Security intelligence update (SIU) is equivalent to signature updates, which is the same as definition updates.
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
The three options are shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the pilot Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the pilot Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
For more information, see [Manage the gradual rollout process for Microsoft Defender updates](manage-gradual-rollout.md)
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
1. For _intelligence_ updates, double-click **Select the channel for Microsoft Defender monthly intelligence updates**.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
1. On the **Select the channel for Microsoft Defender monthly intelligence updates** page, select **Enabled**, and in **Options**, select **Current Channel (Staged)**.
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
1. In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn265969(v=ws.11)) (GPMC, GPMC.msc), go to **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus**.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the production Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the production Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
1. Set the three policies as follows:
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
1. On the **Select the channel for Microsoft Defender monthly intelligence updates** page, select **Enabled**, and in **Options**, select **Current Channel (Broad)**.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
1. Select **Apply**, and then select **OK**.
If you encounter problems with your deployment, create or append your Microsoft
Go to **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > (administrator-defined) _PolicySettingName_. For example, _MDAV\_Settings\_Production_, right-click, and then select **Edit**. **Edit** for **MDAV\_Settings\_Production** is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png" alt-text="Screenshot that shows a screen capture of the administrator-defined Microsoft Defender Antivirus policy Edit option." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png" alt-text="Screenshot that shows a screen capture of the administrator-defined Microsoft Defender Antivirus policy Edit option." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png":::
1. Select **Define the order of sources for downloading security intelligence updates**.
If you encounter problems with your deployment, create or append your Microsoft
1. Under **Options:**, change the entry to _FileShares_, select **Apply**, and then select **OK**. This change is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png":::
1. Select **Define the order of sources for downloading security intelligence updates**. 1. Select the radio button named **Disabled**, select **Apply**, and then select **OK**. The disabled option is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page with Security Intelligence updates disabled." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page with Security Intelligence updates disabled." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png":::
1. The change is active when Group Policy updates. There are two methods to refresh Group Policy:
If you encounter problems with your deployment, create or append your Microsoft
- Right-click on an organizational unit (OU) that contains the machines (for example, Desktops), select **Group Policy Update**. This UI command is the equivalent of doing a gpupdate.exe /force on every machine in that OU. The feature to force Group Policy to refresh is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png" alt-text="Screenshot that shows a screen capture of the Group Policy Management console, initiating a forced update." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png" alt-text="Screenshot that shows a screen capture of the Group Policy Management console, initiating a forced update." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png":::
1. After the issue is resolved, set the **Signature Update Fallback Order** back to the original setting. `InternalDefinitionUpdateServder|MicrosoftUpdateServer|MMPC|FileShare`.
security Microsoft Defender Antivirus Ring Deployment Group Policy Network Share https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-ring-deployment-group-policy-network-share.md
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
The three options are shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the pilot Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the pilot Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
For more information, see [Manage the gradual rollout process for Microsoft Defender updates](manage-gradual-rollout.md)
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
1. For _intelligence_ updates, double-click **Select the channel for Microsoft Defender monthly intelligence updates**.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
1. On the **Select the channel for Microsoft Defender monthly intelligence updates** page, select **Enabled**, and in **Options**, select **Current Channel (Staged)**.
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
1. In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn265969(v=ws.11)) (GPMC, GPMC.msc), go to **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus**.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the production Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png" alt-text="Screenshot that shows a screen capture of the production Computer Configuration > Policies > Administrative Templates > Windows Components > Microsoft Defender Antivirus update channels." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channels.png":::
1. Set the three policies as follows:
In [Group Policy Management Console](/previous-versions/windows/it-pro/windows-s
1. On the **Select the channel for Microsoft Defender monthly intelligence updates** page, select **Enabled**, and in **Options**, select **Current Channel (Broad)**.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="images/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png" alt-text="Screenshot that shows a screen capture of the Select the channel for Microsoft Defender monthly intelligence updates page with Enabled and Current Channel (Staged) selected." lightbox="media/microsoft-defender-antivirus-deploy-ring-gp-microsoft-defender-antivirus-channel-staged.png":::
1. Select **Apply**, and then select **OK**.
If you encounter problems with your deployment, create or append your Microsoft
Go to **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > (administrator-defined) _PolicySettingName_. For example, _MDAV\_Settings\_Production_, right-click, and then select **Edit**. **Edit** for **MDAV\_Settings\_Production** is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png" alt-text="Screenshot that shows a screen capture of the administrator-defined Microsoft Defender Antivirus policy Edit option." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png" alt-text="Screenshot that shows a screen capture of the administrator-defined Microsoft Defender Antivirus policy Edit option." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-edit.png":::
1. Select **Define the order of sources for downloading security intelligence updates**.
If you encounter problems with your deployment, create or append your Microsoft
1. Under **Options:**, change the entry to _FileShares_, select **Apply**, and then select **OK**. This change is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-define-order.png":::
1. Select **Define the order of sources for downloading security intelligence updates**. 1. Select the radio button named **Disabled**, select **Apply**, and then select **OK**. The disabled option is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page with Security Intelligence updates disabled." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png" alt-text="Screenshot that shows a screen capture of the Define the order of sources for downloading security intelligence updates page with Security Intelligence updates disabled." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-policy-disabled.png":::
1. The change is active when Group Policy updates. There are two methods to refresh Group Policy:
If you encounter problems with your deployment, create or append your Microsoft
- Right-click on an organizational unit (OU) that contains the machines (for example, Desktops), select **Group Policy Update**. This UI command is the equivalent of doing a gpupdate.exe /force on every machine in that OU. The feature to force Group Policy to refresh is shown in the following figure:
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png" alt-text="Screenshot that shows a screen capture of the Group Policy Management console, initiating a forced update." lightbox="images/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png" alt-text="Screenshot that shows a screen capture of the Group Policy Management console, initiating a forced update." lightbox="media/microsoft-defender-antivirus-deploy-ring-group-policy-wsus-gp-management-console.png":::
1. After the issue is resolved, set the **Signature Update Fallback Order** back to the original setting. `InternalDefinitionUpdateServder|MicrosoftUpdateServer|MMPC|FileShare`.
security Microsoft Defender Antivirus Ring Deployment Intune Microsoft Update https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-ring-deployment-intune-microsoft-update.md
On about 10-500* Windows and/or Windows Server systems, depending on how many to
In the Intune portal [https://endpoint.microsoft.com](https://endpoint.microsoft.com), create or append to your Microsoft Defender Antivirus policy the following setting: For example, your pilot policy named _MDAV_Settings_Pilot_. If you have a Citrix environment, include at least one Citrix VM (non-persistent and/or persistent). > [!NOTE] > Security intelligence update (SIU) is equivalent to signature updates, which is the same as definition updates.
If you encounter problems with your deployment, change the source of the Microso
1. Change the entry to **FileShares**. This change is shown in the following figure.
- :::image type="content" source="images/microsoft-defender-antivirus-deploy-ring-intune-microsoft-defender-antivirus-production-policy-fallback.png" alt-text="Shows Intune Microsoft Defender Antivirus production policy fallback setting." lightbox="images/microsoft-defender-antivirus-deploy-ring-intune-microsoft-defender-antivirus-production-policy-fallback.png":::
+ :::image type="content" source="media/microsoft-defender-antivirus-deploy-ring-intune-microsoft-defender-antivirus-production-policy-fallback.png" alt-text="Shows Intune Microsoft Defender Antivirus production policy fallback setting." lightbox="media/microsoft-defender-antivirus-deploy-ring-intune-microsoft-defender-antivirus-production-policy-fallback.png":::
#### What this change does
security Microsoft Defender Core Service Configurations And Experimentation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/microsoft-defender-core-service-configurations-and-experimentation.md
+
+ Title: Microsoft Defender Core service configurations and experimentation
+description: Understand the interaction between Microsoft Defender Core Service and the Experimentation and Configuration Service (ECS).
+search.appverid: met150
+++
+ms.localizationpriority: medium
+ Last updated : 03/26/2024
+audience: ITPro
+++
+- m365-security
+- tier3
+- mde-ngp
++
+# Microsoft Defender Core service configurations and experimentation
+
+This article describes the interaction between Microsoft Defender Core Service and the Experimentation and Configuration Service (ECS). Microsoft Defender Core Service is a part of Microsoft Defender Antivirus and communicates with ECS to request and receive different kinds of payloads. These payloads include configurations, feature rollouts, and experiments.
+
+> [!IMPORTANT]
+> Make sure clients can access the following URLs so payloads can be received:
+>
+> Enterprise customers should allow the following URLs:
+> - `*.events.data.microsoft.com`
+> - `*.endpoint.security.microsoft.com`
+> - `*.ecs.office.com`
+>
+>Enterprise U.S. Government customers should allow the following URLs:
+> - `*.events.data.microsoft.com`
+> - `*.endpoint.security.microsoft.us (GCC-H & DoD)`
+> - `*.gccmod.ecs.office.com (GCC-M) *.config.ecs.gov.teams.microsoft.us (GCC-H)`
+> - `*.config.ecs.dod.teams.microsoft.us (DoD)`
+
+> [!NOTE]
+> This applies to Microsoft Defender Antivirus platform update version [4.18.24030](microsoft-defender-antivirus-updates.md) or later.
+
+## Configurations
+
+Configurations are the payload meant to ensure product health, security, and privacy compliance, and are intended to have the same value for all the users (based on platforms and channels.) This could be to enable a feature flag for a domain action, and can also be used to disable a feature flag in the event of a bug.
+
+## Controlled Feature Rollout
+
+Controlled Feature Rollout (CFR) is a procedure for slowly increasing the size of the user group that receives a feature. By distributing a new feature to a randomly selected subset of the user population, it's possible to compare user feedback to an equally sized control group without the feature to measure the impact of the feature.
+
+## Experiments
+
+Microsoft Defender Core Service builds have features and functionality that are still in development or are experimental. Experiments are like CFR, but the size of the user group is much smaller for testing the new concept. These features are hidden by default until the feature's rolled out or the experiment's finished. Experiment flags are used to enable and disable these features.
+
+> [!CAUTION]
+> If you disable communications with the service, this will affect Microsoft's ability to respond to a severe bug in a timely manner.
+
+## See also
+
+- [Microsoft Defender Antivirus in Windows | Microsoft Learn](microsoft-defender-antivirus-windows.md)
+
security Migrating Mde Server To Cloud https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/migrating-mde-server-to-cloud.md
To enable Defender for Servers for Azure VMs and non-Azure machines connected th
4. Make sure the [MDE integration](/azure/defender-for-cloud/integration-defender-for-endpoint?tabs=windows) is enabled on your subscription. If you have pre-existing Azure subscriptions, you might see one (or both) of the two opt-in buttons shown in the image below.
- :::image type="content" source="images/mde-integration.png" alt-text="Screenshot that shows how to enable MDE integration." lightbox="images/mde-integration.png":::
+ :::image type="content" source="medie-integration.png":::
If you have any of these buttons in your environment, make sure to enable integration for both. On new subscriptions, both options are enabled by default. In this case, you don't see these buttons in your environment.
security Onboarding Endpoint Configuration Manager https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/onboarding-endpoint-configuration-manager.md
From within the Microsoft Defender portal it's possible to download the `.onboar
2. Under Deployment method, select the supported version of **Microsoft Configuration Manager**.
- :::image type="content" source="images/mdatp-onboarding-wizard.png" alt-text="The Microsoft Configuration Manager wizard10" lightbox="images/mdatp-onboarding-wizard.png":::
+ :::image type="content" source="mediatp-onboarding-wizard.png":::
3. Select **Download package**.
- :::image type="content" source="images/mdatp-download-package.png" alt-text="The Microsoft Configuration Manager wizard11" lightbox="images/mdatp-download-package.png":::
+ :::image type="content" source="mediatp-download-package.png":::
4. Save the package to an accessible location. 5. In Microsoft Configuration Manager, navigate to: **Assets and Compliance > Overview > Endpoint Protection > Microsoft Defender ATP Policies**.
security Run Scan Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-scan-microsoft-defender-antivirus.md
To check on the detections, see [Review the results of Microsoft Defender Antivi
4. From the list of actions provided, select **Quick Scan** (recommended) or **Full Scan**.
- [![Scan options on the Windows 10 unhealthy endpoints tab.](images/mem-antivirus-scan-on-demand.png)](images/mem-antivirus-scan-on-demand.png#lightbox)
+ [![Scan options on the Windows 10 unhealthy endpoints tab.](media/mem-antivirus-scan-on-demand.png)](media/mem-antivirus-scan-on-demand.png#lightbox)
> [!TIP] > For more information about using Microsoft Configuration Manager to run a scan, see [Antimalware and firewall tasks: How to perform an on-demand scan](/configmgr/protect/deploy-use/endpoint-antimalware-firewall#how-to-perform-an-on-demand-scan-of-computers).
security Schedule Antivirus Scan In Mde https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/schedule-antivirus-scan-in-mde.md
Use the following steps to schedule scans:
cat /logs/mdav_avacron_full_scan.log ```
- :::image type="content" source="images/mdav_avacron_full_scan_log.png" alt-text="verify the job ran":::
+ :::image type="content" source="media/mdav_avacron_full_scan_log.png" alt-text="verify the job ran":::
```shell [root@redhat7 cron.weekly] # cat /logs/mdav_avacron_full_scan.log
security Tamperprotection Macos https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/tamperprotection-macos.md
tamper_protection : "audit"
sudo mdatp config tamper-protection enforcement-level --value block ```
-![Image of manual configuration command](images/manual-config-cmd.png)
+![Image of manual configuration command](medi.png)
> [!NOTE] > You must use managed configuration profile (deployed via MDM) on production machines. If a local admin changed tamper protection mode via a manual configuration, they can change it to a less restrictive mode at any time as well. If tamper protection mode was set via a managed profile, only a global admin will be able to undo it.
security Troubleshoot Asr Rules https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/troubleshoot-asr-rules.md
You can find this utility in *%ProgramFiles%\Windows Defender\MpCmdRun.exe*. You
To generate the support information, type *MpCmdRun.exe -getfiles*. After a while, several logs will be packaged into an archive (MpSupportFiles.cab) and made available in *C:\ProgramData\Microsoft\Windows Defender\Support*. Extract that archive and you'll have many files available for troubleshooting purposes.
security Troubleshoot Onboarding https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/troubleshoot-onboarding.md
The steps below provide guidance for the following scenario:
1. Create an application in Microsoft Endpoint Configuration Manager.
- :::image type="content" source="images/mecm-1.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-1" lightbox="images/mecm-1.png":::
+ :::image type="content" source="media/mecm-1.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-1" lightbox="media/mecm-1.png":::
2. Select **Manually specify the application information**.
- :::image type="content" source="images/mecm-2.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-2" lightbox="images/mecm-2.png":::
+ :::image type="content" source="media/mecm-2.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-2" lightbox="media/mecm-2.png":::
3. Specify information about the application, then select **Next**.
- :::image type="content" source="images/mecm-3.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-3" lightbox="images/mecm-3.png":::
+ :::image type="content" source="media/mecm-3.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-3" lightbox="media/mecm-3.png":::
4. Specify information about the software center, then select **Next**.
- :::image type="content" source="images/mecm-4.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-4" lightbox="images/mecm-4.png":::
+ :::image type="content" source="media/mecm-4.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-4" lightbox="media/mecm-4.png":::
5. In **Deployment types** select **Add**.
- :::image type="content" source="images/mecm-5.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-5" lightbox="images/mecm-5.png":::
+ :::image type="content" source="media/mecm-5.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-5" lightbox="media/mecm-5.png":::
6. Select **Manually specify the deployment type information**, then select **Next**.
- :::image type="content" source="images/mecm-6.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-6" lightbox="images/mecm-6.png":::
+ :::image type="content" source="media/mecm-6.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-6" lightbox="media/mecm-6.png":::
7. Specify information about the deployment type, then select **Next**.
- :::image type="content" source="images/mecm-7.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-7" lightbox="images/mecm-7.png":::
+ :::image type="content" source="media/mecm-7.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-7" lightbox="media/mecm-7.png":::
8. In **Content** \> **Installation program** specify the command: `net start sense`.
- :::image type="content" source="images/mecm-8.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-8" lightbox="images/mecm-8.png":::
+ :::image type="content" source="media/mecm-8.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-8" lightbox="media/mecm-8.png":::
9. In **Detection method**, select **Configure rules to detect the presence of this deployment type**, then select **Add Clause**.
- :::image type="content" source="images/mecm-9.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-9" lightbox="images/mecm-9.png":::
+ :::image type="content" source="media/mecm-9.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-9" lightbox="media/mecm-9.png":::
10. Specify the following detection rule details, then select **OK**:
- :::image type="content" source="images/mecm-10.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-10" lightbox="images/mecm-10.png":::
+ :::image type="content" source="media/mecm-10.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-10" lightbox="media/mecm-10.png":::
11. In **Detection method** select **Next**.
- :::image type="content" source="images/mecm-11.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-11" lightbox="images/mecm-11.png":::
+ :::image type="content" source="media/mecm-11.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-11" lightbox="media/mecm-11.png":::
12. In **User Experience**, specify the following information, then select **Next**:
- :::image type="content" source="images/mecm-12.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-12" lightbox="images/mecm-12.png":::
+ :::image type="content" source="media/mecm-12.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-12" lightbox="media/mecm-12.png":::
13. In **Requirements**, select **Next**.
- :::image type="content" source="images/mecm-13.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-13" lightbox="images/mecm-13.png":::
+ :::image type="content" source="media/mecm-13.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-13" lightbox="media/mecm-13.png":::
14. In **Dependencies**, select **Next**.
- :::image type="content" source="images/mecm-14.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-14" lightbox="images/mecm-14.png":::
+ :::image type="content" source="media/mecm-14.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-14" lightbox="media/mecm-14.png":::
15. In **Summary**, select **Next**.
- :::image type="content" source="images/mecm-15.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-15" lightbox="images/mecm-15.png":::
+ :::image type="content" source="media/mecm-15.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-15" lightbox="media/mecm-15.png":::
16. In **Completion**, select **Close**.
- :::image type="content" source="images/mecm-16.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-16" lightbox="images/mecm-16.png":::
+ :::image type="content" source="media/mecm-16.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-16" lightbox="media/mecm-16.png":::
17. In **Deployment types**, select **Next**.
- :::image type="content" source="images/mecm-17.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-17" lightbox="images/mecm-17.png":::
+ :::image type="content" source="media/mecm-17.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-17" lightbox="media/mecm-17.png":::
18. In **Summary**, select **Next**.
- :::image type="content" source="images/mecm-18.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-18" lightbox="images/mecm-18.png":::
+ :::image type="content" source="media/mecm-18.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-18" lightbox="media/mecm-18.png":::
The status is then displayed:
- :::image type="content" source="images/mecm-19.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-19" lightbox="images/mecm-19.png":::
+ :::image type="content" source="media/mecm-19.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-19" lightbox="media/mecm-19.png":::
19. In **Completion**, select **Close**.
- :::image type="content" source="images/mecm-20.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-20" lightbox="images/mecm-20.png":::
+ :::image type="content" source="media/mecm-20.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-20" lightbox="media/mecm-20.png":::
20. You can now deploy the application by right-clicking the app and selecting **Deploy**.
- :::image type="content" source="images/mecm-21.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-21" lightbox="images/mecm-21.png":::
+ :::image type="content" source="media/mecm-21.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-21" lightbox="media/mecm-21.png":::
21. In **General** select **Automatically distribute content for dependencies** and **Browse**.
- :::image type="content" source="images/mecm-22.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-22" lightbox="images/mecm-22.png":::
+ :::image type="content" source="media/mecm-22.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-22" lightbox="media/mecm-22.png":::
22. In **Content** select **Next**.
- :::image type="content" source="images/mecm-23.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-23" lightbox="images/mecm-23.png":::
+ :::image type="content" source="media/mecm-23.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-23" lightbox="media/mecm-23.png":::
23. In **Deployment settings**, select **Next**.
- :::image type="content" source="images/mecm-24.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-24" lightbox="images/mecm-24.png":::
+ :::image type="content" source="media/mecm-24.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-24" lightbox="media/mecm-24.png":::
24. In **Scheduling** select **As soon as possible after the available time**, then select **Next**.
- :::image type="content" source="images/mecm-25.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-25" lightbox="images/mecm-25.png":::
+ :::image type="content" source="media/mecm-25.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-25" lightbox="media/mecm-25.png":::
25. In **User experience**, select **Commit changes at deadline or during a maintenance window (requires restarts)**, then select **Next**.
- :::image type="content" source="images/mecm-26.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-26" lightbox="images/mecm-26.png":::
+ :::image type="content" source="media/mecm-26.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-26" lightbox="media/mecm-26.png":::
26. In **Alerts** select **Next**.
- :::image type="content" source="images/mecm-27.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-27" lightbox="images/mecm-27.png":::
+ :::image type="content" source="media/mecm-27.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-27" lightbox="media/mecm-27.png":::
27. In **Summary**, select **Next**.
- :::image type="content" source="images/mecm-28.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-28" lightbox="images/mecm-28.png":::
+ :::image type="content" source="media/mecm-28.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-28" lightbox="media/mecm-28.png":::
The status is then displayed
- :::image type="content" source="images/mecm-29.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-29" lightbox="images/mecm-29.png":::
+ :::image type="content" source="media/mecm-29.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-29" lightbox="media/mecm-29.png":::
28. In **Completion**, select **Close**.
- :::image type="content" source="images/mecm-30.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-30" lightbox="images/mecm-30.png":::
+ :::image type="content" source="media/mecm-30.png" alt-text="The Microsoft Endpoint Configuration Manager configuration-30" lightbox="media/mecm-30.png":::
## Related topics
security Api Update Incidents https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-update-incidents.md
Title: Update incident API description: Learn how to update incidents using Microsoft Defender XDR API
-keywords: update, api, incident
search.product: eADQiWindows 10XVcnh
-ms.sitesec: library
-ms.pagetype: security
f1.keywords: - NOCSH
Updates properties of existing incident. Updatable properties are: `status`, `de
### Quotas, resource allocation, and other constraints
-1. You can make up to 50 calls per minute or 1500 calls per hour before you hit the throttling threshold.
+1. You can make up to 50 calls per minute or 1,500 calls per hour before you hit the throttling threshold.
2. You can set the `determination` property only if `classification` is set to TruePositive.
-If your request is throttled, it will return a `429` response code. The response body will indicate the time when you can begin making new calls.
+If your request is throttled, it returns a `429` response code. The response body indicates the time when you can begin making new calls.
## Permissions
Content-Type|String|application/json. **Required**.
## Request body
-In the request body, supply the values for the fields that should be updated. Existing properties that aren't included in the request body will maintain their values, unless they have to be recalculated due to changes to related values. For best performance, you should omit existing values that haven't changed.
+In the request body, supply the values for the fields that should be updated. Existing properties that aren't included in the request body maintain their values, unless they have to be recalculated due to changes to related values. For best performance, you should omit existing values that didn't change.
Property|Type|Description || status|Enum|Specifies the current status of the incident. Possible values are: `Active`, `Resolved`, `InProgress`, and `Redirected`. assignedTo|string|Owner of the incident.
-classification|Enum|Specification of the incident. Possible values are: `TruePositive`, `Informational, expected activity`, and `FalsePositive`.
-determination|Enum|Specifies the determination of the incident. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) ΓÇô consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `Unwanted software` (UnwantedSoftware), and `Other` (Other). <li> <b>Informational, expected activity:</b> `Security test` (SecurityTesting), `Line-of-business application` (LineOfBusinessApplication), `Confirmed activity` (ConfirmedUserActivity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li> <b>False positive:</b> `Not malicious` (Clean) - consider changing the enum name in public api accordingly, `Not enough data to validate` (InsufficientData), and `Other` (Other).
+classification|Enum|Specification of the incident. Possible values are: `TruePositive` (True positive), `InformationalExpectedActivity` (Informational, expected activity), and `FalsePositive` (False Positive).
+determination|Enum|Specifies the determination of the incident. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) ΓÇô consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `UnwantedSoftware` (Unwanted software), and `Other` (Other). <li> <b>Informational, expected activity:</b> `SecurityTesting` (Security test), `LineOfBusinessApplication` (Line-of-business application), `ConfirmedActivity` (Confirmed activity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li> <b>False positive:</b> `Clean` (Not malicious) - consider changing the enum name in public api accordingly, `NoEnoughDataToValidate` (Not enough data to validate), and `Other` (Other).
tags|string list|List of Incident tags. comment|string|Comment to be added to the incident.
comment|string|Comment to be added to the incident.
## Response
-If successful, this method returns `200 OK`. The response body will contain the incident entity with updated properties. If an incident with the specified ID wasn't found, the method returns
+If successful, this method returns `200 OK`. The response body contains the incident entity with updated properties. If an incident with the specified ID wasn't found, the method returns
`404 Not Found`. ## Example
Here's an example of the request.
PATCH https://api.security.microsoft.com/api/incidents/{id} ```
-### Response example
+### Request example
```json {
Here's an example of the request.
- [Incident APIs](api-incident.md) - [List incidents](api-list-incidents.md) - [Incidents overview](incidents-overview.md)+ [!INCLUDE [Microsoft Defender XDR rebranding](../../includes/defender-m3d-techcommunity.md)]
security Microsoft Sentinel Onboard https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-sentinel-onboard.md
search.appverid:
- MOE150 - MET150 Last updated 11/10/2023
+appliesto: Microsoft Sentinel in the Microsoft Defender portal
# Connect Microsoft Sentinel to Microsoft Defender XDR (preview)
-**Applies to:**
-- Microsoft Defender XDR-- Microsoft Sentinel- Combine the power of Microsoft Sentinel with Microsoft Defender XDR into a single portal enhanced with the following features: - Advanced hunting that spans Microsoft Sentinel and Microsoft Defender XDR
security Anti Spoofing Spoof Intelligence https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spoofing-spoof-intelligence.md
The rest of this article explains how to use the spoof intelligence insight in t
> > - Only spoofed senders that were detected by spoof intelligence appear in the spoof intelligence insight. When you override the allow or block verdict in the insight, the spoofed sender becomes a manual allow or block entry that appears only on the **Spoofed senders** tab on the **Tenant Allow/Block Lists** page at <https://security.microsoft.com/tenantAllowBlockList?viewid=SpoofItem>. You can also manually create allow or block entries for spoofed senders before they're detected by spoof intelligence. For more information, see [Spoofed senders in the Tenant Allow/Block List](tenant-allow-block-list-email-spoof-configure.md#spoofed-senders-in-the-tenant-allowblock-list). >
+> - The **Action** values **Allow** or **Block** in the spoof intelligence insight refer to spoof _detection_ (whether Microsoft 365 identified the message as spoofed or not). The **Action** value doesn't necessarily affect the overall filtering of the message. For example, to avoid false positives, a spoofed message might be delivered if we find that it doesn't have malicious intent.
+>
> - The spoof intelligence insight and the **Spoofed senders** tab in the Tenant Allow/Block list replace the functionality of the spoof intelligence policy that was available on the anti-spam policy page in the Security & Compliance Center. > > - The spoof intelligence insight shows 7 days worth of data. The **Get-SpoofIntelligenceInsight** cmdlet shows 30 days worth of data.
On the **Spoof intelligence insight** page, you can sort the entries by clicking
- **External**: The spoofed sender is in an external domain. - **Action**: This value is **Allowed** or **Blocked**: - **Allowed**: The domain failed explicit email authentication checks [SPF](email-authentication-spf-configure.md), [DKIM](email-authentication-dkim-configure.md), and [DMARC](email-authentication-dmarc-configure.md). However, the domain passed our implicit email authentication checks ([composite authentication](email-authentication-about.md#composite-authentication)). As a result, no anti-spoofing action was taken on the message.
- - **Blocked**: Messages from the combination of the spoofed domain _and_ sending infrastructure are marked as bad by spoof intelligence. The action that's taken on the spoofed messages is controlled by the default anti-phishing policy or custom anti-phishing policies (the default value is **Move message to Junk Email folder**). For more information, see [Configure anti-phishing policies in Microsoft Defender for Office 365](anti-phishing-policies-mdo-configure.md).
+ - **Blocked**: Messages from the combination of the spoofed domain _and_ sending infrastructure are marked as bad by spoof intelligence. The action that's taken on the spoofed messages with malicious intent is controlled by the [Standard or Strict preset security policies](preset-security-policies.md), the default anti-phishing policy, or custom anti-phishing policies. For more information, see [Configure anti-phishing policies in Microsoft Defender for Office 365](anti-phishing-policies-mdo-configure.md).
To change the list of spoofed senders from normal to compact spacing, select :::image type="icon" source="../../media/m365-cc-sc-standard-icon.png" border="false"::: **Change list spacing to compact or normal**, and then select :::image type="icon" source="../../media/m365-cc-sc-compact-icon.png" border="false"::: **Compact list**.
security Quarantine About https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-about.md
For anti-spam and anti-phishing protection, admins can also modify the default p
The protection policies for [supported features](quarantine-policies.md#step-2-assign-a-quarantine-policy-to-supported-features) have one or more _quarantine policies_ assigned to them (each action within the protection policy has an associated quarantine policy assignment).
+> [!TIP]
+> All actions taken by admins or users on quarantined messages are audited. For more information about audited quarantine events, see [Quarantine schema in the Office 365 Management API](/office/office-365-management-api/office-365-management-activity-api-schema#quarantine-schema).
+ ## Quarantine policies _Quarantine policies_ define what users are able to do or not do to quarantined messages, and whether users receive quarantine notifications for those messages. For more information, see [Anatomy of a quarantine policy](quarantine-policies.md#anatomy-of-a-quarantine-policy).
security Quarantine Admin Manage Messages Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-admin-manage-messages-files.md
Watch this short video to learn how to manage quarantined messages as an admin.
- Quarantined messages and files are retained for a default period of time based on why they were quarantined. After the retention period expires, the messages are automatically deleted and aren't recoverable. For more information, see [Quarantine retention](quarantine-about.md#quarantine-retention).
+- All actions taken by admins or users on quarantined messages are audited. For more information about audited quarantine events, see [Quarantine schema in the Office 365 Management API](/office/office-365-management-api/office-365-management-activity-api-schema#quarantine-schema).
+ ## Use the Microsoft Defender portal to manage quarantined email messages ### View quarantined email
security Quarantine End User https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-end-user.md
You view and manage your quarantined messages in the Microsoft Defender portal o
- By default, messages that were quarantined for high confidence phishing, malware, or by mail flow rules are only available to admins, and aren't visible to users. For more information, see [Manage quarantined messages and files as an admin in EOP](quarantine-admin-manage-messages-files.md).
+- All actions taken by admins or users on quarantined messages are audited. For more information about audited quarantine events, see [Quarantine schema in the Office 365 Management API](/office/office-365-management-api/office-365-management-activity-api-schema#quarantine-schema).
+ ## Manage quarantined messages in EOP ### View your quarantined messages
security Quarantine Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-policies.md
You create and assign quarantine policies in the Microsoft Defender portal or in
- [Email & collaboration permissions in the Microsoft Defender portal](mdo-portal-permissions.md): Membership in the **Quarantine Administrator**, **Security Administrator**, or **Organization Management** role groups. - [Microsoft Entra permissions](/entra/identity/role-based-access-control/manage-roles-portal): Membership in the **Global Administrator** or **Security Administrator** roles gives users the required permissions _and_ permissions for other features in Microsoft 365.
+- All actions taken by admins or users on quarantined messages are audited. For more information about audited quarantine events, see [Quarantine schema in the Office 365 Management API](/office/office-365-management-api/office-365-management-activity-api-schema#quarantine-schema).
+ ## Step 1: Create quarantine policies in the Microsoft Defender portal 1. In the Microsoft Defender portal at <https://security.microsoft.com>, go to **Email & collaboration** \> **Policies & Rules** \> **Threat policies** \> **Quarantine policy** in the **Rules** section. Or, to go directly to the **Quarantine policy** page, use <https://security.microsoft.com/quarantinePolicies>.
syntex Copilot Syntex https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/copilot-syntex.md
- Title: Overview of Syntex File Q&A for Copilot (Preview)---- Previously updated : 07/24/2023---
- - enabler-strategic
- - m365initiative-syntex
-
-description: Learn how to use File Q&A for Copilot to easily find information in Microsoft Syntex.
--
-# Overview of Syntex File Q&A for Copilot (Preview)
-
-> [!NOTE]
-> This feature is currently in limited preview and subject to change.
-
-Microsoft Syntex now brings the power of assistive AI into your organization's intelligent document processing.
-
-Syntex File Q&A for Copilot analyzes the text of a selected file in a SharePoint document library, in OneDrive for Business, or in Teams. It then generates a set of questions you can ask about the information in the file. The questions can be used to quickly identify the type of document, generate a summary of information in the document, and identify key points or other important information. You can also ask your own questions, such as "When does this contract expire?" or "What is the fee schedule for this project?"
-
-## To use Syntex File Q&A for Copilot
-
-1. From a SharePoint document library, select a document.
-
-2. On the ribbon, select **Copilot**.
-
- ![Screenshot of a document library page showing a document selected and the Copilot button on the ribbon.](../media/content-understanding/copilot-document-selected.png)
-
-3. The first time you use Syntex File Q&A for Copilot, you'll see this **Copilot** panel.
-
- ![Screenshot of the first-run experience Copilot panel.](../media/content-understanding/copilot-panel-first-run.png)
-
-4. After that, you'll see this **Copilot** panel.
-
- ![Screenshot of the Copilot panel.](../media/content-understanding/copilot-panel.png)
-
-5. On the **Copilot** panel, you can:
-
- - Select one of the questions Copilot has generated for you tailored for the specific file. Or select **Refresh** (![Image of the Refresh icon.](../media/content-understanding/copilot-refresh-icon.png)) to generate more questions.
-
- ![Screenshot of the generated questions on the Copilot panel.](../media/content-understanding/copilot-generated-questions.png)
-
- - In the text box, enter your own specific question or make a request.
-
- ![Screenshot of the text box on the Copilot panel.](../media/content-understanding/copilot-text-box.png)
-
-<! - In the text box, select **More from Syntex** to find more information about the file.
-
- ![Screenshot of the text box on the Copilot panel with the starter prompt highlighted.](../media/content-understanding/copilot-starter-prompt.png)>
-
-> [!NOTE]
-> If you want to clear the current session, at the top of the **Copilot** panel, select **More options** (<sup>**...**</sup>), and then select **Clear session**.
-
-## Current limitations
--- Syntex File Q&A for Copilot currently works on Word (.docx), PowerPoint (.pptx), and text-readable .pdf file types. More file types will be added in the future.--- Syntex File Q&A for Copilot is currently only available to customers in the United States, and currently only understands instructions in English. More languages and locales will be added in the future.--- Syntex File Q&A for Copilot works on a single selected file at a time, and it only processes the first 4,000 tokens (approximately six pages).--- Syntex File Q&A for Copilot won't process encrypted files or files stamped with "Confidential" or "Highly Confidential" sensitivity labels.--- Syntex File Q&A for Copilot doesn't save the context of your session, but you can copy the information if you want to save it.-
-> [!IMPORTANT]
-> It's important that you review any content the AI generates for you to make sure it has accurately produced what you wanted.
-
-## Data security and privacy
-
-The new Copilot experiences don't change Microsoft's commitment and principles for data security and privacy. Learn more about [Microsoft's standards for data security and privacy](https://techcommunity.microsoft.com/t5/microsoft-365-blog/administration-of-microsoft-365-in-the-new-era-of-ai/ba-p/3767079) and [how data is maintained in the Azure OpenAI service](/legal/cognitive-services/openai/data-privacy#how-is-data-retained-and-what-customer-controls-are-available).
-
-## Let us know what you think
-
-If you have a suggestion for Syntex File Q&A for Copilot, or if there's something you like or something you don't like about it, you can submit feedback to Microsoft from the **Copilot** panel. Select **More options** (<sup>**...**</sup>), and then select **Send feedback**.
-
- ![Screenshot of the Copilot panel showing the Send feedback option.](../media/content-understanding/copilot-send-feedback.png)
-
-This feedback is used to help us improve your experience in Syntex File Q&A for Copilot.
syntex Create Syntex Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/create-syntex-model.md
Title: Create an enterprise model in Microsoft Syntex -+ Previously updated : 03/11/2024 Last updated : 03/25/2024 audience: admin
The **Train a custom model** section shows the training method for the type of c
- **Teaching method** ΓÇô Creates an [unstructured document processing model](document-understanding-overview.md). -- **Freeform selection method** ΓÇô Creates a [freeform document processing model](freeform-document-processing-overview.md).
+- **Freeform selection method** ΓÇô Creates a [freeform document processing model](form-processing-overview.md).
- **Layout method** ΓÇô Creates a [structured document processing model](form-processing-overview.md).
Use the **Teaching method** to create an [unstructured document processing model
# [Freeform selection method](#tab/freeform-selection-method)
-Use the **Freeform selection method** to create a [freeform document processing model](freeform-document-processing-overview.md).
+Use the **Freeform selection method** to create a [freeform document processing model](form-processing-overview.md).
1. Select **Freeform selection method**.
syntex Freeform Document Processing Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/freeform-document-processing-overview.md
- Title: Overview of freeform document processing in Microsoft Syntex---- Previously updated : 01/16/2024----
- - enabler-strategic
- - m365initiative-syntex
-
-description: Learn how to use AI Builder to create freeform document processing models in Microsoft Syntex.
--
-# Overview of freeform document processing in Microsoft Syntex
-
-</br>
-
-> [!VIDEO https://www.microsoft.com/videoplayer/embed/RW15YNo]
-
-</br>
-
-Use the freeform document processing model ([freeform selection method](create-syntex-model.md#train-a-custom-model)) to automatically extract information from unstructured and freeform documents such as letters and contracts.
-
-## Introduction to freeform models
-
-Microsoft Syntex uses Microsoft Power Apps [AI Builder](/ai-builder/form-processing-model-overview) document processing (formerly known as form processing) to create freeform document processing models within SharePoint document libraries.
-<!
- ![AI Builder.](../media/content-understanding/ai-builder.png)
->
-You can use AI Builder document processing to create freeform document processing models that use machine learning technology to identify and extract key-value pairs and table data from unstructured or freeform documents, such as contracts and correspondence.
-
-Organizations often receive documents that have no structure in large quantities from various sources, such as mail, fax, and email. Processing these documents and manually entering them into a database can take a considerable amount of time. By using AI to extract the text, key-value pairs, and tables from your documents, Syntex automates this process.
-
-> [!NOTE]
-> For more ideas about how to use these models in your organization, see [Get started driving adoption](adoption-getstarted.md) and [Scenarios and use cases](adoption-scenarios.md).
-
-For example, you can create a freeform document processing model that identifies all documents that are uploaded to the document library. From each document, you can then extract and display specific data that is important to you.
-
-![Screenshot showing the document library view.](../media/content-understanding/doc-lib-done.png)
-
-You use example files to train your model and define the information to be extracted from your form. The layout of your document is learned by training your model. You only need five form documents to get started. Syntex will analyze your example files for key-value pairs, and you can also manually identify ones that might not have been detected. AI builder lets you test the accuracy of your model on your example files.
-
-You can only create a freeform document processing model in SharePoint document libraries for which it's enabled. If it has been enabled, you're able to see the **Classify and extract** option in your document library.
-
-![Screenshot showing the AI Builder model.](../media/content-understanding/create-ai-builder-model2.png)
-
-If you need it enabled on your document library, contact your Microsoft 365 admin.
-
-## Requirements and limitations
-
-For information about requirements to consider when choosing this model, see [Requirements and limitations for models in Microsoft Syntex](requirements-and-limitations.md#freeform-document-processing).
-
syntex Ocr Preview Terms https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/ocr-preview-terms.md
- Title: Microsoft Syntex Optical Character Recognition (ΓÇ£OCRΓÇ¥) Feature Preview Agreement ---- Previously updated : 08/29/2023-----
-description: Read the Microsoft Syntex Optical Character Recognition (ΓÇ£OCRΓÇ¥) Feature Preview Agreement.
--
-# Microsoft Syntex Optical Character Recognition (ΓÇ£OCRΓÇ¥) Feature Preview Agreement
-
-**<ins>The purpose of this Agreement</ins>**. We intend to enter discussions in which Company may provide input in connection with Microsoft offerings as described below. This Agreement clarifies our respective rights and obligations regarding that input. We agree that Company providing or Microsoft using input is voluntary.
-
-Input is all suggestions, comments, feedback, ideas, or know how, in any form, that Company provides to Microsoft. It doesn't include sales forecasts, financial results, future release scheduled, marketing plans and high-level product plans or feature lists for anticipated products.
-
-**MICROSOFT OFFERING:**
-
-The optical character recognition (OCR) service in Microsoft Syntex lets you extract printed or handwritten text from images, such as posters, drawings, and product labels, as well as from documents like articles, reports, forms, and invoices. Microsoft Syntex OCR uses AI to extract text from customers' images, whether in OneDrive and SharePoint, Exchange emails, or Teams messages. This text extraction is done on a pay-as-you-go basis (each page of an image costs $0.001) using the latest tech from Azure Cognitive Services. Global and SharePoint admins can configure Microsoft Syntex OCR in the Microsoft Admin Center, and Compliance admins can also configure OCR in Microsoft Purview as they may need the capability for different scenarios and/or not want to leave Purview admin. The Microsoft Syntex OCR service will honor settings from either admin experience, keeping the extracted text and not charging the customer twice even if it's configured in multiple places within admin.
-
-The OCR service supports more thanΓÇ»[150 languages](/azure/ai-services/language-support).
-
-**FEATURE PREVIEW:** Company agrees that by using this Preview Feature Company has accepted these terms. To terminate this Preview, don't use the Preview Feature. Microsoft may change or discontinue the Preview Feature at any time with or without notice. Microsoft may also choose not to make the Preview Feature generally commercially available.
-
-No SLA applies to this Feature Preview.
-
-THE PREVIEW FEATURE IS PROVIDED ΓÇ£AS-IS,ΓÇ¥ ΓÇ£WITH ALL FAULTS,ΓÇ¥ AND ΓÇ£AS AVAILABLE.ΓÇ¥ Microsoft provides no performance guarantee for the Feature Preview (including accompanying URLs provided for embedded or unauthenticated viewing) and Company bears the risk of using it. The Feature Preview isn't included in the SLA for Microsoft Syntex and may not be covered by customer support.
-
-**<ins>LICENSE</ins>**
-
-If Company provides Input, including feedback, Company grants to Microsoft, without charge, the nonexclusive License to make, modify, distribute, or otherwise commercialize the Input as part of any Microsoft offering.
-
-Company retains all right, title and interest in and to the Input. The above License doesn't extend to any technologies that may also be necessary to make or use any offering or portion thereof that incorporates the Input but aren't themselves expressly part of the Input (for example, enabling technologies).
-
-**<ins>PAYMENT TERMS</ins>**
-
-Microsoft Syntex OCR services use pay-as-you-go billing through an Azure subscription. Microsoft Syntex OCR services billing is determined the number of pages processed for images (JPEG, JPG, PNG, or BMP); the number of pages processed for PDF, TIF, or TIFF; or the number of embedded images in Teams chats and email messages. Each of these counts as one transaction. Processing occurs every time the file is edited. Company will be able to view this usage as meter events through the Azure subscription it chooses.
-
-Microsoft Syntex OCR services Feature Preview pricing is as follows:
-
-|OCR Meters |Meter |Price |
-|||--|
-|Pages Processed |Optical character recognition (Preview) |$0.001/Transaction |
-
-Prerequisites to enable Microsoft Syntex OCR services pay-as-you-go are:
-
-&emsp;(i) An Azure subscription with admin access as owner or contributor on the subscription;ΓÇ»
-
-&emsp;(ii) A SharePoint tenant ID;
-
-&emsp;(iii) An Azure resource group;
-
-&emsp;(iv) The ability to run PowerShell cmdlets to configure billing; and
-
-&emsp;(v) A Microsoft Entra appID in the same tenancy.ΓÇ»
-
-**<ins>INFORMATION USE AND DISCLOSURE</ins>**
-
-With respect to the Microsoft Syntex OCR services, Microsoft may access or disclose information about Company, its account, and the content of its communications in order to:
-
-&emsp;a) provide, operate, and improve Microsoft services;
-
-&emsp;b) comply with the law or respond to lawful requests or legal process; or
-
-&emsp;c) protect the rights or property of Microsoft or our customers, including the enforcement of MicrosoftΓÇÖs agreements or policies governing the use of the Microsoft Syntex OCR services.
-
-**<ins>Data Processing and Transfers</ins>**
-
-To the extent Microsoft is a processor of Personal Data subject to the European UnionΓÇÖs General Data Protection Regulation (ΓÇ£GDPRΓÇ¥), the GDPR Terms set forth in Attachment 1 govern that processing and the parties also agree to the following terms. For the purpose of this section, the term ΓÇ£Personal DataΓÇ¥ means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person:
-
-a) Processing Details. The parties acknowledge and agree that:
-
-&emsp;i. The subject-matter of the processing is limited to Personal Data within the scope of GDPR;
-
-&emsp;ii. The duration of the processing shall be for the duration of the CompanyΓÇÖs right to participate in the Feature Preview Program and until all Personal Data is deleted or returned in accordance with Company instructions or this Agreement;
-
-&emsp;iii. The nature and purpose of the processing shall be to provide the Microsoft Syntex OCR services pursuant to the Agreement;
-
-&emsp;iv. The types of Personal Data processed by the Feature Preview Program include those expressly identified in Article 4 of the GDPR to the extent included by CompanyΓÇÖs data; and
-
-&emsp;v. The categories of data subjects are CompanyΓÇÖs representatives and end users, such as employees, contractors, collaborators, and customers.
-
-b) Data Transfers.
-
-&emsp;i. CompanyΓÇÖs data, and Personal Data that Microsoft processes on CustomerΓÇÖs behalf may be transferred to, and stored and processed in, the United States or any other country in which Microsoft or its Subprocessors operate. Company appoints Microsoft to perform any such transfer of Company data and Personal Data to any such country and to store and process data and Personal Data to provide the Microsoft Syntex OCR services.
-
-&emsp;ii. Microsoft will abide by the requirements of European Economic Area and Swiss data protection law regarding the collection, use, transfer, retention and other processing of Personal Data from the European Economic Area and Switzerland. All transfers of Personal Data to a third country or an international organization will be subject to appropriate safeguards as described in Article 46 of the GDPR and such transfers and safeguards will be documented according to Article 30(2) of the GDPR.
-
-&emsp;iii. In addition, Microsoft is certified to meet the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and the commitments they entail. Microsoft agrees to notify Company in the event that it determines that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield principles.
-
-**<ins>Acknowledgments and Consent by Company</ins>**
-
-If Company collects, stores, or processes Personal Data when using Microsoft Syntex OCR services, Company agrees to comply with all privacy and data protection laws, taking into account the nature of the information to be processed, as well as the features and limitations of the Feature Preview Program as described in this Agreement or as otherwise provided to Company.
-
-**<ins>Pre-Release Service Features and Privacy Choice</ins>**
-
-Company affirms that it has obtained or will obtain any required consents from data subjects who may participate in CompanyΓÇÖs use of the Feature Preview Program. Company must not allow Personal Data to be collected through use of the Microsoft Syntex OCR services in jurisdictions or industries where the Feature Preview attributes described herein would make such use contrary to applicable law. The Feature Preview may employ lesser or different security measures than those present in MicrosoftΓÇÖs existing commercial versions of Microsoft software or Online Services or expected to be present in future commercial versions of the software and Online Services. Without limiting the foregoing, security disclosures or independent security certifications applicable to existing commercial versions of the software and Online Services don't apply to the Feature Preview.
-
-**<ins>LENGTH OF OBLIGATIONS; DISCLOSURE</ins>**
-
-**Termination.** This Agreement continues in effect until <ins>December 31, 2023, or until the Preview Feature is generally commercially available to the public</ins>. Either of us may terminate this Agreement, or any input schedule, for any reason by 1) by Microsoft providing Company with 10 daysΓÇÖ advance notice, or 2) Company stops using the Preview Feature. Termination of this Agreement or any Input schedule won't change any of the rights, licenses granted, or duties made while this Agreement or input schedule is in effect.
-
-**Effects upon Termination.** Once terminated, Company will no longer use Microsoft Syntex OCR services.
-
-This Agreement can't be extended. Microsoft may also choose not to make the Preview Feature generally commercially available.
-
-**Disclosure.** The Parties agree to keep confidential the terms of this Agreement and only disclose information to relevant parties limited to the extent necessary for the good execution of this Agreement, as well as the source of the Input.
-
-**Disclosing if required by law; or other action.** Each of us may disclose the confidential information described above if required to comply with a court order or other government demand that has the force of law or if in the context of an actual or threatened infringement or other action related to this Agreement or the Input. Before doing so, each of us must seek the highest level of protection available and, when possible, give the other enough prior notice to provide a reasonable chance to seek a protective order.
-
-**<ins>REPRESENTATIONS AND LIMITATIONS</ins>**
-
-**Input.** Company represents that it will not give any Input that:
-
- 1. Violates any copyright or trade secret claim or right of any third party;
-
- 2. It has reason to believe violates any patent claim or right of any third party; or
-
- 3. Is subject to an excluded license.
-
-**Authority.** Company represents it has all rights and authority necessary to sign this Agreement and grant the rights in it for itself and its affiliates.
-
-**Limitations.** All information, materials and input are provided ΓÇ£as-isΓÇ¥ and Microsoft bears the risk of using them; Company gives no express warranties, guarantees or conditions as to its Input; and to the extent permitted under local law, Company excludes the implied warranties of merchantability, fitness for a particular purpose, title and non-infringement as to its Input.
-
-**<ins>LIMITATIONS ON AND EXCLUSIONS OF REMEDIES AND DAMAGES</ins>**
-
-Except as described herein, the only remedy either of us has for claims relating to this Agreement is to terminate it. Neither of us can recover any damages, including direct, consequential, lost profits, special, punitive, indirect or incidental damages from the other. This limitation applies:
-
- 1. To claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
-
- 2. Even if one of us knew or should have known about the possibility of the damages.
-
-The limitations in this section doesn't apply to claims arising from or in connection with any infringement, misuse or misappropriation by one of us of the otherΓÇÖs intellectual property rights.
-
-**<ins>GENERAL RIGHTS AND OBLIGATIONS</ins>**
-
-**Notices.** Notices may be provided either by electronic or physical mail. Each of us designates the persons specified on the last page of this Agreement to receive notices. Each of us may specify changes by giving notice to the other.
-
-**Law that applies; jurisdiction and venue.** The laws of the State of Washington govern this Agreement. If federal jurisdiction exists, each of us consents to exclusive jurisdiction and venue in the federal courts in King County, Washington. If not, each of us consents to exclusive jurisdiction and venue in the Superior Court of King County, Washington.
-
-**Waiver.** Any delay or failure of either of us to exercise a right or remedy won't result in a waiver of that, or any other, right or remedy.
-
-**Breach.** Each of us agrees that the other may seek court orders to stop any breach of this Agreement.
-
-**AttorneysΓÇÖ fees.** In any dispute relating to this Agreement the prevailing party will be entitled to recover reasonable attorneys' fees and costs.
-
-**No Assignment.** Neither of us may assign this Agreement, by operation of law, or otherwise, without the prior, written approval of the other.
-
-**Enforceability.** If any provision of this Agreement is unenforceable, the parties (or, if we can't agree, a court) will modify this Agreement to revise it so that it can be enforced. Even if no revision is possible, the rest of this Agreement will remain in place.
-
-**Entire Agreement.** This Agreement includes all exhibits and schedules. If Company has entered into a license agreement for use of any Microsoft offering, that license agreement will govern its use of the Microsoft offering, and any feedback given to Microsoft under that license agreement. With these exceptions, this is the entire agreement between us regarding the Input. It replaces all other agreements and understandings regarding the subject matter of this Agreement.
-
-&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;**Attachment 1 ΓÇô GDPR Terms**
-
-For purposes of these GDPR Terms, Company and Microsoft agree that Company is the controller of Personal Data and Microsoft is the processor of such data, except when Company acts as a processor of Personal Data, in which case Microsoft is a subprocessor. These GDPR Terms apply to the processing of Personal Data, within the scope of the GDPR, by Microsoft on behalf of Company. These GDPR Terms don't limit or reduce any data protection commitments Microsoft makes to Company in other agreements between Microsoft and Company. These GDPR Terms don't apply where Microsoft is a controller of Personal Data.
-
-**Relevant GDPR Obligations: Articles 28, 32, and 33**
-
-1) Microsoft shall not engage another processor without prior specific or general written authorization of Company. In the case of general written authorization, Microsoft shall inform Company of any intended changes concerning the addition or replacement of other processors, thereby giving Company the opportunity to object to such changes. (Article 28(2))
-
-2) Processing by Microsoft shall be governed by these GDPR Terms under European Union (hereafter ΓÇ£UnionΓÇ¥) or Member State law and are binding on Microsoft with regard to Company. The subject-matter and duration of the processing, the nature and purpose of the processing, the type of Personal Data, the categories of data subjects and the obligations and rights of the Company are set forth in the Agreement, including these GDPR Terms. In particular, Microsoft shall:
-
-&emsp;&emsp;&emsp;a. process the Personal Data only on documented instructions from Company, including with regard to transfers of Personal Data to a third country or an international organization, unless required to do so by Union or Member State law to which Microsoft is subject; in such a case, Microsoft shall inform Company of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest;
-
-&emsp;&emsp;&emsp;b. ensure that persons authorized to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
-
-&emsp;&emsp;&emsp;c. take all measures required pursuant to Article 32 of the GDPR;
-
-&emsp;&emsp;&emsp;d. respect the conditions referred to in paragraphs 1 and 3 for engaging another processor;
-
-&emsp;&emsp;&emsp;e. taking into account the nature of the processing, assist Company by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of the CompanyΓÇÖs obligation to respond to requests for exercising the data subject's rights laid down in Chapter III of the GDPR;
-
-&emsp;&emsp;&emsp;f. assist Company in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR, taking into account the nature of processing and the information available to Microsoft;
-
-&emsp;&emsp;&emsp;g. at the choice of Company, delete or return all the Personal Data to Company after the end of the provision of services relating to processing, and delete existing copies unless Union or Member State law requires storage of the Personal Data;
-
-&emsp;&emsp;&emsp;h. make available to Company all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR and allow for and contribute to audits, including inspections, conducted by Company or another auditor mandated by Company.
-
-3) Microsoft shall immediately inform Company if, in its opinion, an instruction infringes the GDPR or other Union or Member State data protection provisions. (Article 28(3))
-
-4) Where Microsoft engages another processor for carrying out specific processing activities on behalf of Company, the same data protection obligations as set out in these GDPR Terms shall be imposed on that other processor by way of a contract or other legal act under Union or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing will meet the requirements of the GDPR. Where that other processor fails to fulfill its data protection obligations, Microsoft shall remain fully liable to the Company for the performance of that other processor's obligations. (Article 28(4))
-
-5) Taking into account the state of the art, the costs of implementation and the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Company and Microsoft shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
-
-&emsp;&emsp;&emsp;a. the pseudonymization and encryption of Personal Data;
-
-&emsp;&emsp;&emsp;b. the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
-
-&emsp;&emsp;&emsp;c. the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and
-
-&emsp;&emsp;&emsp;d. a process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. (Article 32(1))
-
-6) In assessing the appropriate level of security, account shall be taken of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored, or otherwise processed. (Article 32(2))
-
-7) Company and Microsoft shall take steps to ensure that any natural person acting under the authority of Company or Microsoft who has access to Personal Data doesn't process them except on instructions from Company, unless he or she is required to do so by Union or Member State law. (Article 32(4))
-
-8) Microsoft shall notify Company without undue delay after becoming aware of a Personal Data breach. (Article 33(2)). Such notification will include that information a processor must provide to a controller under Article 33(3) to the extent such information is reasonably available to Microsoft.
syntex Syntex Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/syntex-overview.md
Title: Overview of Microsoft Syntex -+ Previously updated : 09/13/2023 Last updated : 03/25/2024 audience: admin
Instead of having to create a new document processing model from scratch, you ca
![Icon for structured document processing model.](../media/content-understanding/custom-extract-by-layout.png) :::column-end::: :::column span="3":::
- Use a [structured model](form-processing-overview.md) to automatically identify field and table values. It works best for structured or semi-structured documents, such as forms and invoices. Use a [freeform model](freeform-document-processing-overview.md) to automatically extract information from unstructured and freeform documents, such as letters and contracts where the information can appear anywhere in the document.
+ Use a [structured model](form-processing-overview.md) to automatically identify field and table values. It works best for structured or semi-structured documents, such as forms and invoices. Use a [freeform model](form-processing-overview.md) to automatically extract information from unstructured and freeform documents, such as letters and contracts where the information can appear anywhere in the document.
:::column-end::: :::row-end:::
syntex Train Freeform Document Processing Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/train-freeform-document-processing-model.md
- Title: Train a freeform document processing model in Microsoft Syntex---- Previously updated : 02/21/2024----
- - enabler-strategic
- - m365initiative-syntex
--
-description: Learn how to train a freeform document processing model in Microsoft Syntex.
--
-# Train a freeform document processing model in Microsoft Syntex
-
-Follow the instructions in [Create a model in Syntex](create-syntex-model.md) to create a freeform document processing model in a content center. Or, follow the instructions in [Create a model on a local SharePoint site](create-local-model.md) to create the model on a local site. Then use this article to train your model.
-
-![Diagram of the workflow to train an AI Builder model.](../media/content-understanding/train-aib-model.png)
-
-To train a freeform document processing model, follow these steps:
--
-## Step 1: Add and analyze documents
-
-After you create your structured document processing model, the **Choose information to extract** page opens. Here you list all pieces of information that you want the AI model to extract from your documents, such as Name, Address, or Amount.
-
-> [!NOTE]
-> When you look for example files to use, see the [document processing model input document requirements and optimization tips](/ai-builder/form-processing-model-requirements).
-
-1. You first define the fields and tables you want to teach your model to extract on the **Choose information to extract** page. For detailed steps, see [Define fields and tables to extract](/ai-builder/create-form-processing-model#define-fields-and-tables-to-extract).
-
-2. You can create as many collections of document layouts you want your model to process. For detailed steps, see [Group documents by collections](/ai-builder/create-form-processing-model#group-documents-by-collections).
-
-3. After you create your collections and add at least five example files for each, AI Builder on Syntex will examine the uploaded documents to detect the fields and tables. This process usually takes a few seconds. When the analysis is complete, you can proceed with tagging the documents.
-
-## Step 2: Tag fields and tables
-
-You need to tag the documents to teach the model to understand the fields and table data you want to extract. For detailed steps, see [Tag documents](/ai-builder/create-form-processing-model#tag-documents).
-
-## Step 3: Train and publish your model
-
-1. After you create and train your model, you're ready to publish it and use it in SharePoint. To publish the model, select **Publish**. For detailed steps, see [Train and publish your document processing model](/ai-builder/form-processing-train).
-
- ![Screenshot in showing the model details on the model home page.](../media/content-understanding/ai-builder-create-a-flow-1.png)
-
-2. After the model is published, you will go to the model home page. You'll then have the option to apply the model to a document library.
-
- ![Screenshot of the model home page to apply the model a library.](../media/content-understanding/ai-builder-apply-model.png)
-
-## Step 4: Use your model
-
-1. In the document library model view, notice that the fields you selected now display as columns.
-
- ![Screenshot showing document library model applied.](../media/content-understanding/doc-lib-view.png)
-
-2. Notice that the information link next to **Documents** notes that a forms processing model is applied to this document library.
-
-3. Upload files to your document library. Any files that the model identifies as its content type lists the files in your view and displays the extracted data in the columns.
-
- ![Screenshot showing process is done.](../media/content-understanding/doc-lib-done.png)
-
-> [!NOTE]
-> If a freeform or structured document processing model and an unstructured document processing model are applied to the same library, the file is classified using the unstructured document processing model and any trained extractors for that model. If there are any empty columns that match the freeform or structured document processing model, the columns will be populated using those extracted values.
-
-### Classification Date field
-
-When a Syntex custom model is applied to a document library, the **Classification Date** field is included in the library schema. By default, this field is empty. However, when documents are processed and classified by a model, this field is updated with a date-time stamp of completion.
-
-When a model is stamped with the **Classification Date**, you can use the **Send an email after Syntex processes a file** flow to notify users that a new file has been processed and classified by a model in the SharePoint document library.
-
-To run the flow:
-
-1. Select a file, and then select **Integrate** > **Power Automate** > **Create a flow**.
-
-2. On the **Create a flow** panel, select **Send an email after Syntex processes a file**.
-
- ![Screenshot showing the Create a flow panel and flow option highlighted.](../media/content-understanding/integrate-create-flow.png)
-
-## See also
-
-[Create a model in Microsoft Syntex](create-syntex-model.md)
-
-[Power Automate documentation](/power-automate/)
-
-[Training: Improve business performance with AI Builder](/learn/paths/improve-business-performance-ai-builder/?source=learn)
syntex Train Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/train-model.md
Title: Train your custom model in Microsoft Syntex -+ Previously updated : 03/11/2024 Last updated : 03/25/2024 audience: admin
The method to train your model depends on the type of custom model you're using.
|Model type |Use the steps in this article to train | |||| |**Unstructured document processing**<br>[:::image type="content" source="../medi) |
-|**Freeform document processing**<br>[:::image type="content" source="../medi) |
+|**Freeform document processing**<br>[:::image type="content" source="../medi) |
|**Structured document processing**[:::image type="content" source="../medi) |
syntex Use Contracts Management Site https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/use-contracts-management-site.md
- Title: Use the contracts management site template for Microsoft Syntex---- Previously updated : 11/15/2023---
- - enabler-strategic
- - m365initiative-syntex
-
-description: Learn how to provision, use, and customize the contracts management site template in Microsoft Syntex.
--
-# Use the contracts management site template for Microsoft Syntex
-
-> [!NOTE]
-> The latest version of the contracts management site template is now available as a [team site template directly from SharePoint](https://support.microsoft.com/office/80820115-c700-4a62-bb59-69b33c8e3b4f). The look book version of this site template is no longer being updated.
-
-The contracts management site is a ready-to-deploy and customizable SharePoint site template that helps your organization maximize the value of Microsoft Syntex. The site is designed to let you create a professional site to manage, process, and track the status of contracts in your organization.
-
-## Features of the site
-
-![Screenshot of the contracts management site template home page.](../media/content-understanding/contracts-management-site-home-page.png)
-
-The contracts management site includes pre-populated pages, web parts, and site navigation. The site can be customized to incorporate your organization's own branding, employee information, policy and planning information, workflow, contacts, and resources.
-
-The site uses the power of a Syntex model running on a SharePoint document library to classify documents and extract metadata. The site provides prebuilt document libraries to get you started quickly, but you can also create your own as needed. The site includes the following featured libraries:
--- **Regions** ΓÇô Classify contract documents by geographical area, country, or region.--- **Templates** ΓÇô Select the appropriate contract template for the type of contract, such as non-disclosure agreements, service agreements, and statements of work.--- **Contract requests** ΓÇô Launch a contract request directly to your contracts team.--- **Clients** ΓÇô Find client information in one convenient location.--- **Models** ΓÇô Use the model in this library to classify documents and extract metadata. Users can create their own models to fit their needs and add them to this library.--- **Sample contracts library** ΓÇô Find files that were classified and have had metadata extracted using the Syntex model. -
-There is a separate view in the library where you can track other metadata such as status, and that uses document library formatting to show it in a more visual way.
-
-## Provision the site
-
-The contracts management site can be provisioned from the [SharePoint look book service](https://lookbook.microsoft.com/).
-
-![Screenshot of the contracts management site template provisioning page.](../media/content-understanding/contracts-management-site-provisioning-page.png)
-
-> [!NOTE]
-> You must be a global administrator or SharePoint administrator in Microsoft 365 to provision the site. You also must have a [Microsoft Syntex license](syntex-licensing.md) to add this site template to your organization.
-
-1. From the main page of the [SharePoint look book](https://lookbook.microsoft.com/), on the **View the designs** menu, select **Syntex** > **Syntex contracts management**.
-
-2. On the **Contracts management** page, select **Add to your tenant**.
-
- ![Screenshot of the Add to your tenant button on the contracts management site template provisioning page.](../media/content-understanding/contracts-management-site-add-to-your-tenant.png)
-
-3. Enter your email address (for a notification of when your site is ready to use), the site URL you want to use, and the title you want to use for your site.
-
- ![Screenshot of the email and site URL fields on the contracts management site template provisioning page.](../media/content-understanding/contracts-management-email-and-site-url.png)
-
-4. Select **Provision**, and in a short time your site will be ready for you to use. YouΓÇÖll get an email (sent to the email address you provided) indicating that your request to provision the contracts management site template is completed.
-
-5. Select **Open site**, and youΓÇÖll see your contracts management site. From here, you can explore the site and customize the pages and content.
-
-For more information about provisioning from the SharePoint look book service, see [Provision a new learning pathways solution](/office365/customlearning/custom_provision).
-
-## Customize the site
-
-Before you share the contracts management site with other users, you'll want to customize the site to meet your requirements.
-
-### Customize the look and feel of your site
-
-Customize the following elements of your site to fit the need of your organization:
--- Update the [branding](https://support.microsoft.com/office/customize-your-sharepoint-site-320b43e5-b047-4fda-8381-f61e8ac7f59b) on the contracts management site to align with your organization.-- Customize the [Hero web part](https://support.microsoft.com/office/use-the-hero-web-part-d57f449b-19a0-4b0d-8ce3-be5866430645) to include images of real sites in your organization where possible.-- Customize the [People web part](https://support.microsoft.com/office/show-people-profiles-on-your-page-with-the-people-web-part-7e52c5f6-2d72-48fa-a9d3-d2750765fa05) to include contact information for the contract managers or others.-- Customize the [Text web part](https://support.microsoft.com/office/add-text-and-tables-to-your-page-with-the-text-web-part-729c0aa1-bc0d-41e3-9cde-c60533f2c801) to add paragraphs to and formatting options like styles, bullets, indentations, highlighting, and links.-- Customize the [Image web part](https://support.microsoft.com/office/use-the-image-web-part-a63b335b-ad0a-4954-a65d-33c6af68beb2) to add an image to a page.-- Customize the [Quick Links web part](https://support.microsoft.com/office/use-the-quick-links-web-part-e1df7561-209d-4362-96d4-469f85ab2a82) to organize and display links to other resources.-- Add [other web parts](https://support.microsoft.com/office/using-web-parts-on-sharepoint-pages-336e8e92-3e2d-4298-ae01-d404bbe751e0) to your site as needed.-- Customize the [page layouts](https://support.microsoft.com/office/add-sections-and-columns-on-a-sharepoint-modern-page-fc491eb4-f733-4825-8fe2-e1ed80bd0899) as needed.-- Add [new pages](https://support.microsoft.com/office/create-and-use-modern-pages-on-a-sharepoint-site-b3d46deb-27a6-4b1e-87b8-df851e503dec) to add additional support or informational resources.-
-### Customize the site navigation
-
-You have control of the site navigation for the contracts management site. Use the following resources to help you make changes that align with your organization:
--- Customize the [site navigation](https://support.microsoft.com/office/customize-the-navigation-on-your-sharepoint-site-3cd61ae7-a9ed-4e1e-bf6d-4655f0bf25ca).-- [Associate this site with a hub](https://support.microsoft.com/office/associate-a-sharepoint-site-with-a-hub-site-ae0009fd-af04-4d3d-917d-88edb43efc05).-- Use [audience targeting](https://support.microsoft.com/office/target-navigation-news-and-files-to-specific-audiences-33d84cb6-14ed-4e53-a426-74c38ea32293) to target specific navigational links to specific users. -- [Delete unwanted pages](https://support.microsoft.com/office/delete-a-page-from-a-sharepoint-site-1d4197b8-31b6-460d-906b-3fb492a51db1) if you need to.--
-### Add other workflows
-
-The contracts management site contains the components you need to get started, but you can also include additional components, such as:
--- Use a [Power Automate flow](/power-automate/getting-started) to trigger a workflow when a new contract is added to the **Contract requests** library.-- Build additional [Syntex models](/microsoft-365/contentunderstanding/#models).-- Use the [content assembly](content-assembly.md) feature on the **Templates** library.-- Create a [contracts management solution](solution-manage-contracts-in-microsoft-365.md) by using Syntex together with other components of Microsoft 365.-
-## Share the site with others
-
-[Share your site with others](https://support.microsoft.com/office/share-a-site-958771a8-d041-4eb8-b51c-afea2eae3658). Partner with others in your organization to ensure the contracts management site is widely known and adopted.
-
-Key success factors to managing the contracts management site:
--- Celebrate the launch of your contracts management site.-- Create and post news announcing the new resource.-- Ensure users have an outlet for questions and feedback.-- Use insights from [site analytics](https://support.microsoft.com/office/view-usage-data-for-your-sharepoint-site-2fa8ddc2-c4b3-4268-8d26-a772dc55779e) to promote content on the home page, update navigation, or rewrite content for clarity.-- Review the contracts management site as needed to ensure content is fresh and still relevant.-
-## See also
-
-[Accelerate your solution using site templates for Syntex](site-templates.md)
syntex Video Library https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/video-library.md
Title: Microsoft Syntex video library -+ Previously updated : 09/06/2023 Last updated : 03/25/2024 audience: admin
description: Watch videos to learn about some of the different features in Micro
|Unstructured models |Freeform and structured models | |||
-|[:::image type="content" source="../medi) |
+|[:::image type="content" source="../medi) |
|Create a content center |Apply a model to a document library |