Updates from: 06/12/2021 03:17:48
Category Microsoft Docs article Related commit history on GitHub Change details
admin About Admin Roles https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/about-admin-roles.md
Before the partner can assign these roles to users, you must add the partner as
[Assign admin roles](assign-admin-roles.md) (article)\ [Azure AD roles in the Microsoft 365 admin center](azure-ad-roles-in-the-mac.md) (article)\
-[Exchange Online admin role](about-exchange-online-admin-role.md) (article)\
-[Activity reports in the Microsoft 365 admin center](../activity-reports/activity-reports.md) (article)
+[Activity reports in the Microsoft 365 admin center](../activity-reports/activity-reports.md) (article)\
+[Exchange Online admin role](about-exchange-online-admin-role.md) (article)
admin Show Hide New Features https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/show-hide-new-features.md
f1.keywords:
- NOCSH -+ audience: Admin
For more information about when new versions are released to each update channel
## Related articles
-[Office What's New management is now generally available](https://techcommunity.microsoft.com/t5/microsoft-365-blog/office-what-s-new-management-is-now-generally-available/ba-p/1179954)
+[Office What's New management is now generally available](https://techcommunity.microsoft.com/t5/microsoft-365-blog/office-what-s-new-management-is-now-generally-available/ba-p/1179954)
admin Customize Your Organization Theme https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/customize-your-organization-theme.md
On the **Logos** page, you can you can add your logos, and specify the URL where
Select **Save** to save your changes. You can remove your logos at any time. Just return to the **Logos** page and select **Remove**.+
+> [!NOTE]
+> By default, we first show logo selections that most organizations use. The upload option is only applicable to default themes and not group themes.
## Colors: Choose theme colors
compliance Declare Records https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/declare-records.md
Example of a document marked as record by using a retention label:
![Details pane for document tagged as a record](../media/recordversioning7.png)
+## Searching the audit log for labeled items that were declared records
+
+The actions of labeling to declare items as records are logged in the audit log.
+
+For SharePoint items:
+- From **File and page activities**, select **Changed retention label for a file**. This audit event is for retention labels that mark items as records, regulatory records, or that are standard retention labels.
+
+For Exchange items:
+- From **Exchange mailbox activities**, select **Labeled message as a record**. This audit event is for retention labels that mark items as records or regulatory records.
+
+For more information about searching for these events, see [Search the audit log in the Security & Compliance Center](search-the-audit-log-in-security-and-compliance.md#file-and-page-activities).
+ ## Next steps For a list of scenarios supported by records management, see [Common scenarios for records management](get-started-with-records-management.md#common-scenarios-for-records-management).
compliance Retention Limits https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-limits.md
A single tenant can have a maximum of 10,000 policies (any configuration). This
Within this 10,000 policies limit, there are also some limits on the maximum number of policies for retention per workload: -- Exchange Online (any configuration): 1,800
+- Exchange (any configuration): 1,800
- SharePoint or OneDrive: (all sites automatically included): 13 - SharePoint or OneDrive (specific locations included or excluded): 2,600
If you use the optional configuration to scope your retention settings to specif
Maximum numbers of items per policy for retention:
- - 1,000 mailboxes (user mailboxes or group mailboxes)
- - 1,000 Microsoft 365 groups
- - 1,000 users for Teams private chats
- - 100 sites (OneDrive or SharePoint)
+- Exchange mailboxes: 1,000
+- Microsoft 365 Groups: 1,000
+- Teams channel messages: 1,000
+- Teams chats: 1,000
+- Yammer community messages: 1,000
+- Yammer user messages: 1,000
+- SharePoint sites: 100
+- OneDrive accounts: 100
+
+Skype for Business has to be scoped to specific users and the maximum number supported per policy is 1,000.
Because these limitations are per policy, if you need to use specific inclusions or exclusions that result in going over these numbers, you can create additional policies that have the same retention settings. See the next section for some [example scenarios and solutions](#examples-of-using-multiple-policies-to-avoid-exceeding-maximum-numbers) that use multiple retention policies for this reason.
For the [disposition of content](disposition.md), there are some limits to be aw
- Proof of disposition for up to seven years after the item was disposed, with a limit of 1,000,000 items per retention label for that period.
- If you need proof of disposition higher than this limit of 1,000,000 for items that are marked as records, contact [Microsoft Support](../business-video/get-help-support.md).
+If you need proof of disposition higher than this limit of 1,000,000 for items that are marked as records, contact [Microsoft Support](../business-video/get-help-support.md).
compliance Retention Policies Teams https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/retention-policies-teams.md
For other workloads, see:
Teams chats messages and channel messages can be deleted by using retention policies for Teams, and in addition to the text in the messages, the following items can be retained for compliance reasons: Embedded images, tables, hypertext links, links to other Teams messages and files, and [card content](/microsoftteams/platform/task-modules-and-cards/what-are-cards). Chat messages include all the names of the people in the chat, and channel messages include the team name and the message title (if supplied).
-> [!NOTE]
-> Including card content in a retention policy for Teams is a fairly recent addition. For more information, see [Microsoft 365 compliance capabilities for Adaptive Card content through apps in Teams now available](https://techcommunity.microsoft.com/t5/microsoft-teams-blog/microsoft-365-compliance-capabilities-for-adaptive-card-content/ba-p/2095869).
- Teams messages in private channels are currently not supported for retention policies. Code snippets, recorded voice memos from the Teams mobile client, thumbnails, announcement images, and reactions from others in the form of emoticons are not retained when you use retention policies for Teams. Emails and files that you use with Teams aren't included in retention policies for Teams. These items have their own retention policies.
Teams uses an Azure-powered chat service as its primary storage for all messages
Although this data from Teams chats and channel messages are stored in mailboxes, you must configure a retention policy for the **Teams channel messages** and **Teams chats** locations. Teams chats and channel messages are not included in retention policies that are configured for Exchange user or group mailboxes. > [!NOTE]
-> If a user is included in an active retention policy that retains Teams messages and you a delete a mailbox of a user who is included in this policy, the mailbox is converted into an [inactive mailbox](inactive-mailboxes-in-office-365.md) to retain the Teams data. If you don't need to retain this Teams data for the user, exclude the user account from the retention policy before you delete their mailbox.
+> If a user is included in an active retention policy that retains Teams messages and you delete a mailbox of a user who is included in this policy, the mailbox is converted into an [inactive mailbox](inactive-mailboxes-in-office-365.md) to retain the Teams data. If you don't need to retain this Teams data for the user, exclude the user account from the retention policy before you delete their mailbox.
After a retention policy is configured for chat and channel messages, a timer job from the Exchange service periodically evaluates items in the hidden folder where these Teams messages are stored. The timer job typically takes 1-7 days to run. When these items have expired their retention period, they are moved to the SubstrateHolds folderΓÇöanother hidden folder that's in every user or group mailbox to store "soft-deleted" items before they are permanently deleted.
contentunderstanding Rest Applymodel Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-applymodel-method.md
+
+ Title: Apply model
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to apply a document understanding model to one or more libraries.
++
+# Apply model
+
+Applies (or syncs) a trained document understanding model to one or more libraries (see [example](rest-applymodel-method.md#examples)).
+
+## HTTP request
+
+```HTTP
+POST /_api/machinelearning/publications HTTP/1.1
+```
+
+## URI parameters
+
+None
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
+|Content-Type|application/json;odata=verbose;charset=utf-8|
+|x-requestdigest|The appropriate digest for current site.|
+
+## Request body
+
+| Name | Required | Type | Description |
+|--|-|--||
+|ModelUniqueId|yes|string|The unique ID of the model file.|
+TargetSiteUrl|yes|string|The full URL of the target library site.|
+TargetWebServerRelativeUrl|yes|string|The server relative URL of the web for the target library.|
+TargetLibraryServerRelativeUrl|yes|string|The server relative URL of the target library.|
+ViewOption|no|string|Specifies whether to set new model view as the library default.|
+
+## Response
+
+| Name | Type | Description|
+|--|-||
+|200 OK| |Success|
+|201 Created| |Note that because this API supports applying model to multiple libraries, a 201 could be returned even if there's a failure applying the model to one of the libraries. <br>Check the response body to understand if the model has been successfully applied to all the specified libraries. See [Request body](rest-applymodel-method.md#request-body) for details.|
+
+## Examples
+
+### Apply a model to the contracts document library in the repository site
+
+In this sample, the ID of the Contoso Contract document understanding model is `7645e69d-21fb-4a24-a17a-9bdfa7cb63dc`.
+
+#### Sample request
+
+```HTTP
+{
+ "__metadata": {
+ "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningPublicationsEntityData"
+ },
+ "Publications": {
+ "results": [
+ {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "ViewOption": "NewViewAsDefault"
+ }
+ ]
+ }
+}
+```
++
+#### Sample response
+
+In the response, TotalFailures and TotalSuccesses refers to the number of failures and successes of the model being applies to the specified libraries.
+
+**Status code:** 200
+
+```JSON
+{
+ "Details": [
+ {
+ "ErrorMessage": null,
+ "Publication": {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "ViewOption": "NewViewAsDefault"
+ },
+ "StatusCode": 200
+ }
+ ],
+ "TotalFailures": 0,
+ "TotalSuccesses": 1
+}
+```
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Rest Batchdelete Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-batchdelete-method.md
+
+ Title: BatchDelete
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to remove an applied document understanding model from one or more libraries.
++
+# BatchDelete
+
+Removes an applied document understanding model from one or more libraries. Note that a model must be removed from all libraries before it can be deleted (see [example](rest-batchdelete-method.md#examples)).
+
+## HTTP request
+
+```HTTP
+POST /_api/machinelearning/publications/batchdelete HTTP/1.1
+```
+
+## URI parameters
+
+None
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
+|Content-Type|application/json;odata=verbose;charset=utf-8|
+|x-requestdigest|The appropriate digest for current site.|
+
+## Request body
+
+| Name | Required | Type | Description |
+|--|-|--||
+|ModelUniqueId|yes|string|The unique ID of the model file.|
+TargetSiteUrl|yes|string|The full URL of the target library site.|
+TargetWebServerRelativeUrl|yes|string|The server relative URL of the web for the target library.|
+TargetLibraryServerRelativeUrl|yes|string|The server relative URL of the target library.|
+ViewOption|no|string|Specifies whether to set new model view as the library default.|
+
+## Response
+
+| Name | Type | Description|
+|--|-||
+|200 OK| |Success|
++
+## Examples
+
+### Remove a model from the contracts document library in the repository site
+
+In this sample, the ID of the Contoso Contract document understanding model is `7645e69d-21fb-4a24-a17a-9bdfa7cb63dc`.
+
+#### Sample request
+
+```HTTP
+{
+ "__metadata": {
+ "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningPublicationsEntityData"
+ },
+ "Publications": {
+ "results": [
+ {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "ViewOption": "NewViewAsDefault"
+ }
+ ]
+ }
+}
+```
++
+#### Sample response
+
+In the response, TotalFailures and TotalSuccesses refer to the number of failures and successes of the model being applies to the specified libraries.
+
+**Status code:** 200
+
+```JSON
+{
+ "Details": [
+ {
+ "ErrorMessage": null,
+ "Publication": {
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository/",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "ViewOption": "NewViewAsDefault"
+ },
+ "StatusCode": 200
+ }
+ ],
+ "TotalFailures": 0,
+ "TotalSuccesses": 1
+}
+```
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Rest Createclassificationrequest https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-createclassificationrequest.md
+
+ Title: Create classification request
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to create a request to classify one or more files using a trained document understanding model.
++
+# Create classification request
+
+Creates a request to classify one or more files using the applied document understanding model (see [example](rest-createclassificationrequest.md#examples)).
+
+The SharePoint Online (and SharePoint 2016 and later on-premises) REST service supports combining multiple requests. Requests are combined into a single call to the service by using the OData $batch query option. This method can be used to enqueue classification work items for hundreds of documents at one time.
+
+## HTTP request
+
+```
+POST /_api/machinelearning/workItems HTTP/1.1
+```
+## URI Parameters
+
+None
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
+|Content-Type|application/json;odata=verbose;charset=utf-8|
+|x-requestdigest|The appropriate digest for current site|
+
+## Request body
+
+|Name |Type |Description |
+|--|-||
+|_metadata|string |Set the object meta on the SPO. Always use the value: {"type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningModelEntityData"}. |
+|TargetSiteId|guid|The id of the site where the file to classify is located.|
+|TargetWebId|guid|The id of the web where the file to classify is located.|
+|TargetUniqueId|guid|The id of the file to classify.|
+
+## Responses
+
+| Name | Type | Description|
+|--|-||
+|201 Created| |Success|
+
+## Examples
+
+### Enqueue a request to classify a file of id "e6cff8b7-c90c-4564-b5b8-033449090932"
+
+#### Sample request
+
+```
+{
+ "__metadata": {
+ "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningModelEntityData"
+ },
+ "TargetSiteId": "f686e63b-aba7-48e5-97c7-68c4c1df292f",
+ "TargetWebId": "66d6b64d-6f88-4dd9-b3db-47e6f00c53e8",
+ "TargetUniqueId": "e6cff8b7-c90c-4564-b5b8-033449090932"
+}
+```
+
+#### Sample response
+
+**Status code:** 201
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Rest Createmodel Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-createmodel-method.md
+
+ Title: Create model
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to create a model and its associated content type.
++
+# Create model
+
+Creates a model and its associated content type. Note that this only creates the model. It will still need to be trained in the content center (see [example](rest-createmodel-method.md#examples)).
+
+## HTTP request
+
+```
+POST /_api/machinelearning/models HTTP/1.1
+```
+## URI Parameters
+
+None
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
+|Content-Type|application/json;odata=verbose;charset=utf-8|
+|x-requestdigest|The appropriate digest for current site|
+
+## Request body
+
+|Name |Type |Description |
+|--|-||
+|_metadata| |Set the object meta on the SPO. Always use the value: {"type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningModelEntityData"}. |
+|ContentTypeGroup|string|The associated content type group associated with the model. Defaulted to "Intelligent Document Content Types".|
+|ContentTypeName|string|The associated content type name. The created model file will have the same name.|
+
+## Responses
+
+| Name | Type | Description|
+|--|-||
+|201 Created| |Success|
+
+## Examples
+
+### Create a new document understanding model called "Contoso Contract"
+
+#### Sample request
+
+```
+{
+ "__metadata": {
+ "type": "Microsoft.Office.Server.ContentCenter.SPMachineLearningModelEntityData"
+ },
+ "ContentTypeGroup": "Intelligent Document Content Types",
+ "ContentTypeName": "Contoso Contract",
+}
+```
+
+#### Sample response
+
+**Status code:** 201
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Rest Getbytitle Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-getbytitle-method.md
+
+ Title: GetByTitle
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to get or update information about a SharePoint Syntex document understanding model using the model title.
++
+# GetByTitle
+
+Gets or updates information about a SharePoint Syntex document understanding model using the model title (see [example](rest-getbytitle-method.md#examples)).
+
+## HTTP request
+
+```HTTP
+GET /_api/machinelearning/models/getbytitle('{modelFileName') HTTP/1.1
+```
+
+This same method can be used for deleting a model, too.
+
+```HTTP
+DELETE /_api/machinelearning/models/getbytitle('{modelFileName') HTTP/1.1
+```
+
+## URI parameters
+
+|Name |In |Required|Type|Description|
+|--||--|-|--|
+|modelFileName|query|True|string|Name of the Syntex model file.|
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
+
+## Request body
+
+For GET, no request body is needed.
+
+## Responses
+
+| Name | Type | Description|
+|--|-||
+|200 OK| |Success|
+
+## Examples
+
+### Get information about the Contoso Contract model
+
+In this sample, the name of the Syntex document understanding model is `Contoso Contract`.
+
+#### Sample request
+
+```HTTP
+GET /_api/machinelearning/models/getbytitle('{Contoso Contract') HTTP/1.1
+```
+
+#### Sample response
+
+**Status code:** 204
+
+```HTTP
+{
+ "@odata.context": "https://contoso.sharepoint.com/sites/filerepository/_api/$metadata#models/$entity",
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningModel",
+ "@odata.id": "https://contoso.sharepoint.com/sites/filerepository/_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,111\"",
+ "@odata.editLink": " https://contoso.sharepoint.com/sites/filerepository /_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "ConfidenceScore": "{\"trainingStatus\":{\"kind\":\"original\",\"ClassifierStatus\":{\"TrainingStatus\":\"success\",\"TimeStamp\":1611716640535},\"ExtractorsStatus\":[{\"TimeStamp\":1585175746775,\"ExtractorName\":\"Contract Name\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586905975794,\"ExtractorName\":\"Client \",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586906061099,\"ExtractorName\":\"Contract Date\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586907912388,\"ExtractorName\":\"Fee\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1611716640115,\"ExtractorName\":\"ServiceType\",\"TrainingStatus\":\"success\"}]},\"modelAccuracy\":{\"Classifier\":1,\"Extractors\":{\"Contract Name\":1,\"Client \":1,\"Contract Date\":1,\"Fee\":1,\"ServiceType\":1}},\"perSampleAccuracy\":{\"133\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"249\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"252\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"253\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"254\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"255\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"256\":{\"Extractors\":{\"ServiceType\":1}},\"257\":{\"Extractors\":{\"ServiceType\":1}}},\"perSamplePrediction\":{\"133\":{\"Extractors\":{\"ServiceType\":[]}},\"249\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"252\":{\"Extractors\":{\"ServiceType\":[\"Catering\"]}},\"253\":{\"Extractors\":{\"ServiceType\":[\"Design\"]}},\"254\":{\"Extractors\":{\"ServiceType\":[\"Marketing\"]}},\"255\":{\"Extractors\":{\"ServiceType\":[\"Financial Planning\"]}},\"256\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"257\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}}},\"trainingFailures\":{}}",
+ "ContentTypeGroup": "Intelligent Document Content Types",
+ "ContentTypeId": "0x01010083DF84D4F59BBD4CB06F075AA81F58AA",
+ "ContentTypeName": "Contoso Contract",
+ "Created": "2020-03-25T22:04:04Z",
+ "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-h2NuHxlYUiTJyiwKQHZobK",
+ "Explanations": "{\"Classifier\":[{\"id\":\"8122ac1d-8fcb-4705-8872-2825cbf05bfe\",\"kind\":\"dictionaryFeature\",\"name\":\"agreement\",\"active\":true,\"nGrams\":[\"CONSULTING AGREEMENT\",\"SERVICES AGREEMENT\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"af83bea8-bc53-4e93-a3da-f1e697eb6bef\",\"kind\":\"modelFeature\",\"name\":\"Contract Name\",\"active\":true,\"modelReference\":\"Contract Name\",\"conceptId\":\"841d0dcf-7f1d-4a39-931c-53923d10c346\"},{\"id\":\"e3734994-9e34-40e3-82c7-bb6c7bc5a0c3\",\"kind\":\"modelFeature\",\"name\":\"Client \",\"active\":true,\"modelReference\":\"Client \",\"conceptId\":\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\"},{\"id\":\"7c93e7fe-cbfb-47ee-8cca-46ecdf5f628f\",\"kind\":\"modelFeature\",\"name\":\"Contract Date\",\"active\":true,\"modelReference\":\"Contract Date\",\"conceptId\":\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\"},{\"id\":\"5cc85b62-148a-4b07-9155-d9fb7cebb6d0\",\"kind\":\"modelFeature\",\"name\":\"Fee\",\"active\":true,\"modelReference\":\"Fee\",\"conceptId\":\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\"},{\"id\":\"0f8a23a6-c744-4cae-82bd-d836332ceb56\",\"kind\":\"modelFeature\",\"name\":\"ServiceType\",\"active\":true,\"modelReference\":\"ServiceType\",\"conceptId\":\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\"}],\"Extractors\":{\"Contract Name\":[{\"id\":\"8804fbeb-bcf8-44c0-8ade-3fc65496037f\",\"kind\":\"dictionaryFeature\",\"name\":\"before\",\"active\":true,\"nGrams\":[\"- AND -\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Client \":[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"dictionaryFeature\",\"name\":\"start\",\"active\":true,\"nGrams\":[\"BETWEEN:\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"dictionaryFeature\",\"name\":\"after\",\"active\":true,\"nGrams\":[\"of\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"bccefd2e-88a4-406c-aa9d-81d508bbafb3\",\"kind\":\"proximityFeature\",\"name\":\"prox\",\"active\":true,\"patterns\":[[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"proximityFeatureReference\"},{\"kind\":\"proximityTokenRange\",\"minCount\":1,\"maxCount\":6},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"proximityFeatureReference\"}]]}],\"Contract Date\":[{\"id\":\"fabe1ed3-07af-4dc6-852d-fe9521c64801\",\"kind\":\"dictionaryFeature\",\"name\":\"dated\",\"active\":true,\"nGrams\":[\"dated\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"983da7b8-51d7-4a85-9644-007b488fce0b\",\"kind\":\"dictionaryFeature\",\"name\":\"betw\",\"active\":true,\"nGrams\":[\"between\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Fee\":[{\"id\":\"f4cf89dc-64d1-49a1-9be4-41debda251b6\",\"kind\":\"dictionaryFeature\",\"name\":\"flat fee of \",\"active\":true,\"nGrams\":[\"flat fee of $\",\"flat fee of $$\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"ServiceType\":[{\"id\":\"c04408f5-ce14-4eb0-81d0-f72ea9fa7e83\",\"kind\":\"dictionaryFeature\",\"name\":\"Before label\",\"active\":true,\"nGrams\":[\"will provide \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"ea94fa7f-e41b-4e09-a484-355912bfbdff\",\"kind\":\"dictionaryFeature\",\"name\":\"After label\",\"active\":true,\"nGrams\":[\"services for \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}]}}",
+ "ID": 16,
+ "LastTrained": "2021-01-27T03:04:00Z",
+ "ListID": "f1e13676-8595-4c22-9ca2-c0a4076686ca",
+ "ModelSettings": null,
+ "ModelType": 2,
+ "Modified": "2021-01-27T03:05:04Z",
+ "ModifiedBy": "i:0#.f|membership|kevinche@contoso.com",
+ "ObjectId": "01ZBWEM5E54ZCXN6ZBERFKC6U336T4WY64",
+ "PublicationType": 0,
+ "Schemas": "{\"Extractors\":{\"Contract Name\":{\"concepts\":{\"841d0dcf-7f1d-4a39-931c-53923d10c346\":{\"name\":\"Contract Name\"}},\"relationships\":[]},\"Client \":{\"concepts\":{\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\":{\"name\":\"Client \"}},\"relationships\":[]},\"Contract Date\":{\"concepts\":{\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\":{\"name\":\"Contract Date\"}},\"relationships\":[]},\"Fee\":{\"concepts\":{\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\":{\"name\":\"Fee\"}},\"relationships\":[]},\"ServiceType\":{\"concepts\":{\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\":{\"name\":\"ServiceType\",\"termSetId\":\"76c12efb-5173-4982-ae9b-5f9e37187171\"}},\"relationships\":[]}}}",
+ "SourceUrl": null,
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc"
+}
+```
+
+### Get and delete the Contoso Contract model by name
+
+In this sample, the name of the Contoso Contract document understanding model is `Contoso Contract`.
+
+##### Sample request
+
+```HTTP
+DELETE /_api/machinelearning/models/getbytitle('{Contoso Contract') HTTP/1.1
+```
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Rest Getbyuniqueid Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-getbyuniqueid-method.md
+
+ Title: GetByUniqueId
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to get or update information about a SharePoint Syntex document understanding model.
++
+# GetByUniqueId
+
+Gets or updates information about a SharePoint Syntex document understanding model (see [example](rest-getbyuniqueid-method.md#examples)).
+
+## HTTP request
+
+```HTTP
+GET /_api/machinelearning/models/getbyuniqueid(ΓÇÿ{modelUniqueId}') HTTP/1.1
+```
+
+This same method can be used for deleting a model, too.
+
+```HTTP
+DELETE /_api/machinelearning/models/getbyuniqueid(ΓÇÿ{modelUniqueId}') HTTP/1.1
+```
+## URI parameters
+
+|Name |In |Required|Type|Description|
+|--||--|-|--|
+|modelUniqueId|query|True|string|ID of the Syntex model file.|
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
+
+## Request body
+
+For GET, no request body is needed.
+
+## Responses
+
+| Name | Type | Description|
+|--|-||
+|200 OK| |Success|
+
+## Examples
+
+### Get the Contoso Contract model by ID
+
+In this sample, the ID of the Contoso Contract document understanding model is `7645e69d-21fb-4a24-a17a-9bdfa7cb63dc`.
+
+#### Sample request
+
+```HTTP
+GET /_api/machinelearning/models/getbyuniqueid(ΓÇÿ{7645e69d-21fb-4a24-a17a-9bdfa7cb63dc}') HTTP/1.1
+```
+
+#### Sample response
+
+**Status code:** 204
+
+```HTTP
+{
+ "@odata.context": "https://contoso.sharepoint.com/sites/filerepository/_api/$metadata#models/$entity",
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningModel",
+ "@odata.id": "https://contoso.sharepoint.com/sites/filerepository/_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,111\"",
+ "@odata.editLink": " https://contoso.sharepoint.com/sites/filerepository /_api/machinelearning/models/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "ConfidenceScore": "{\"trainingStatus\":{\"kind\":\"original\",\"ClassifierStatus\":{\"TrainingStatus\":\"success\",\"TimeStamp\":1611716640535},\"ExtractorsStatus\":[{\"TimeStamp\":1585175746775,\"ExtractorName\":\"Contract Name\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586905975794,\"ExtractorName\":\"Client \",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586906061099,\"ExtractorName\":\"Contract Date\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1586907912388,\"ExtractorName\":\"Fee\",\"TrainingStatus\":\"success\"},{\"TimeStamp\":1611716640115,\"ExtractorName\":\"ServiceType\",\"TrainingStatus\":\"success\"}]},\"modelAccuracy\":{\"Classifier\":1,\"Extractors\":{\"Contract Name\":1,\"Client \":1,\"Contract Date\":1,\"Fee\":1,\"ServiceType\":1}},\"perSampleAccuracy\":{\"133\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"249\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"252\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"253\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"254\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"255\":{\"Classifier\":1,\"Extractors\":{\"ServiceType\":1}},\"256\":{\"Extractors\":{\"ServiceType\":1}},\"257\":{\"Extractors\":{\"ServiceType\":1}}},\"perSamplePrediction\":{\"133\":{\"Extractors\":{\"ServiceType\":[]}},\"249\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"252\":{\"Extractors\":{\"ServiceType\":[\"Catering\"]}},\"253\":{\"Extractors\":{\"ServiceType\":[\"Design\"]}},\"254\":{\"Extractors\":{\"ServiceType\":[\"Marketing\"]}},\"255\":{\"Extractors\":{\"ServiceType\":[\"Financial Planning\"]}},\"256\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}},\"257\":{\"Extractors\":{\"ServiceType\":[\"Writing\"]}}},\"trainingFailures\":{}}",
+ "ContentTypeGroup": "Intelligent Document Content Types",
+ "ContentTypeId": "0x01010083DF84D4F59BBD4CB06F075AA81F58AA",
+ "ContentTypeName": "Contoso Contract",
+ "Created": "2020-03-25T22:04:04Z",
+ "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-h2NuHxlYUiTJyiwKQHZobK",
+ "Explanations": "{\"Classifier\":[{\"id\":\"8122ac1d-8fcb-4705-8872-2825cbf05bfe\",\"kind\":\"dictionaryFeature\",\"name\":\"agreement\",\"active\":true,\"nGrams\":[\"CONSULTING AGREEMENT\",\"SERVICES AGREEMENT\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"af83bea8-bc53-4e93-a3da-f1e697eb6bef\",\"kind\":\"modelFeature\",\"name\":\"Contract Name\",\"active\":true,\"modelReference\":\"Contract Name\",\"conceptId\":\"841d0dcf-7f1d-4a39-931c-53923d10c346\"},{\"id\":\"e3734994-9e34-40e3-82c7-bb6c7bc5a0c3\",\"kind\":\"modelFeature\",\"name\":\"Client \",\"active\":true,\"modelReference\":\"Client \",\"conceptId\":\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\"},{\"id\":\"7c93e7fe-cbfb-47ee-8cca-46ecdf5f628f\",\"kind\":\"modelFeature\",\"name\":\"Contract Date\",\"active\":true,\"modelReference\":\"Contract Date\",\"conceptId\":\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\"},{\"id\":\"5cc85b62-148a-4b07-9155-d9fb7cebb6d0\",\"kind\":\"modelFeature\",\"name\":\"Fee\",\"active\":true,\"modelReference\":\"Fee\",\"conceptId\":\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\"},{\"id\":\"0f8a23a6-c744-4cae-82bd-d836332ceb56\",\"kind\":\"modelFeature\",\"name\":\"ServiceType\",\"active\":true,\"modelReference\":\"ServiceType\",\"conceptId\":\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\"}],\"Extractors\":{\"Contract Name\":[{\"id\":\"8804fbeb-bcf8-44c0-8ade-3fc65496037f\",\"kind\":\"dictionaryFeature\",\"name\":\"before\",\"active\":true,\"nGrams\":[\"- AND -\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Client \":[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"dictionaryFeature\",\"name\":\"start\",\"active\":true,\"nGrams\":[\"BETWEEN:\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"dictionaryFeature\",\"name\":\"after\",\"active\":true,\"nGrams\":[\"of\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"bccefd2e-88a4-406c-aa9d-81d508bbafb3\",\"kind\":\"proximityFeature\",\"name\":\"prox\",\"active\":true,\"patterns\":[[{\"id\":\"606c56de-9e71-42ef-8ec6-f0bbf351d673\",\"kind\":\"proximityFeatureReference\"},{\"kind\":\"proximityTokenRange\",\"minCount\":1,\"maxCount\":6},{\"id\":\"334e6df5-e076-40db-a47b-f11ceec7af9a\",\"kind\":\"proximityFeatureReference\"}]]}],\"Contract Date\":[{\"id\":\"fabe1ed3-07af-4dc6-852d-fe9521c64801\",\"kind\":\"dictionaryFeature\",\"name\":\"dated\",\"active\":true,\"nGrams\":[\"dated\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"983da7b8-51d7-4a85-9644-007b488fce0b\",\"kind\":\"dictionaryFeature\",\"name\":\"betw\",\"active\":true,\"nGrams\":[\"between\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"Fee\":[{\"id\":\"f4cf89dc-64d1-49a1-9be4-41debda251b6\",\"kind\":\"dictionaryFeature\",\"name\":\"flat fee of \",\"active\":true,\"nGrams\":[\"flat fee of $\",\"flat fee of $$\"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}],\"ServiceType\":[{\"id\":\"c04408f5-ce14-4eb0-81d0-f72ea9fa7e83\",\"kind\":\"dictionaryFeature\",\"name\":\"Before label\",\"active\":true,\"nGrams\":[\"will provide \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false},{\"id\":\"ea94fa7f-e41b-4e09-a484-355912bfbdff\",\"kind\":\"dictionaryFeature\",\"name\":\"After label\",\"active\":true,\"nGrams\":[\"services for \"],\"caseSensitive\":false,\"ignoreDigitIdentity\":false,\"ignoreLetterIdentity\":false}]}}",
+ "ID": 16,
+ "LastTrained": "2021-01-27T03:04:00Z",
+ "ListID": "f1e13676-8595-4c22-9ca2-c0a4076686ca",
+ "ModelSettings": null,
+ "ModelType": 2,
+ "Modified": "2021-01-27T03:05:04Z",
+ "ModifiedBy": "i:0#.f|membership|kevinche@contoso.com",
+ "ObjectId": "01ZBWEM5E54ZCXN6ZBERFKC6U336T4WY64",
+ "PublicationType": 0,
+ "Schemas": "{\"Extractors\":{\"Contract Name\":{\"concepts\":{\"841d0dcf-7f1d-4a39-931c-53923d10c346\":{\"name\":\"Contract Name\"}},\"relationships\":[]},\"Client \":{\"concepts\":{\"8b8490d0-9a09-4c16-bcff-59ce62e05c28\":{\"name\":\"Client \"}},\"relationships\":[]},\"Contract Date\":{\"concepts\":{\"6ba58918-e2f0-4685-9080-98ec4c3adc7c\":{\"name\":\"Contract Date\"}},\"relationships\":[]},\"Fee\":{\"concepts\":{\"9c7f764d-afd2-49cd-aaa2-e9407156bfb3\":{\"name\":\"Fee\"}},\"relationships\":[]},\"ServiceType\":{\"concepts\":{\"4aa9f2fe-cfab-49f8-86b1-11646c79cdbf\":{\"name\":\"ServiceType\",\"termSetId\":\"76c12efb-5173-4982-ae9b-5f9e37187171\"}},\"relationships\":[]}}}",
+ "SourceUrl": null,
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc"
+}
+```
+### Get and delete the Contoso Contract model by ID
+
+In this sample, the ID of the Contoso Contract document understanding model is `7645e69d-21fb-4a24-a17a-9bdfa7cb63dc`.
+
+#### Sample request
+
+```HTTP
+DELETE /_api/machinelearning/models/getbyuniqueid(ΓÇÿ{7645e69d-21fb-4a24-a17a-9bdfa7cb63dc}') HTTP/1.1
+```
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Rest Getmodelandlibraryinfo https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-getmodelandlibraryinfo.md
+
+ Title: Get model and library info
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to get information about a model and the library where it has been applied.
++
+# Get model and library information
+
+Gets information about a model and the library where it has been applied (see [example](rest-getmodelandlibraryinfo.md#examples)).
+
+## HTTP request
+
+```HTTP
+GET /_api/machinelearning/publications/getbyuniqueid(ΓÇÿ{modelUniqueId}ΓÇÖ) HTTP/1.1
+```
+
+## URI parameters
+
+| Name | In | Required | Type | Description |
+|--|-|--||
+|ModelUniqueId|query|True|GUID|The unique id of the model file.|
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
++
+## Request body
+
+| Name | Required | Type | Description |
+|--|-|--||
+|ModelUniqueId|yes|string|The unique ID of the model file.|
+|TargetSiteUrl|yes|string|The full URL of the target library site.|
+|TargetWebServerRelativeUrl|yes|string|The server relative URL of the web for the target library.|
+|TargetLibraryServerRelativeUrl|yes|string|The server relative URL of the target library.|
+|TargetLibraryRemoved|yes|int|The flag that indicates if the target library has been removed or not.|
+
+## Response
+
+| Name | Type | Description|
+|--|-||
+|200 OK| |Success|
+|201 Created| |Note that because this API supports applying model to multiple libraries, a 201 could be returned even if there's a failure applying the model to one of the libraries. <br>Check the response body to understand if the model has been successfully applied to all the specified libraries. See [Request body](rest-getmodelandlibraryinfo.md#request-body) for details.|
+
+## Examples
+
+### Get information about the contracts model and primed document library in the repository site
+
+In this sample, the ID of the Contoso Contract document understanding model is `7645e69d-21fb-4a24-a17a-9bdfa7cb63dc`.
+
+#### Sample request
+
+```HTTP
+GET /sites/TestCC/_api/machinelearning/publications/getbymodeluniqueid(ΓÇÿ{7645e69d-21fb-4a24-a17a-9bdfa7cb63dc}ΓÇÖ) HTTP/1.1
+```
+#### Sample response
+
+**Status code:** 200
+
+```JSON
+{
+ "@odata.context": "https://contoso.sharepoint.com/sites/TestCC/_api/$metadata#publications",
+ "value": [
+ {
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningPublication",
+ "@odata.id": "https://contoso.sharepoint.com/sites/repository /_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,94\"",
+ "@odata.editLink": " https://contoso.sharepoint.com/sites/TestCC /_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "Created": "2021-04-27T03:05:25Z",
+ "CreatedBy": "i:0#.f|membership|meganb@contoso.com",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-gPy9BrxT7GTrtXtdtv1Uzb",
+ "ID": 26,
+ "ModelId": 16,
+ "ModelName": "contosocontract.classifier",
+ "ModelType": 0,
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ModelVersion": "8.0",
+ "Modified": "2021-03-17T17:56:42Z",
+ "ModifiedBy": "i:0#.f|membership|joedoe@contoso.com",
+ "ObjectId": "01ZBWEM5FZRILGLXTEB5CZ2NNNSCTWBJMQ",
+ "PublicationType": 1,
+ "TargetLibraryRemoved": false,
+ "TargetLibraryServerRelativeUrl": "/sites/repository/contracts",
+ "TargetLibraryUrl": " https://contoso.sharepoint.com/sites/repository/contracts",
+ "TargetSiteUrl": "https://contoso.sharepoint.com/sites/repository",
+ "TargetWebServerRelativeUrl": "/sites/repository",
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ViewOption": "NewViewAsDefault"
+ },
+ {
+ "@odata.type": "#Microsoft.Office.Server.ContentCenter.SPMachineLearningPublication",
+ "@odata.id": "https://contoso.sharepoint.com /sites/legal/_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "@odata.etag": "\"7645e69d-21fb-4a24-a17a-9bdfa7cb63dc,101\"",
+ "@odata.editLink": "https://contoso.sharepoint.com /sites/legal/_api/machinelearning/publications/getbyuniqueId('7645e69d-21fb-4a24-a17a-9bdfa7cb63dc')",
+ "Created": "2021-01-27T03:17:44Z",
+ "CreatedBy": "i:0#.f|membership|esherman@contoso.com ",
+ "DriveId": "b!O-aG9qer5UiXx2jEwd8pL0221maIb9lNs9tH5vAMU-gPy9BrxT7GTrtXtdtv1Uzb",
+ "ID": 27,
+ "ModelId": 16,
+ "ModelName": "dispositions.classifier",
+ "ModelType": 0,
+ "ModelUniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ModelVersion": "8.0",
+ "Modified": "2021-03-17T23:17:46Z",
+ "ModifiedBy": "i:0#.f|membership|esherman@contoso.com ",
+ "ObjectId": "01ZBWEM5B3ERSZK4PAARGLFZ7JP6GMXG2R",
+ "PublicationType": 1,
+ "TargetLibraryRemoved": false,
+ "TargetLibraryServerRelativeUrl": "/sites/legal/dispositions",
+ "TargetLibraryUrl": "https://contoso.sharepoint.com/sites/legal/dispositions",
+ "TargetSiteUrl": " https://contoso.sharepoint.com/sites/legal",
+ "TargetWebServerRelativeUrl": "/sites/legal",
+ "UniqueId": "7645e69d-21fb-4a24-a17a-9bdfa7cb63dc",
+ "ViewOption": "NewViewAsDefault"
+ }
+ ]
+}```
+```
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Rest Updatemodelsettings Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/rest-updatemodelsettings-method.md
+
+ Title: UpdateModelSettings
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Use REST API to update available models settings for a SharePoint Syntex document understanding model.
++
+# UpdateModelSettings
+
+Updates available models settings (associated retention label and model description) for a SharePoint Syntex document understanding model (see [example](rest-updatemodelsettings-method.md#examples)).
+
+## HTTP request
+
+```HTTP
+POST /_api/machinelearning/models/updatemodelsettings HTTP/1.1
+```
+
+## URI parameters
+
+None
+
+## Request headers
+
+| Header | Value |
+|--|-|
+|Accept|application/json;odata=verbose|
+|Content-Type|application/json;odata=verbose;charset=utf-8|
+|x-requestdigest|The appropriate digest for the current site.|
+
+## Request body
+
+|Name |Type |Description |
+|--|-|-|
+|ModelSettings|string|JSON of model settings.|
+|Description|string|The model description.|
+|RetentionLabel| |Info for the associated label (label ID and name).|
+
+## Responses
+
+| Name | Type | Description|
+|--|-||
+|200 OK| |Success|
+
+## Examples
+
+### Update model settings for Contoso Contract
+
+In this example, the model description and "Standard Hold" retention label are updated. The ID of the retention label is `27c5fcba-abfd-4c34-823d-0b4a48f7ffe6`.
+
+#### Sample request
+
+```HTTP
+{
+ "ModelSettings": "{\"Description\":\"This model is used to set files classified as Contoso Contracts with a standard hold retention.\", \"RetentionLabel\":{\"Id\":\"27c5fcba-abfd-4c34-823d-0b4a48f7ffe6\",\"Name\":\"Standard Hold\"}}"
+}
+
+```
+
+#### Sample response
+
+**Status code:** 200
+
+## See also
+
+[Syntex document understanding model REST API](syntex-model-rest-api.md)
contentunderstanding Syntex Model Rest Api https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/contentunderstanding/rest-api/syntex-model-rest-api.md
+
+ Title: SharePoint Syntex document understanding model REST API
++++
+audience: admin
+
+search.appverid:
+
+localization_priority: Priority
+description: Overview of the SharePoint Syntex document understanding model REST API.
++
+# SharePoint Syntex document understanding model REST API
+
+You can use the SharePoint REST interface to create a document understanding model, apply or remove the model to one or more libraries, and obtain or update information about the model.
+
+The SharePoint Online (and SharePoint 2016 and later on-premises) REST service supports combining multiple requests into a single call to the service by using the OData $batch query option.
+
+For details and links to code samples, see [Make batch requests with the REST APIs](/sharepoint/dev/sp-add-ins/make-batch-requests-with-the-rest-apis).
+
+## Prerequisites
+
+Before you get started, make sure that you're familiar with the following:
+
+- [Get to know the SharePoint REST service](/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service)
+- [Complete basic operations using SharePoint REST endpoints](/sharepoint/dev/sp-add-ins/complete-basic-operations-using-sharepoint-rest-endpoints)
+
+## REST commands
+
+The following REST commands are available for working with Syntex document understanding models:
+
+- [Create model](rest-createmodel-method.md) ΓÇô Creates a model and its associated content type.
+- [GetByUniqueId](rest-getbyuniqueid-method.md) ΓÇô Gets or updates information about a SharePoint Syntex document understanding model.
+- [GetByTitle](rest-getbytitle-method.md) ΓÇô Gets or updates information about a SharePoint Syntex document understanding model using the model title.
+- [Apply model](rest-applymodel-method.md) ΓÇô Applies (or syncs) a trained document understanding model to one or more libraries.
+- [Get model and library information](rest-getmodelandlibraryinfo.md) ΓÇô Gets information about a model and the library where it has been applied.
+- [UpdateModelSettings](rest-updatemodelsettings-method.md) ΓÇô Updates available models settings (associated retention label and model description) for a SharePoint Syntex document understanding model.
+- [BatchDelete](rest-batchdelete-method.md) ΓÇô Removes an applied document understanding model from one or more libraries.
+- [Create classification request](rest-createclassificationrequest.md) ΓÇô Creates a request to classify a specified file or files using the applied model.
+
+## Scenarios
+
+Note the following scenario examples that aren't intuitive from the method name. For more information, see each article.
+
+The create model method only creates the model object and its associated content type. You'll need to first train the model in the content center before it can be applied to a library.
+
+The apply model method is used to configure the model on the target library to classify documents and optionally extract additional information. This API also supports batch applying the model to multiple libraries.
+
+The remove model method just removes the model from one or more libraries where it was previously applied. If you want to delete the model, it must first be removed from all the libraries where it was applied.
++
+## See also
+
+[Document understanding overview](../document-understanding-overview.md)
+
enterprise Data Move Faq https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/data-move-faq.md
- Title: "Data move general FAQ"-----
-localization_priority: Normal
-- MET150-- NOCSH
-description: Find answers to frequently asked questions (FAQs) about moving core data to a new Office 365 datacenter geo.
---
-# Data move general FAQ
-
-Here are answers to general questions about moving core customer data at rest to a new datacenter geo.
-
-## What customers are eligible to request a move?
-
-Existing Microsoft 365 commercial customers who selected a country eligible for the new datacenter geo will be able to request a move. The program exists only for tenants with an eligible country code assigned to the Microsoft 365 tenant to migrate core customer data at rest for eligible workloads to the corresponding Microsoft 365 datacenter geo. Please refer to the [How to request your data move](request-your-data-move.md) page to confirm country eligibility. 
-
-## How do we define Core Customer Data?
- 
-Core customer data is a term that refers to a subset of customer data defined in the [Microsoft Online Services Terms](https://aka.ms/ost):
-- Exchange Online mailbox content (email body, calendar entries, and the content of email attachments)-- SharePoint Online site content and the files stored within that site-- Files uploaded to OneDrive for Business -
-## What is in scope for Teams migration?
-
-In addition to Exchange Online, SharePoint Online, and OneDrive for Business; Microsoft will migrate Teams data to the local datacenter.
-- Teams chat messages, including private messages and channel messages. -- Teams images used in chats. -
-Teams files are stored in SharePoint Online and Teams chat files are stored in OneDrive for Business. Voicemail, calendar, and contacts are stored in Exchange Online. In many cases, Exchange Online, SharePoint Online, and OneDrive for Business are already used by the customer in the local datacenter geo and are also part of the Microsoft 365 migration program for eligible customer countries.
-
-## At what point is my migration complete so that my tenant's core customer data is being stored at rest in my new geo?
-
-Due to shared dependencies between Exchange Online and SharePoint Online/OneDrive for Business, any migration cannot be considered
-completed until both services are migrated. Exchange Online and SharePoint Online/OneDrive for Business often migrate at separate times and independently from one another. Customer tenant admins receive confirmation in Message Center when each service migration is completed and can view the data location card in the Admin Center at any time to confirm the core customer data at rest location for
-each service.
-
-## How do you make sure my customer data is safe during the move and that I won't experience downtime?
-
-Data moves are a back-end service operation with minimal impact to end users. Features that can be impacted are listed in [During and after your data move](during-and-after-your-data-move.md). We adhere to the [Microsoft Online Services Service Level Agreement (SLA)](https://go.microsoft.com/fwlink/p/?LinkId=523897) for availability so there is nothing that customers need to prepare for or to monitor during the move.
-
-All Microsoft 365 services run the same versions in the datacenters, so you can be assured of consistent functionality. Your service is fully supported throughout the process.
-
-## What is the impact of having different services located in different geos?
-
-Some of the Microsoft 365 services may be located in different geos for some existing customers and for customers that are in the middle of the move process. Our services run independently of each other and there is no impact on the user experience if this is the case. However, for data residency purposes, a tenant migration cannot be considered as complete until both Exchange Online and SharePoint Online/OneDrive for Business are migrated to the same datacenter geo.
-
- ## Where is my core customer data located?
-
-Customer tenant admins can view the data location card in the Admin Center at any time to confirm the core customer data at rest location for
-each service, specifically for their tenant.  We also publish the location of datacenter geos, datacenters, and location of Office
-365 customer data on the [Microsoft 365 interactive datacenter maps ](https://office.com/datamaps) as a reference for the current default core customer data at rest locations for new tenants. You can verify the location of your customer data at rest via the Data Location section under your Organization Profile in the Microsoft 365 admin center.  
-
-## When will I be able to request a move?
-
-Please refer to the [How to request your data move](request-your-data-move.md) page for supported timeframes for your datacenter geo.
-
-## How can I request to be moved?
-
-Eligible customers will see a page in their [Microsoft 365 admin center](https://admin.microsoft.com/). Please see [How to request your data move](request-your-data-move.md) for instructions on how to request a move.
-
-## Can I change my selection after requesting a move?
-
-It is not possible for us to remove you from the process after you submit your request.
-
-## What happens if I do not request a move before the deadline?
-
-We cannot accept requests for migration after the open enrollment period.
-
-## What if I want to move my data in order to get better network performance?
-
-Physical proximity to a Microsoft 365 datacenter is not a guarantee for a better networking performance. There are many factors and components that affect the network performance between the end user and the Microsoft 365 service. For more information about this and performance tuning, see [Network planning and performance tuning for Microsoft 365](network-planning-and-performance.md).
-
- ## Do all the services move their data on the same day?
-
-Each service moves independently and will likely move their data at different times.
-
- ## Can I choose when I want my data to be moved?
-
-Customers are not able to select a specific date, they cannot delay their move, and we cannot share a specific date or timeframe for the moves.
-
- ## Can you share when my data will be moved?
-
-Data moves are a back-end operation with minimal impact to end users. The complexity, precision, and scale at which we need to perform data moves within a globally operated and automated environment prohibit us from sharing when a data move is expected to complete for your tenant or any other single tenant. Customers will receive one confirmation in Message Center per participating service when its data move has completed.
-
- ## What happens if users access services while the data is being moved?
-
-See [During and after your data move](during-and-after-your-data-move.md) for a complete list of features that may be limited during portions of the data move for each service.
-
- ## How do I know the move is complete?
-
-Watch the Microsoft 365 Message Center for confirmation that the move of each service's data is complete. When each service's data is moved, we'll post a completion notice so you'll get three completion notices: one each for Exchange Online, SharePoint Online, and Skype for Business Online. You can also verify the location of your customer data at rest via the Data Location section under your Organization Profile in the Microsoft 365 admin center.  
-
-## I am a Microsoft 365 customer in one of the new datacenter geos, but when I signed up, I selected a different country. How can I be moved to the new datacenter geo?
-
-It is not possible to change the signup country associated with your tenant. Instead, you need to create a new Microsoft 365 tenant with a new subscription and manually move your users and data to the new tenant.
-
-## What happens if we are in process of email data migration to Microsoft 365 during the Exchange Online move?
-
-This is a very common scenario and is fully supported. Cloud migration between datacenter geos does not interfere with any on-premises to cloud mailbox migrations.
-
- ## Can I pilot some users?
-
-You can create a separate trial tenant to test connectivity, but the trial tenant can't be combined in any way with your existing tenant.
-
-## I don't want to wait for Microsoft to move my data. Can I just create a new tenant and move myself?
-
-Yes, however the process will not be as seamless as if Microsoft were to perform the data move.
-
-If you create a new tenant after the new datacenter geo is available, the new tenant will be hosted in the new geo. This new tenant is completely separate from your previous tenant and you would be responsible for moving all user mailboxes, site content, domain names, and any other data. Note that you can't move the tenant name from one tenant to another. We recommend that you wait for the move program provided by Microsoft as we'll take care of moving all settings, data, and subscriptions for your users.
-
-## My customer data has already been moved to a new datacenter geo. Can I move back?
-
-No, this is not possible. Customers who have been moved to new geo datacenters cannot be moved back. As a customer in any geo, you will experience the same quality of service, performance, and security controls as you did before. [Microsoft 365 Multi Geo](https://aka.ms/multi-geo) is available to some customers as an add-on and lets a single tenant create multiple satellite geos and move user data to those geos with data residency commitments.
-
-## Will Microsoft 365 tenants hosted in the new datacenters be available to users outside of the country?
-
-Yes. Microsoft maintains a large global network with public Internet connections in more than 130 locations in 35 countries around the world with peering agreements with more than 2,700 Internet Service Providers (ISPs). Users will be able to access the datacenters from wherever they are on the Internet.
-
-## My tenant has configured the [Multi Geo add-on](https://aka.ms/multi-geo). Can I still enroll in my tenant in the Microsoft 365 Move Program to change my default geo and move any user not in a satellite region to the new default geo?
-
-Yes, your tenant is eligible to enroll but there are significant considerations as tenant-level move is not fully supported for customers that have configured Multi-Geo.
-
-SharePoint Online and OneDrive for Business cannot migrate to the new datacenter geo at the tenant level through this program. The customer administrator can configure OneDrive for Business shares to move to any available region using Multi-Geo, but the default location for the tenant cannot be changed once Multi-Geo has been configured for a tenant.
-
-For customers that opt-in for migration - we will move all Exchange Online mailboxes from your current default geo to your new local datacenter geo and update the default Exchange Online region. We will not move any EXO mailboxes configured in Multi Geo satellite regions to continue to respect satellite region data residency as youΓÇÖve intended.
-
-## Related topics
-
-[Moving core data to new Microsoft 365 datacenter geos](moving-data-to-new-datacenter-geos.md)
-
-[How to request your data move](request-your-data-move.md)
-
-[Microsoft 365 Multi Geo](https://aka.ms/multi-geo)
-
-[Microsoft 365 interactive datacenter map](https://office.com/datamaps)
-
-[Microsoft 365 Support](../business-video/get-help-support.md)
-
-[New datacenter geos for Microsoft Dynamics CRM Online](/power-platform/admin/new-datacenter-regions)
-
-[Azure services by region](https://azure.microsoft.com/regions/)
enterprise During And After Your Data Move https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/during-and-after-your-data-move.md
Skype for Business moves are no longer available. [Skype for Business Online wi
[How to request your data move](request-your-data-move.md)
-[Data move general FAQ](data-move-faq.md)
+[Data move general FAQ](data-move-faq.yml)
[New datacenter geos for Microsoft Dynamics CRM Online](/power-platform/admin/new-datacenter-regions)
enterprise Moving Data To New Datacenter Geos https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/moving-data-to-new-datacenter-geos.md
Data moves to the new datacenter geo are completed at no additional cost to the
[How to request your data move](request-your-data-move.md)
-[Data move general FAQ](data-move-faq.md)
+[Data move general FAQ](data-move-faq.yml)
[New datacenter geos for Microsoft Dynamics CRM Online](/power-platform/admin/new-datacenter-regions)
enterprise Ms Cloud Germany Transition Add Csp https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/ms-cloud-germany-transition-add-csp.md
+
+ Title: "Additional information for Cloud Solution Providers"
+++ Last updated : 12/01/2020
+audience: ITPro
++
+localization_priority: Normal
+search.appverid:
+- MET150
+
+- Ent_O365
+- Strat_O365_Enterprise
+f1.keywords:
+- CSH
+
+- Ent_TLGs
+description: "Summary: Additional information for Cloud Solution Providers relevant to the migration from Microsoft Cloud Deutschland."
++
+# Additional information for Cloud Solution Providers
+
+Cloud Solution Providers (CSPs) supporting customers need to take additional steps during the migration from Microsoft Cloud Deutschland to the new German datacenter region.
+
+## Partner tenant migration
+
+Partner Microsoft Cloud Deutschland tenants won't be migrated. CSP customers will be migrated to Office 365 services under the new Office 365 services tenant of the same partner. After customer migration, the partner can manage this customer only from the Office 365 services tenant.
+
+## Missing subscriptions in Azure
+
+After [the subscription and license transition (phase 3)](ms-cloud-germany-transition-phases.md#Phase-9-&-10:-Azure-AD-Finalization) has been completed, Cloud Solution Providers will not have access to the Azure subscription anymore.
+
+To recover access, follow these steps to [elevate access to manage all Azure subscriptions and management groups](azure/role-based-access-control/elevate-access-global-admin).
enterprise Ms Cloud Germany Transition Add Devices https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/ms-cloud-germany-transition-add-devices.md
If a Windows 10 device is Azure AD registered, it needs to be disconnected from
If your work account is in the list but NOT connected to an Azure AD, proceed with step 2.
- Otherwise, your device is an Azure AD joined device and you have to refer to [this section](##-Azure-AD-Joined-Windows-10-devices).
+ Otherwise, your device is an Azure AD joined device and you have to refer to [Azure AD Joined Windows 10 devices](#azure-ad-joined-windows-10-devices).
+ ### Step 2: Disconnect the device from Azure AD 1. Click on your work account. The buttons *Info* and *Disconnect* appear. 2. Click **Disconnect**.
Administrators should check `https://portal.microsoftazure.de` to determine if t
**When do my users re-register their devices?**
-It's critical to your success that you only unregister and re-register your devices after [phase 9](ms-cloud-germany-transition-phases.md#Phase-9-&-10:-Azure-AD-Finalization) has been completed. You must finish the re-registration before phase 10 starts, otherwise you could lose access to your device.
+It's critical to your success that you only unregister and re-register your devices after [phase 9](ms-cloud-germany-transition-phases.md#phase-9--10-azure-ad-finalization) has been completed. You must finish the re-registration before phase 10 starts, otherwise you could lose access to your device.
**How do I know that all my devices are registered in the public cloud?**
-To check whether your devices are registered in the public cloud, you should export and download the list of devices from the Azure AD portal to an Excel spreadsheet. Then, filter the devices that are registered (by using the _registeredTime_ column) after the date when your organization has passed [phase 9 of the migration process](ms-cloud-germany-transition-phases.md#Phase-9-&-10:-Azure-AD-Finalization).
+To check whether your devices are registered in the public cloud, you should export and download the list of devices from the Azure AD portal to an Excel spreadsheet. Then, filter the devices that are registered (by using the _registeredTime_ column) after the date when your organization has passed [phase 9 of the migration process](ms-cloud-germany-transition-phases.md#phase-9--10-azure-ad-finalization).
## Additional considerations
-**IMPORTANT:** The Intune service principal will be enabled after [phase 3 of the migration process](ms-cloud-germany-transition-phases.md#Phase-3:-Subscription-transfer), which implies the activation of Azure AD Device Registration. If you blocked Azure AD Device Registration before migration, you must disable the Intune service principal with PowerShell to disable Azure AD Device Registration with the Azure AD portal again. You can disable the Intune service principal with this command in the Azure Active Directory PowerShell for Graph module.
+> [!IMPORTANT]
+> The Intune service principal will be enabled after [phase 3 of the migration process](ms-cloud-germany-transition-phases.md#phase-3-subscription-transfer), which implies the activation of Azure AD Device Registration. If you blocked Azure AD Device Registration before migration, you must disable the Intune service principal with PowerShell to disable Azure AD Device Registration with the Azure AD portal again. You can disable the Intune service principal with this command in the Azure Active Directory PowerShell for Graph module.
```powershell Get-AzureADServicePrincipal -All:$true |Where-object -Property AppId -eq "0000000a-0000-0000-c000-000000000000" | Set-AzureADServicePrincipal -AccountEnabled:$false
enterprise Ms Cloud Germany Transition Add Experience https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/ms-cloud-germany-transition-add-experience.md
The following table provides an overview about which endpoints will replace the
| Step(s) | Description | Impact | |:-|:-|:-|
-| Remove relying party trusts from Microsoft Cloud Deutschland AD FS. | After the cut-over to Azure AD is complete, the organization is fully using Office 365 services and is no longer connected to Microsoft Cloud Deutschland. At this point, the customer needs to remove the relying party trust to the Microsoft Cloud Deutschland endpoints. This can only be done when none of the customer's applications points to Microsoft Cloud Deutschland endpoints when Azure AD is leveraged as an Identity Provider (IdP). | Federated Authentication organizations | None. |
+| Remove relying party trusts from Microsoft Cloud Deutschland AD FS. | After the cut-over to Azure AD is complete, the organization is fully using Office 365 services and is no longer connected to Microsoft Cloud Deutschland. At this point, the customer needs to remove the relying party trust to the Microsoft Cloud Deutschland endpoints. This can only be done when none of the customer's applications points to Microsoft Cloud Deutschland endpoints when Azure AD is leveraged as an Identity Provider (IdP). | Federated Authentication organizations |
|||| <!--
The following table provides an overview about which endpoints will replace the
| Requests to join an Azure AD group in the last 30 days before migration will need to be requested again if the original request wasn't approved. | End-user customers will need to use the Access panel to submit a request to join an Azure AD group again if those requests weren't approved in the last 30 days before the migration. | As an end-user: <ol><li>Navigate to [Access panel](https://account.activedirectory.windowsazure.com/r#/joinGroups).</li><li>Find an Azure AD group for which membership approval was pending during the 30 days before migration.</li><li>Request to join the Azure AD group again.</li></ol> Requests to join a group that are active less than 30 days before migration cannot be approved, unless they're requested again after migration. | ||||
-<!--
- Question from ckinder
- The following paragraph is not clear
> ## Custom DNS updates **Applies to:** All customer managing their own DNS zones | Step(s) | Description | Impact | |:|:-|:-|
-| Update on-premises DNS services for Office 365 services endpoints. | Customer-managed DNS entries that point to Microsoft Cloud Deutschland need to be updated to point to the Office 365 Global services endpoints. | Failure to do so may result in failure of the service or of software clients. |
+| Update on-premises DNS services for Office 365 services endpoints. | Customer-managed DNS entries that point to Microsoft Cloud Deutschland need to be updated to point to the Office 365 Global services endpoints. Please refer to [Domains in the Microsoft 365 admin center](https://admin.microsoft.com/Adminportal/Home#/Domains) and apply the changes in your DNS configuration. | Failure to do so may result in failure of the service or of software clients. |
|||| ## Third-party services
The following table provides an overview about which endpoints will replace the
| Step(s) | Description | Impact | |:-|:-|:-| | Update partners and third-party services for Office 365 services endpoints. | <ul><li>Third-party services and partners that point to Office 365 Germany need to be updated to point to the Office 365 services endpoints. Example: Re-register, in alignment with your vendors and partners, the gallery app version of applications, if available. </li><li>Point all custom applications that leverage Graph API from `graph.microsoft.de` to `graph.microsoft.com`. Other APIs with changed endpoints also need to be updated, if leveraged. </li><li>Change all non-first-party enterprise applications to redirect to the worldwide endpoints. </li></ul>| Required action. Failure to do so may result in failure of the service or of software clients. |
-||||
-
-## SharePoint Online
-**Applies to**: Customers using SharePoint 2013 Workflows
-
-| Step(s) | Description | Impact |
-|:-|:-|:-|
-| Republish SharePoint 2013 workflows. | In the pre-migration work, we reduced the number of SharePoint 2013 workflows. Now with migration complete, the customer can republish the workflows. | This is a required action. Failure to do so may result in user confusion and help desk calls. |
-| Share items via Outlook | Sharing items in SharePoint Online and OneDrive for Business via Outlook no longer works after tenant cutover. |<ul><li>In SharePoint Online and OneDrive for Business, you can share items via Outlook. After pressing the Outlook button, a shareable link is created and pushed into a new message in the Outlook Web App.</li><li>After tenant cutover, this method of sharing won't work. We recognize this is a known issue. However, since this Outlook feature is in the path of deprecation, fixing the issue is not planned until the deprecation is rolled out. </li></ul>|
-||||
-
-## Exchange Online
-**Applies to**: Customers using a hybrid Exchange configuration
-
-| Step(s) | Description | Impact |
-|:-|:-|:-|
-| Rerun Hybrid Configuration wizard (HCW) against Office 365 services. | The existing HCW configuration is meant to support Microsoft Cloud Deutschland. With migration of Exchange services complete, we decouple on-premises configuration from Microsoft Cloud Deutschland. |<ul><li>Required action. Failure to do so may result in failure of the service or of software clients. Before Exchange mailbox migration begins (with 5 or more days of notice), notify clients that they should stop and delete any onboarding or offboarding moves of their mailboxes. If they don't, they'll see errors in their move requests. </li><li>After Exchange mailbox migration is complete, notify clients that they can resume onboarding and offboarding moves. <br> Running **Test-MigrationServerAvailabiilty**, a PowerShell cmdlet, during migration of Exchange from Microsoft Cloud Deutschland to Office 365 services might not work. However, it will work properly after migration is complete. </li><li>If clients run into issues with credentials or authorization after mailboxes are migrated, users can reenter their on-premises administrator credentials in the migration endpoint by running `Set-MigrationEndpoint endpointName -Credential $(Get-Credential)`, or by setting the same by using Exchange Control Panel (ECP). </li></ul>|
+||||
enterprise Ms Cloud Germany Transition Experience https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/ms-cloud-germany-transition-experience.md
Considerations to note:
- Users of the Outlook Web App who access the service by using a URL where their mailbox does not reside will see an extra authentication prompt. For example, if the user's mailbox is in the Office 365 services and the user's Outlook Web App connection uses the legacy endpoint `outlook.office.de`, the user will first authenticate to `login.microsoftonline.de`, and then to `login.microsoftonline.com`. When migration is complete, the user can access the new URL (`https://outlook.office365.com`), and they'll see only the single, expected sign-in request.
+## SharePoint Online
+
+In SharePoint Online and OneDrive for Business, you can share items via Outlook. After pressing the Outlook button, a shareable link is created and pushed into a new message in the Outlook Web App.
+
+Sharing items in SharePoint Online and OneDrive for Business via Outlook no longer works after the migration of SharePoint Online has been completed. We recognize this is a known issue. However, since this Outlook feature is in the path of deprecation, fixing the issue is not planned until the deprecation is rolled out.
+ ## Office Services Office Online services are accessible via `office.de` before and during the transition. After users' mailboxes are transitioned to the Office 365 services, users should begin to use Office 365 services URLs. As subsequent workloads migrate to Office 365 services, their interface from the office.com portal will begin to work.
enterprise Ms Cloud Germany Transition Phases https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/ms-cloud-germany-transition-phases.md
Failing to complete this task may result in hybrid free-busy requests failing to
**Applies to**: All customers with an Office 365 tenant hosted in the Microsoft Cloud Deutschland (MCD)
-Partner Microsoft Cloud Deutschland tenants won't be migrated. CSP customers will be migrated to Office 365 services under the new Office 365 services tenant of the same partner. After customer migration, the partner can manage this customer only from the Office 365 services tenant.
- | Step(s) | Description | Impact | |:-|:-|:-| | Subscriptions are transferred| The Microsoft Cloud Deutschland subscription will be migrated to corresponding Office 365 Global services subscription. <ul><li>The Office 365 Global services offer of that subscription is defined by Microsoft (also known as _Offer mapping_).</li><li> Corresponding Office 365 Global services subscriptions are purchased in the Office 365 Global instance for the transferred Microsoft Cloud Deutschland subscriptions.</li><li>Legacy Microsoft Cloud Deutschland subscriptions are removed from the Office 365 services tenant on completion.</li></ul>| <ul><li>Changes to existing subscriptions will be blocked (for example, no new subscription purchases or seat count changes) during this phase.</li><li>License assignment changes will be blocked.</li><li>When subscription migration is complete, both Office 365 services and Microsoft Cloud Deutschland subscriptions will be visible in the Office 365 Admin Portal, with the status of Microsoft Cloud Deutschland subscriptions as _deprovisioned_. </li><li>Any customer processes that have dependencies on Microsoft Cloud Deutschland subscriptions or SKU GUIDs will be broken and need to be revised with the Office 365 services offering. </li><li>New subscriptions in the Office 365 services will be purchased with the new term (monthly/quarterly/yearly), and the customer will receive a prorated refund for the unused balance of the Microsoft Cloud Deutschland subscription. </li></ul> |
Partner Microsoft Cloud Deutschland tenants won't be migrated. CSP customers wil
Between Phase 2 and phase 3, Partner Portal may not be accessible. During this time, Partner may not be able to access the tenant's information on the Partner Portal. Since each migration is different, the duration of in-accessibility could be in hours.
+Additional information for Cloud Solution Providers are available [here](ms-cloud-germany-transition-add-csp.md#Partner-tenant-migration).
## Phase 4: SharePoint Online
In case you are still using SharePoint 2013 workflows, limit the use of SharePoi
| Step(s) | Description | Impact | |:-|:--|:-| | SharePoint and OneDrive are transitioned | SharePoint Online and OneDrive for Business are migrated from Microsoft Cloud Deutschland to Office 365 Global services in this phase.<br><ul><li>Existing Microsoft Cloud Deutschland URLs are preserved (for example, `contoso.sharepoint.de`).</li><li>Existing sites are preserved.</li><li>Client-side authentication tokens that were issued by the Security Token Service (STS) in the Microsoft Cloud Deutschland or Office 365 Global services instance are valid during the transition.</li></ul>|<ul><li>Content will be read-only for two brief periods during migration. During this time, expect a "you can't edit content" banner in SharePoint.</li><li>The search index won't be preserved, and may take up to 10 days to be rebuilt.</li><li>SharePoint Online and OneDrive for Business content will be read-only for two brief periods during migration. Users will see a "you can't edit content" banner briefly during this time.</li><li>Upon completion of the SharePoint Online migration, the search results for SharePoint Online and OneDrive for Business content may be unavailable while the index is rebuilt. During this period, search queries might not return complete results. Features that are dependent on search indexes, such as SharePoint Online News, may be affected while reindexing completes.</li><li>SharePoint 2013 workflows will be broken during migration and must be republished after migration.</li></ul>
-|**SPO Admin**: Republish SharePoint 2013 workflows| A SharePoint Online admin republishes the SharePoint 2013 workflows after the migration.|SharePoint 2013 workflows are available.
+|**SPO Admin**: Republish SharePoint 2013 workflows| A SharePoint Online admin republishes the SharePoint 2013 workflows after the migration.| This is a required action. Failure to do so may result in user confusion, help desk calls and decreased productivity.
|**PowerShell user**: Update to new module| All users of the SharePoint Online PowerShell module need to update module/Microsoft.SharePointOnline.CSOM to version 16.0.20717.12000 or above after the SharePoint Online migration is completed. Completion is communicated in the message center.| SharePoint Online via PowerShell or the client-side object model will no longer fail. ||||
Additional considerations:
- Users of Outlook Web App that access a shared mailbox in the other environment (for example, a user in the MCD environment accesses a shared mailbox in the Global environment) will be prompted to authenticate a second time. The user must first authenticate and access their mailbox in `outlook.office.de`, then open the shared mailbox that is in `outlook.office365.com`. They'll need to authenticate a second time when accessing the shared resources that are hosted in the other service. - For existing Microsoft Cloud Deutschland customers or those in transition, when a shared mailbox is added to Outlook by using **File > Info > Add Account**, viewing calendar permissions may fail (the Outlook client attempts to use the Rest API `https://outlook.office.de/api/v2.0/Me/Calendars`). Customers who want to add an account to view calendar permissions can add the registry key as described in [User experience changes for sharing a calendar in Outlook](https://support.microsoft.com/office/user-experience-changes-for-sharing-a-calendar-in-outlook-5978620a-fe6c-422a-93b2-8f80e488fdec) to ensure this action will succeed. This registry key can be deployed organization-wide by using Group Policy. - All customers using an active Exchange Hybrid Configuration are not able to move mailboxes from on-premises Exchange Server to Exchange Online, neither to Microsoft Cloud Deutschland, nor to the new datacenter region in Germany. Customers need to ensure that ongoing mailbox moves have been completed prior to phase 5 and will be resumed after completion this phase.
+- Running `Test-MigrationServerAvailabiilty`, a PowerShell cmdlet, during migration of Exchange from Microsoft Cloud Deutschland to Office 365 services might not work. However, it will work properly after migration is complete.
+- If clients run into issues with credentials or authorization after mailboxes are migrated, reenter the on-premises administrator credentials in the migration endpoint by running `Set-MigrationEndpoint -Identity <endpointName> -Credential $(Get-Credential)`, or by setting the same by using Exchange Control Panel (ECP).
- Ensure that all users using legacy protocols (POP3/IMAP4/SMTP) for their devices are prepared to change the endpoints in their client after their Exchange mailbox has been moved to the new German datacenter region as described in the [pre-migration steps for Exchange Online](ms-cloud-germany-transition-add-pre-work.md#exchange-online). - Scheduling Skype for Business meetings in Outlook Web App is not available anymore after the mailbox has been migrated. If necessary, users have to use Outlook instead.
enterprise Request Your Data Move https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/request-your-data-move.md
As of January 2020, customers in eligible Office 365 countries can opt-in for mi
[Moving core data to new Office 365 datacenter geos](moving-data-to-new-datacenter-geos.md)
-[Data move general FAQ](data-move-faq.md)
+[Data move general FAQ](data-move-faq.yml)
[New datacenter geos for Microsoft Dynamics CRM Online](/power-platform/admin/new-datacenter-regions)
knowledge Search https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/knowledge/search.md
While Viva Topics users can find topics through topic highlights in their ShareP
## Topic answer
-When you search for a specific topic in Microsoft Search (for example, "Saturn"), if a topic exists and is found, it will display the result in the topic answer suggestion format.
+When you search for a specific topic from the SharePoint start page, on Office.com, or from a SharePoint site that has been scoped to your organization, if a topic exists and is found, it will display the result in the topic answer suggestion format.
The topic answer will display:+ - Topic name - Alternate names: Alternate names or acronyms for the topic. - Definition: Description of the topic provided by AI or manually added by a person.
The topic answer will display:
The topic page can display in the search results even if the topic answer card doesn't appear.
-The search results in Word, PowerPoint, Outlook and Excel will also show the topic answer when one is found.
-
+The search results in Word, PowerPoint, Outlook, and Excel will also show the topic answer when one is found.
## Acronyms
-In Viva Topics, you can manually edit a topic to include an acronym for it as an <b>Alternate Name</b>. This allows a user who is searching by only the topic's acronym to find the topic answer through Microsoft Search.
+In Viva Topics, you can manually edit a topic to include an acronym for it as an *Alternate Name*. This allows a user who is searching by only the topic's acronym to find the topic answer through Microsoft Search.
[Acronym Answers](/microsoftsearch/manage-acronyms) is a feature provided though Microsoft Search and is managed separately from Viva Topics.
In Viva Topics, you can manually edit a topic to include an acronym for it as an
For users who are looking for information about booking a trip for work: - If some users know the travel tool name (for example, "Concur"), it's easier to create a bookmark to go directly to the external site.+ - For users who search generally for "travel", create a topic on "Travel" that has the information they expect to see. Consider adding a link to the Concur external site in the description of the topic. If the link is instead to an internal travel booking site hosted on the Microsoft 365 tenant, you can add it to the ΓÇ£Pinned ResourcesΓÇ¥. ### Search results priority In the user's search experience, when a user searches for a term like ΓÇ£travelΓÇ¥, a bookmark will appear in place of a topic, if a bookmark is available.+
+## See also
+
+[Viva Topics overview](topic-experiences-overview.md)
knowledge Topic Experiences Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/knowledge/topic-experiences-overview.md
Title: "Microsoft Viva Topics overview"
-+ audience: admin
description: "Overview of Viva Topics."
# Microsoft Viva Topics overview
-Viva Topics uses Microsoft AI technology, Microsoft 365, Microsoft Graph, Search, and other components and services to bring knowledge to your users in the Microsoft 365 apps they use everyday, starting with SharePoint modern pages, Microsoft Search, and Search in Word, PowerPoint, Outlook and Excel.
+Viva Topics uses Microsoft AI technology, Microsoft 365, Microsoft Graph, Search, and other components and services to bring knowledge to your users in the Microsoft 365 apps they use everyday, starting with SharePoint modern pages, Microsoft Search, and Search in Word, PowerPoint, Outlook, and Excel.
<br/>
Viva Topics uses AI to automatically search for and identify *topics* in your or
## How topics are displayed to users
-When a topic is mentioned in content on SharePoint news and pages, you'll see it highlighted. You can open the topic summary from the highlight. Open the topic details from the title of the summary. The mentioned topic could be identified automatically or have been added to the page with a direct reference to the topic by the page author.
+Topics are displayed to users through:
- ![Topic highlights](../media/knowledge-management/saturn.png)
+- [Topic highlights](topic-experiences-overview.md#topic-highlights) in SharePoint pages
+- Topic answers in [search results](topic-experiences-overview.md#search-results)
+- Search in [office applications](topic-experiences-overview.md#office-application-search)
+- [Topic center](topic-experiences-overview.md#topic-center) home page
-When you use Search in Word, PowerPoint, Outlook or Excel, either through the search box, or by selecting **Search** in the context menu, the results that are displayed might also show the topic summary.
+### Topic highlights
+
+When a topic is mentioned in content on SharePoint news and pages, you'll see it highlighted. You can open the topic summary from the highlight. Open the topic details from the title of the summary to view the full topic page. The mentioned topic could be identified automatically or could have been added to the page with a direct reference to the topic by the page author.
+
+ ![Screenshot showing topic highlights.](../media/knowledge-management/saturn.png)
+
+### Search results
+
+You can see a [topic answer](search.md#topic-answer) in search results when you search from the SharePoint start page, search on Office.com, or search from a SharePoint site after you you change the search scope to include the full organization. The topic answer will appear at the topic of the results list and give you a short set of information related to that topic.
+
+ ![Screenshot showing the search results of a SharePoint site search.](../media/knowledge-management/site-search-results.png)
+
+### Office application search
+
+When you use Search in Office apps such as Word, PowerPoint, Outlook, or Excel ΓÇö either through the search box or by selecting **Search** in the context menu ΓÇö topic answers are displayed in the search results.
![Screenshot showing search in Word through the Search box.](../media/knowledge-management/word-search-2.png) ![Screenshot showing search in Word through the Search context menu.](../media/knowledge-management/word-search-1.png)
+### Topic center
+
+Users can see topics in their organization to which they have a connection on the [topic center home page](topic-center-overview.md#home-page).
+ ## Knowledge indexing Viva Topics uses Microsoft AI technology to identify *topics* in your Microsoft 365 environment.
managed-desktop Admin Support https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/managed-desktop/working-with-managed-desktop/admin-support.md
# Admin support for Microsoft Managed Desktop
-You can submit support tickets or feedback requests to Microsoft using the Microsoft Managed Desktop Administrative Portal. Support requests are always prioritized over feedback submissions. Support requests are triaged and managed according to severity as outlined in the [severity definition table](#sev). Feedback is reviewed, and a response provided where requested.
+You can submit support tickets or feedback requests to Microsoft using the Microsoft Managed Desktop Admin portal. Support requests are always prioritized over feedback submissions. Support requests are triaged and managed according to severity as outlined in the [severity definition table](#sev). Feedback is reviewed and a response provided where requested.
>[!IMPORTANT]
->Make sure that you [set up an Admin contact](../get-started/add-admin-contacts.md) for app packaging, devices, security, and other. You are unable to submit a support request in any of these areas if an admin contact is not configured.
+>Make sure that you [set up an Admin contact](../get-started/add-admin-contacts.md) for app packaging, devices, security, and other requests. You won't be able to submit a support request in any of these areas if you don't provide an admin contact.
**To submit a support request** 1. Sign in to [Microsoft Endpoint Manager](https://endpoint.microsoft.com/) and navigate to the **Tenant administration** menu.
-2. Look for the Microsoft Managed Desktop section, select **Service request**.
+2. Look for the Microsoft Managed Desktop section, and then select **Service request**.
3. On **Support requests**, select **+ New Support ticket**.
-4. Select the **Support request type** that matches the help you need. The table below outlines the options.
+4. Select the **Support request type** that matches the help you need. The following table outlines the options.
5. Select the **Severity level**. For more information, see [Support request severity definitions](#sev). Support request type | When to use |
-Incident | You require the Microsoft Managed Desktop Operations Team to investigate, like widespread impact of a change or service outage.
-Request for information | You are planning a change for networking, proxy configuration, VPN systems, certificate expiration, or just need some information about the service. A response from the Microsoft Managed Desktop Operations Team is advised when communicating a change within your organization.
-Change request | You require the Microsoft Managed Desktop Operations Team to make a change, such as moving devices between update groups.
+Incident | You require the Microsoft Managed Desktop Operations team to investigate, for example, a widespread impact of a change or service outage.
+Request for information | You're planning a change in networking, proxy configuration, VPN systems, certificate expiration, or just need some information about the service. A response from the Microsoft Managed Desktop Operations team is advised when communicating a change within your organization.
+Change request | You require the Microsoft Managed Desktop Operations team to make a change, such as moving devices between update groups.
<span id="sev" /> ## Support request severity definitions
-Initial response time is the period from when you submit your support request to when a Microsoft Managed Desktop engineer contacts you and starts working on your support request. The initial response time varies with the business impact of the request, based on the severity of the request.
+The initial response time is the period from when you submit your support request to when a Microsoft Managed Desktop engineer contacts you and starts working on your support request. The initial response time varies with the business impact of the request, based on the severity of the request.
-Severity level | Customer situation | Initial response time | Expected customer response
+> [!NOTE]
+> In this table, "admin support hours" means, that Microsoft Managed Desktop support for admins is available, for most countries, 24 hours a day **Monday through Friday**. Severity A can be worked 24 hours a day all seven days of the week.
+
+Severity level | Situation | Initial response time | Expected response from you
| | |
-**Severity A ΓÇô Critical Impact** | **Critical business impact**<br><br>CustomerΓÇÖs business has significant loss or degradation of services and requires immediate attention.<br><br>**Major application compatibility impact**<br><br>The customerΓÇÖs entire business is experiencing financial impact due to crashing or loss of critical functionality | Initial: < 1 hour<br>Update: 60 minutes<br>24x7 available | When you select Severity A, you confirm that the issue has critical business impact, with severe loss and degradation of services. <br><br>The issue demands an immediate response, and you commit to continuous 24x7 operation every day with the Microsoft team until resolution, otherwise, Microsoft may at its discretion decrease the Severity to level B.<br><br> You also ensure that Microsoft has your accurate contact information.
-**Severity B ΓÇô Moderate Impact** | **Moderate business impact**<br><br>CustomerΓÇÖs business has moderate loss or degradation of services, but work can reasonably continue in an impaired manner.<br><br>**Moderate application compatibility impact**<br><br>A specific business group is no longer productive, due to crashing behavior or loss of critical functionality. | Initial: < 4 hours<br>Update: 12 hours<br>Business hours (24x7 available) | When you select Severity B, you confirm that the issue has moderate impact to your business with loss and degradation of services, but workarounds enable reasonable, albeit temporary, business continuity. <br><br>The issue demands an urgent response. If you chose 24x7 when you submit the support request, you commit to a continuous 24x7 operation every day with the Microsoft team until resolution, otherwise, Microsoft might at its discretion decrease the severity to level C. If you chose business-hours support when you submit a Severity B incident, Microsoft will contact you during business hours only.<br><br>You also ensure that Microsoft has your accurate contact information.
-**Severity C ΓÇô Minimal Impact** | **Minimum business impact**<br><br> CustomerΓÇÖs business is functioning with minor impediments of services.<br><br>**Minor application compatibility impact**<br><br>Potentially unrelated users experience minor compatibility issues that do not prevent productivity | Initial: < 8 hours<br>Update: 24 hours<br>Business hours | When you select Severity C, you confirm that the issue has minimum impact to your business with minor impediment of service.<br><br>For a Severity C incident, Microsoft will contact you during business hours only.<br><br>You also ensure that Microsoft has your accurate contact information
+**Severity A ΓÇô Critical Impact** | **Critical business impact**<br><br>Your business has significant loss or degradation of services and require immediate attention.<br><br>**Major application compatibility impact**<br><br>Your entire business is experiencing financial impact due to devices not responding or loss of critical functionality | Initial: < 1 hour<br>Update: 60 minutes<br>24-hour support every day is available | When you select Severity A, you confirm that the issue has critical business impact, with severe loss and degradation of services. <br><br>The issue demands an immediate response, and you commit to continuous engagement every day with the Microsoft team until resolution. Otherwise, Microsoft can at its discretion decrease the Severity to level B.<br><br> You also ensure that Microsoft has your accurate contact information.
+**Severity B ΓÇô Moderate Impact** | **Moderate business impact**<br><br>Your business has moderate loss or degradation of services, but work can reasonably continue in an impaired manner.<br><br>**Moderate application compatibility impact**<br><br>A specific business group is no longer productive, due to devices not responding or loss of critical functionality. | Initial: < 4 hours<br>Update: 12 hours<br>24 hours a day during admin support hours (Monday through Friday). | When you select Severity B, you confirm that the issue has moderate impact to your business with loss and degradation of services, but workarounds enable reasonable, albeit temporary, business continuity. <br><br>The issue demands an urgent response. If you chose all day every day support when you submit the support request, you commit to a continuous engagement every day with the Microsoft team until resolution. Otherwise, Microsoft might at its discretion decrease the severity to level C. If you chose admin support-hours support when you submit a Severity B incident, Microsoft will contact you during admin support hours only.<br><br>You also ensure that Microsoft has your accurate contact information.
+**Severity C ΓÇô Minimal Impact** | **Minimum business impact**<br><br> Your business is functioning with minor impediments of services.<br><br>**Minor application compatibility impact**<br><br>Potentially unrelated users experience minor compatibility issues that do not prevent productivity | Initial: < 8 hours<br>Update: 24 hours<br>Support 24 hours a day during admin support hours (Monday through Friday) | When you select Severity C, you confirm that the issue has minimum impact to your business with minor impediment of service.<br><br>For a Severity C incident, Microsoft will contact you during admin support hours only.<br><br>You also ensure that Microsoft has your accurate contact information.
+
-More details:
- **Support languages** - All support is provided in English.-- **Severity level changes** - Microsoft may downgrade the severity level if the customer is not able to provide adequate resources or responses to enable Microsoft to continue with problem resolution efforts. -- **Business hours** - For most countries, business hours are from 9:00 AM to 5:00 PM, Pacific Standard Time.-- **Application compatibility** - For an application compatibility issue to be considered, there must be a reproducible error, of the same version of the application, between the previous and current version of Windows or Office. To resolve application compatibility issues, Microsoft requires a customer point of contact to work with. The individual must work directly with our Fast Track team to investigate and resolve the issue.-- **Customer response time** If a customer is unable to meet the expected response requirements, Microsoft will downgrade the request by one severity level, to a minimum of Severity C. If a customer is unresponsive to requests for action, Microsoft will mitigate and close the support request within 48 hours of the last request.
+- **Severity level changes** - Microsoft might downgrade the severity level if you aren't able to provide adequate resources or responses to enable us to continue with problem resolution efforts.
+- **Application compatibility** - For an application compatibility issue to be considered, there must be a reproducible error, of the same version of the application, between the previous and current version of Windows or Microsoft 365 Apps for enterprise. To resolve application compatibility issues, we requires a point of contact in your org to work with. The contact must work directly with our Fast Track team to investigate and resolve the issue.
+- **Customer response time** If you aren't able to meet the expected response requirements, we'll downgrade the request by one severity level, to a minimum of Severity C. If you're unresponsive to requests for action, we'll mitigate and close the support request within 48 hours of the last request.
## Provide feedback We appreciate your feedback and use it to improve the admin support experience.
-Once a ticket is in the **Mitigated** or **Resolved** state, you can share your feedback on your experience with that particular issue. To share feedback, go to the **Service requests** page in the **Troubleshooting + support** menu of the MEM portal. Select the specific ticket. The ticket details will appear in the fly-in on the right side, select the **Feedback** tab, and provide the requested information. Be careful not to include any personal information in the feedback form. For more information about privacy, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement).
-
-![Feedback form](../../media/feedback_form.png)
+Once a ticket is in the **Mitigated** or **Resolved** state, you can share your feedback on your experience with that particular issue. To share feedback, go to the **Service requests** page in the **Troubleshooting + support** menu of the Microsoft Endpoint Manager portal. Select the specific ticket. The ticket details will appear in the fly-in on the right side. Select the **Feedback** tab, and provide the requested information. Be careful not to include any personal information in the feedback form. For more information about privacy, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement).
## More resources
security Attack Surface Reduction https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction.md
Whenever an attack surface reduction rule is triggered, a notification is displa
In addition, when certain attack surface reduction rules are triggered, alerts are generated.
-Notifications and any alerts that are generated can be viewed in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and in the Microsoft 365 security center ([https://security.microsoft.com](https://security.microsoft.com)).
+Notifications and any alerts that are generated can be viewed in the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) (formerly called the [Microsoft Defender Security Center](microsoft-defender-security-center.md)).
## Advanced hunting and attack surface reduction events
You can set attack surface reduction rules for devices that are running any of t
- Windows Server, [version 1803 (Semi-Annual Channel)](/windows-server/get-started/whats-new-in-windows-server-1803) or later - [Windows Server 2019](/windows-server/get-started-19/whats-new-19)
-Although attack surface reduction rules don't require a [Windows E5 license](/windows/deployment/deploy-enterprise-licenses), if you have Windows E5, you get advanced management capabilities. These capabilities available only in Windows E5 include monitoring, analytics, and workflows available in [Defender for Endpoint](microsoft-defender-endpoint.md), as well as reporting and configuration capabilities in the [Microsoft 365 security center](/microsoft-365/security/defender/overview-security-center). These advanced capabilities aren't available with a Windows Professional or Windows E3 license; however, if you do have those licenses, you can use Event Viewer and Microsoft Defender Antivirus logs to review your attack surface reduction rule events.
+Although attack surface reduction rules don't require a [Windows E5 license](/windows/deployment/deploy-enterprise-licenses), if you have Windows E5, you get advanced management capabilities. These capabilities available only in Windows E5 include monitoring, analytics, and workflows available in [Defender for Endpoint](microsoft-defender-endpoint.md), as well as reporting and configuration capabilities in [Microsoft 365 Defender](/microsoft-365/security/defender/overview-security-center). These advanced capabilities aren't available with a Windows Professional or Windows E3 license; however, if you do have those licenses, you can use Event Viewer and Microsoft Defender Antivirus logs to review your attack surface reduction rule events.
-## Review attack surface reduction events in the Microsoft Defender Security Center
+## Review attack surface reduction events in the Microsoft 365 Defender portal
Defender for Endpoint provides detailed reporting for events and blocks as part of alert investigation scenarios.
-You can query Defender for Endpoint data by using [advanced hunting](advanced-hunting-query-language.md). If you're running [audit mode](audit-windows-defender.md), you can use advanced hunting to understand how attack surface reduction rules could affect your environment.
+You can query Defender for Endpoint data in [Microsoft 365 Defender](microsoft-defender-security-center.md) by using [advanced hunting](advanced-hunting-query-language.md). If you're running [audit mode](audit-windows-defender.md), you can use advanced hunting to understand how attack surface reduction rules could affect your environment.
Here is an example query:
DeviceEvents
You can review the Windows event log to view events generated by attack surface reduction rules: 1. Download the [Evaluation Package](https://aka.ms/mp7z2w) and extract the file *cfa-events.xml* to an easily accessible location on the device.+ 2. Enter the words, *Event Viewer*, into the Start menu to open the Windows Event Viewer.+ 3. Under **Actions**, select **Import custom view...**.+ 4. Select the file *cfa-events.xml* from where it was extracted. Alternatively, [copy the XML directly](event-views.md).+ 5. Select **OK**. You can create a custom view that filters events to only show the following events, all of which are related to controlled folder access:
This rule provides an extra layer of protection against ransomware. It uses both
The rule tends to err on the side of caution to prevent ransomware. > [!NOTE]
-> You must [enable cloud-delivered protection](/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus) to use this rule.
+> You must [enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md) to use this rule.
This rule was introduced in:
Configuration Manager name: `Use advanced protection against ransomware`
GUID: `c1db55ab-c21a-4637-bb3f-a12568109d35`
-## See also
-- [Attack surface reduction FAQ](attack-surface-reduction-faq.md)-- [Enable attack surface reduction rules](enable-attack-surface-reduction.md)-- [Evaluate attack surface reduction rules](evaluate-attack-surface-reduction.md)-- [Compatibility of Microsoft Defender Antivirus with other antivirus/antimalware solutions](/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility)
security Behavioral Blocking Containment https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/behavioral-blocking-containment.md
ms.technology: mde
# Behavioral blocking and containment - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
The following image shows an example of an alert that was triggered by behaviora
## Components of behavioral blocking and containment -- **On-client, policy-driven [attack surface reduction rules](attack-surface-reduction.md)** Predefined common attack behaviors are prevented from executing, according to your attack surface reduction rules. When such behaviors attempt to execute, they can be seen in the Microsoft Defender Security Center [https://securitycenter.windows.com](https://securitycenter.windows.com) as informational alerts. (Attack surface reduction rules are not enabled by default; you configure your policies in the Microsoft Defender Security Center.)
+- **On-client, policy-driven [attack surface reduction rules](attack-surface-reduction.md)** Predefined common attack behaviors are prevented from executing, according to your attack surface reduction rules. When such behaviors attempt to execute, they can be seen in the Microsoft 365 Defender ([https://security.microsoft.com](https://security.microsoft.com)) as informational alerts. Attack surface reduction rules are not enabled by default; you configure your policies in the [Microsoft 365 Defender](microsoft-defender-security-center.md).
- **[Client behavioral blocking](client-behavioral-blocking.md)** Threats on endpoints are detected through machine learning, and then are blocked and remediated automatically. (Client behavioral blocking is enabled by default.) - **[Feedback-loop blocking](feedback-loop-blocking.md)** (also referred to as rapid protection) Threat detections are observed through behavioral intelligence. Threats are stopped and prevented from running on other endpoints. (Feedback-loop blocking is enabled by default.) -- **[Endpoint detection and response (EDR) in block mode](edr-in-block-mode.md)** Malicious artifacts or behaviors that are observed through post-breach protection are blocked and contained. EDR in block mode works even if Microsoft Defender Antivirus is not the primary antivirus solution. (EDR in block mode is not enabled by default; you turn it on in the Microsoft Defender Security Center.)
+- **[Endpoint detection and response (EDR) in block mode](edr-in-block-mode.md)** Malicious artifacts or behaviors that are observed through post-breach protection are blocked and contained. EDR in block mode works even if Microsoft Defender Antivirus is not the primary antivirus solution. (EDR in block mode is not enabled by default; you turn it on in Microsoft 365 Defender.)
Expect more to come in the area of behavioral blocking and containment, as Microsoft continues to improve threat protection features and capabilities. To see what's planned and rolling out now, visit the [Microsoft 365 roadmap](https://www.microsoft.com/microsoft-365/roadmap).
Behavior-based device learning models in Defender for Endpoint caught and stoppe
- The first protection layer detected the exploit behavior. Device learning classifiers in the cloud correctly identified the threat as and immediately instructed the client device to block the attack. - The second protection layer, which helped stop cases where the attack got past the first layer, detected process hollowing, stopped that process, and removed the corresponding files (such as Lokibot).
-While the attack was detected and stopped, alerts, such as an "initial access alert," were triggered and appeared in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)):
+While the attack was detected and stopped, alerts, such as an "initial access alert," were triggered and appeared in the [Microsoft 365 Defender portal](microsoft-defender-security-center.md) (formerly the Microsoft Defender Security Center):
This example shows how behavior-based device learning models in the cloud add new layers of protection against attacks, even after they have started running.
security Client Behavioral Blocking https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/client-behavioral-blocking.md
Antivirus protection works best when paired with cloud protection.
[Microsoft Defender Antivirus](microsoft-defender-antivirus-in-windows-10.md) can detect suspicious behavior, malicious code, fileless and in-memory attacks, and more on a device. When suspicious behaviors are detected, Microsoft Defender Antivirus monitors and sends those suspicious behaviors and their process trees to the cloud protection service. Machine learning differentiates between malicious applications and good behaviors within milliseconds, and classifies each artifact. In almost real time, as soon as an artifact is found to be malicious, it's blocked on the device.
-Whenever a suspicious behavior is detected, an [alert](alerts-queue.md) is generated, and is visible in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)).
+Whenever a suspicious behavior is detected, an [alert](alerts-queue.md) is generated, and is visible in the [Microsoft 365 Defender portal](microsoft-defender-security-center.md) (formerly the Microsoft Defender Security Center).
Client behavioral blocking is effective because it not only helps prevent an attack from starting, it can help stop an attack that has begun executing. And, with [feedback-loop blocking](feedback-loop-blocking.md) (another capability of behavioral blocking and containment), attacks are prevented on other devices in your organization.
security Collect Diagnostic Data Update Compliance https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/collect-diagnostic-data-update-compliance.md
ms.technology: mde
-# Collect Update Compliance diagnostic data for Microsoft Defender AV Assessment
-
+# Collect update compliance diagnostic data for Microsoft Defender Antivirus assessment
**Applies to:** - [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/)
-This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Microsoft Defender AV Assessment section in the Update Compliance add-in.
+This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Microsoft Defender Antivirus Assessment section in the Update Compliance add-in.
Before attempting this process, ensure you have read [Troubleshoot Microsoft Defender Antivirus reporting](troubleshoot-reporting.md), met all require prerequisites, and taken any other suggested troubleshooting steps.
On at least two devices that are not reporting or showing up in Update Complianc
a. Open the **Start** menu.
- b. Type **cmd**. Right-click on **Command Prompt** and click **Run as administrator**.
+ b. Type **cmd**. Right-click on **Command Prompt** and then select **Run as administrator**.
- c. Enter administrator credentials or approve the prompt.
+ c. Specify administrator credentials or approve the prompt.
2. Navigate to the Windows Defender directory. By default, this is `C:\Program Files\Windows Defender`.
On at least two devices that are not reporting or showing up in Update Complianc
5. Copy these .cab files to a location that can be accessed by Microsoft support. An example could be a password-protected OneDrive folder that you can share with us.
-6. Send an email using the <a href="mailto:ucsupport@microsoft.com?subject=WDAV assessment issue&body=I%20am%20encountering%20the%20following%20issue%20when%20using%20Windows%20Defender%20AV%20in%20Update%20Compliance%3a%20%0d%0aI%20have%20provided%20at%20least%202%20support%20.cab%20files%20at%20the%20following%20location%3a%20%3Caccessible%20share%2c%20including%20access%20details%20such%20as%20password%3E%0d%0aMy%20OMS%20workspace%20ID%20is%3a%20%0d%0aPlease%20contact%20me%20at%3a">Update Compliance support email template</a>, and fill out the template with the following information:
+6. Send an email using the <a href="mailto:ucsupport@microsoft.com?subject=MDAV assessment issue&body=I%20am%20encountering%20the%20following%20issue%20when%20using%20Windows%20Defender%20AV%20in%20Update%20Compliance%3a%20%0d%0aI%20have%20provided%20at%20least%202%20support%20.cab%20files%20at%20the%20following%20location%3a%20%3Caccessible%20share%2c%20including%20access%20details%20such%20as%20password%3E%0d%0aMy%20OMS%20workspace%20ID%20is%3a%20%0d%0aPlease%20contact%20me%20at%3a">update compliance support email template</a>, and fill out the template with the following information:
``` I am encountering the following issue when using Microsoft Defender Antivirus in Update Compliance:
security Collect Diagnostic Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/collect-diagnostic-data.md
On at least two devices that are experiencing the same issue, obtain the .cab di
a. Open the **Start** menu.
- b. Type **cmd**. Right-click on **Command Prompt** and click **Run as administrator**.
+ b. Type **cmd**. Right-click on **Command Prompt** and then select **Run as administrator**.
- c. Enter administrator credentials or approve the prompt.
+ c. Specify administrator credentials or approve the prompt.
2. Navigate to the Microsoft Defender directory. By default, this is `C:\Program Files\Windows Defender`.
security Controlled Folders https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/controlled-folders.md
localization_priority: Normal
audience: ITPro Previously updated : 02/03/2021 Last updated : 06/10/2021
Windows system folders are protected by default, along with several other folder
Controlled folder access requires enabling [Microsoft Defender Antivirus real-time protection](/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus).
-## Review controlled folder access events in the Microsoft Defender Security Center
+## Review controlled folder access events in the Microsoft 365 Defender portal
-Defender for Endpoint provides detailed reporting into events and blocks as part of its [alert investigation scenarios](investigate-alerts.md).
+Defender for Endpoint provides detailed reporting into events and blocks as part of its [alert investigation scenarios](investigate-alerts.md) in the Microsoft 365 Defender portal. (See [Microsoft Defender for Endpoint in Microsoft 365 Defender](../defender/microsoft-365-security-center-mde.md).)
You can query Microsoft Defender for Endpoint data by using [Advanced hunting](/microsoft-365/security/defender-endpoint/advanced-hunting-windows-defender-advanced-threat-protection). If you're using [audit mode](audit-windows-defender.md), you can use [advanced hunting](advanced-hunting-overview.md) to see how controlled folder access settings would affect your environment if they were enabled.
You can use the Windows Security app to view the list of folders that are protec
> [!NOTE] > [Windows system folders](#windows-system-folders-are-protected-by-default) are protected by default, and you cannot remove them from the list.
-## See also
-- [Evaluate controlled folder access](evaluate-controlled-folder-access.md)-- [Customize controlled folder access](customize-controlled-folders.md)-- [Protect more folders](customize-controlled-folders.md#protect-additional-folders)
security Defender Endpoint False Positives Negatives https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives.md
In endpoint protection solutions, a false positive is an entity, such as a file
![Definition of false positive and negatives in Defender for Endpoint](images/false-positives-overview.png)
-Fortunately, steps can be taken to address and reduce these kinds of issues. If you're seeing false positives/negatives in your [Microsoft Defender Security Center](../defender/microsoft-365-security-center-mde.md), your security operations can take steps to address them by using the following process:
+Fortunately, steps can be taken to address and reduce these kinds of issues. If you're seeing false positives/negatives in [Microsoft 365 Defender](microsoft-defender-security-center.md) (formerly the Microsoft Defender Security Center), your security operations can take steps to address them by using the following process:
1. [Review and classify alerts](#part-1-review-and-classify-alerts) 2. [Review remediation actions that were taken](#part-2-review-remediation-actions)
Managing your alerts and classifying true/false positives helps to train your th
Before you classify or suppress an alert, determine whether the alert is accurate, a false positive, or benign.
-1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in.
+1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.
2. In the navigation pane, choose **Alerts queue**.
Before you classify or suppress an alert, determine whether the alert is accurat
### Classify an alert
-Alerts can be classified as false positives or true positives in the Microsoft Defender Security Center. Classifying alerts helps train Microsoft Defender for Endpoint so that, over time, you'll see more true alerts and fewer false alerts.
+Alerts can be classified as false positives or true positives in the Microsoft 365 Defender. Classifying alerts helps train Microsoft Defender for Endpoint so that, over time, you'll see more true alerts and fewer false alerts.
-1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in.
+1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.
2. Select **Alerts queue**, and then select an alert.
Alerts can be classified as false positives or true positives in the Microsoft D
### Suppress an alert
-If you have alerts that are either false positives or that are true positives but for unimportant events, you can suppress those alerts in the Microsoft Defender Security Center. Suppressing alerts helps reduce noise in your security operations dashboard.
+If you have alerts that are either false positives or that are true positives but for unimportant events, you can suppress those alerts in the Microsoft 365 Defender. Suppressing alerts helps reduce noise in your security operations dashboard.
-1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in.
+1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.
2. In the navigation pane, select **Alerts queue**.
When you're done reviewing and undoing actions that were taken as a result of fa
### Review completed actions
-1. Go to the Action center ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)) and sign in.
+1. Go to the Action center ([https://security.microsoft.com/action-center](https://security.microsoft.com/action-center)) and sign in.
2. Select the **History** tab to view a list of actions that were taken.
When you're done reviewing and undoing actions that were taken as a result of fa
### Restore a quarantined file from the Action Center
-1. Go to the Action center ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)) and sign in.
+1. Go to the Action center ([https://security.microsoft.com/action-center](https://security.microsoft.com/action-center)) and sign in.
2. On the **History** tab, select an action that you want to undo.
When you're done reviewing and undoing actions that were taken as a result of fa
### Undo multiple actions at one time
-1. Go to the Action center ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)) and sign in.
+1. Go to the Action center ([https://security.microsoft.com/action-center](https://security.microsoft.com/action-center)) and sign in.
2. On the **History** tab, select the actions that you want to undo.
When you're done reviewing and undoing actions that were taken as a result of fa
> [!div class="mx-imgBorder"] > ![Quarantine file](images/autoir-quarantine-file-1.png)
-1. Go to the Action center ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)) and sign in.
+1. Go to the Action center ([https://security.microsoft.com/action-center](https://security.microsoft.com/action-center)) and sign in.
2. On the **History** tab, select a file that has the Action type **Quarantine file**.
device where the file was quarantined.
"ProgramFiles%\Windows Defender\MpCmdRun.exe" ΓÇôRestore ΓÇôName EUS:Win32/CustomEnterpriseBlock ΓÇôAll ```
- > [!NOTE]
- > In some scenarios, the **ThreatName** may appear as: `EUS:Win32/
-CustomEnterpriseBlock!cl`. Defender for Endpoint will restore all custom blocked files that were quarantined on this device in the last 30 days.
- > [!IMPORTANT]
+ > In some scenarios, the **ThreatName** may appear as `EUS:Win32/
+ CustomEnterpriseBlock!cl`. Defender for Endpoint will restore all custom blocked files that were quarantined on this device in the last 30 days.
> A file that was quarantined as a potential network threat might not be recoverable. If a user attempts to restore the file after quarantine, that file might not be accessible. This can be due to the system no longer having network credentials to access the file. Typically, this is a result of a temporary log on to a system or shared folder and the access tokens expired. 3. In the pane on the right side of the screen, select **Apply to X more instances of this file**, and then select **Undo**. - ## Part 3: Review or define exclusions An exclusion is an entity, such as a file or URL, that you specify as an exception to remediation actions. The excluded entity can still get detected, but no remediation actions are taken on that entity. That is, the detected file or process wonΓÇÖt be stopped, sent to quarantine, removed, or otherwise changed by Microsoft Defender for Endpoint.
The procedures in this section describe how to define exclusions and indicators.
In general, you should not need to define exclusions for Microsoft Defender Antivirus. Make sure that you define exclusions sparingly, and that you only include the files, folders, processes, and process-opened files that are resulting in false positives. In addition, make sure to review your defined exclusions regularly. We recommend using [Microsoft Endpoint Manager](/mem/endpoint-manager-overview) to define or edit your antivirus exclusions; however, you can use other methods, such as [Group Policy](/azure/active-directory-domain-services/manage-group-policy) (see [Manage Microsoft Defender for Endpoint](manage-atp-post-migration.md)). > [!TIP]
-> Need help with antivirus exclusions? See [Configure and validate exclusions for Microsoft Defender Antivirus scans](/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus).
+> Need help with antivirus exclusions? See [Configure and validate exclusions for Microsoft Defender Antivirus scans](configure-exclusions-microsoft-defender-antivirus.md).
#### Use Microsoft Endpoint Manager to manage antivirus exclusions (for existing policies)
In general, you should not need to define exclusions for Microsoft Defender Anti
[Indicators](/microsoft-365/security/defender-endpoint/manage-indicators) (specifically, indicators of compromise, or IoCs) enable your security operations team to define the detection, prevention, and exclusion of entities. For example, you can specify certain files to be omitted from scans and remediation actions in Microsoft Defender for Endpoint. Or, indicators can be used to generate alerts for certain files, IP addresses, or URLs.
-To specify entities as exclusions for Microsoft Defender for Endpoint, create "allow" indicators for those entities. Such "allow" indicators in Microsoft Defender for Endpoint apply to [next-generation protection](/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10), [endpoint detection and response](/microsoft-365/security/defender-endpoint/overview-endpoint-detection-response), and [automated investigation & remediation](/microsoft-365/security/defender-endpoint/automated-investigations).
+To specify entities as exclusions for Microsoft Defender for Endpoint, create "allow" indicators for those entities. Such "allow" indicators in Microsoft Defender for Endpoint apply to [next-generation protection](microsoft-defender-antivirus-in-windows-10.md), [endpoint detection and response](overview-endpoint-detection-response.md), and [automated investigation & remediation](/microsoft-365/security/defender-endpoint/automated-investigations).
"Allow" indicators can be created for:
Before you create indicators for IP addresses, URLs, or domains, make sure the f
- Antimalware client version is 4.18.1906.x or later - Devices are running Windows 10, version 1709, or later
-Custom network indicators are turned on in the Microsoft Defender Security Center (see [Advanced features](/microsoft-365/security/defender-endpoint/advanced-features))
+Custom network indicators are turned on in the [Microsoft 365 Defender](microsoft-defender-security-center.md). To learn more, see [Advanced features](/microsoft-365/security/defender-endpoint/advanced-features).
#### Indicators for application certificates When you [create an "allow" indicator for an application certificate](/microsoft-365/security/defender-endpoint/indicator-certificates), it helps prevent applications, such as internally developed applications, that your organization uses from being blocked. `.CER` or `.PEM` file extensions are supported. Before you create indicators for application certificates, make sure the following requirements are met:-- Microsoft Defender Antivirus is configured with cloud-based protection enabled (see [Manage cloud-based protection](/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus))+
+- Microsoft Defender Antivirus is configured with cloud-based protection enabled (see [Manage cloud-based protection](deploy-manage-report-microsoft-defender-antivirus.md))
- Antimalware client version is 4.18.1901.x or later - Devices are running Windows 10, version 1703 or later; Windows Server 2016; or Windows Server 2019 - Virus and threat protection definitions are up to date
Depending on the [level of automation](/microsoft-365/security/defender-endpoint
If you have worked through all the steps in this article and still need help, contact technical support.
-1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in.
+1. Go to the Microsoft 365 Defender ([https://security.microsoft.com](https://security.microsoft.com)) and sign in.
2. In the upper right corner, select the question mark (**?**), and then select **Microsoft support**.
If you have worked through all the steps in this article and still need help, co
[Manage Microsoft Defender for Endpoint](manage-atp-post-migration.md)
-[Overview of Microsoft Defender Security Center](/microsoft-365/security/defender-endpoint/use)
+[Overview of Microsoft 365 Defender portal](/microsoft-365/security/defender-endpoint/use)
security Deployment Vdi Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/deployment-vdi-microsoft-defender-antivirus.md
localization_priority: Normal
Previously updated : 12/28/2020 Last updated : 06/11/2021 ms.technology: mde
# Deployment guide for Microsoft Defender Antivirus in a virtual desktop infrastructure (VDI) environment -- **Applies to:** - [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/)
Sometimes, Microsoft Defender Antivirus notifications may be sent to or persist
4. Deploy your Group Policy object as you usually do.
-Suppressing notifications prevents notifications from Microsoft Defender Antivirus from showing up in the Action Center on Windows 10 when scans are done or remediation actions are taken. However, your security operations team will see the results of the scan in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)).
+Suppressing notifications prevents notifications from Microsoft Defender Antivirus from showing up in the Action Center on Windows 10 when scans are done or remediation actions are taken. However, your security operations team will see the results of the scan in the [Microsoft 365 Defender portal](microsoft-defender-security-center.md).
> [!TIP] > To open the Action Center on Windows 10, take one of the following steps:
security Edr In Block Mode https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/edr-in-block-mode.md
localization_priority: Normal
- next-gen - edr Previously updated : 05/08/2021 Last updated : 06/11/2021 - m365-security-compliance - m365initiative-defender-endpoint
The following image shows an instance of unwanted software that was detected and
> [!IMPORTANT] > Make sure the [requirements](#requirements-for-edr-in-block-mode) are met before turning on EDR in block mode.
-1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in.
+1. Go to the [Microsoft 365 Defender portal](microsoft-defender-security-center.md) and sign in.
2. Choose **Settings** > **Advanced features**.
security Linux Resources https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-resources.md
Title: Microsoft Defender for Endpoint on Linux resources-+ description: Describes resources for Microsoft Defender for Endpoint on Linux, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product. keywords: microsoft, defender, Microsoft Defender for Endpoint, linux, installation, deploy, uninstallation, puppet, ansible, linux, redhat, ubuntu, debian, sles, suse, centos search.product: eADQiWindows 10XVcnh
localization_priority: Normal audience: ITPro-+ - m365-security-compliance ms.technology: mde
ms.technology: mde
**Applies to:**+ - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
If you can reproduce a problem, first increase the logging level, run the system
```bash mdatp log level set --level info ```+ ```Output Log level configured successfully ```
If you can reproduce a problem, first increase the logging level, run the system
If an error occurs during installation, the installer will only report a general failure.
-The detailed log will be saved to `/var/log/microsoft/mdatp_install.log`. If you experience issues during installation, send us this file so we can help diagnose the cause.
+The detailed log will be saved to `/var/log/microsoft/mdatp/install.log`.
+If you experience issues during installation, send us this file so we can help diagnose the cause.
## Uninstall
The following table lists commands for some of the most common scenarios. Run `m
|Group |Scenario |Command | |-|--|--| |Configuration |Turn on/off real-time protection |`mdatp config real-time-protection --value [enabled\|disabled]` |
-|Configuration |Turn on/off behavior monitoring |`mdatp config behavior-monitoring --value [enabled\|disabled]`
+|Configuration |Turn on/off behavior monitoring |`mdatp config behavior-monitoring --value [enabled\|disabled]`
|Configuration |Turn on/off cloud protection |`mdatp config cloud --value [enabled\|disabled]` | |Configuration |Turn on/off product diagnostics |`mdatp config cloud-diagnostic --value [enabled\|disabled]` | |Configuration |Turn on/off automatic sample submission |`mdatp config cloud-automatic-sample-submission [enabled\|disabled]` |
security Manage Atp Post Migration Configuration Manager https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-atp-post-migration-configuration-manager.md
- M365-security-compliance - m365solution-scenario Previously updated : 09/22/2020 Last updated : 06/11/2021
We recommend using We recommend using [Microsoft Endpoint Manager](/mem), which
## Configure your Microsoft Defender Security Center
-If you haven't already done so, **configure your Microsoft Defender Security Center** ([https://securitycenter.windows.com](https://securitycenter.windows.com)) to view alerts, configure threat protection features, and view detailed information about your organization's overall security posture.
-
-You can also configure whether and what features end users can see in the Microsoft Defender Security Center.
+If you haven't already done so, configure your Microsoft 365 Defender portal to view alerts, configure threat protection features, and view detailed information about your organization's overall security posture. See [Microsoft Defender Security Center](microsoft-defender-security-center.md). You can also configure whether and what features end users can see in the Microsoft 365 Defender portal.
- [Overview of the Microsoft Defender Security Center](/microsoft-365/security/defender-endpoint/use)
security Manage Atp Post Migration Group Policy Objects https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-atp-post-migration-group-policy-objects.md
- M365-security-compliance - m365solution-scenario Previously updated : 09/22/2020 Last updated : 06/11/2021
The following table lists various tasks you can perform to configure Microsoft D
## Configure your Microsoft Defender Security Center
-If you haven't already done so, **configure your Microsoft Defender Security Center** ([https://securitycenter.windows.com](https://securitycenter.windows.com)) to view alerts, configure threat protection features, and view detailed information about your organization's overall security posture.
-
-You can also configure whether and what features end users can see in the Microsoft Defender Security Center.
+If you haven't already done so, configure your Microsoft 365 Defender portal to view alerts, configure threat protection features, and view detailed information about your organization's overall security posture. See [Microsoft Defender Security Center](microsoft-defender-security-center.md). You can also configure whether and what features end users can see in the Microsoft 365 Defender portal.
- [Overview of the Microsoft Defender Security Center](/microsoft-365/security/defender-endpoint/use)
security Manage Atp Post Migration Intune https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-atp-post-migration-intune.md
- M365-security-compliance - m365solution-scenario Previously updated : 09/22/2020 Last updated : 06/11/2021
The following table lists various tasks you can perform to configure Microsoft D
## Configure your Microsoft Defender Security Center
-If you haven't already done so, **configure your Microsoft Defender Security Center** ([https://securitycenter.windows.com](https://securitycenter.windows.com)) to view alerts, configure threat protection features, and view detailed information about your organization's overall security posture.
-
-You can also configure whether and what features end users can see in the Microsoft Defender Security Center.
+If you haven't already done so, configure your Microsoft 365 Defender portal to view alerts, configure threat protection features, and view detailed information about your organization's overall security posture. See [Microsoft Defender Security Center](microsoft-defender-security-center.md). You can also configure whether and what features end users can see in the Microsoft 365 Defender portal.
- [Overview of the Microsoft Defender Security Center](/microsoft-365/security/defender-endpoint/use)
security Turn On Definition Retirement https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/turn-on-definition-retirement.md
ms.sitesec: library
localization_priority: Normal Previously updated : 05/07/2021 Last updated : 06/10/2021
You can configure definition retirement using Group Policy. Definition retiremen
> [!TIP] > Are you using Group Policy Objects on premises? See how they translate in the cloud. [Analyze your on-premises group policy objects using Group Policy analytics in Microsoft Endpoint Manager - Preview](/mem/intune/configuration/group-policy-analytics).
-## Related articles
--- [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md)
-
-- [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md)--- [How to create and deploy antimalware policies: Cloud-protection service](/configmgr/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service)
security M365d Pilot https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/m365d-pilot.md
This guide helps you run a pilot project by providing pointers to ensure you hav
![Phases in running a Microsoft 365 Defender pilot](../../media/pilotphases.png)
-Running a pilot helps you effectively determine the benefit of adoptiing Microsoft 365 Defender. Before enabling Microsoft 365 Defender in your production environment and starting your use cases, it's best to plan to determine the tasks to accomplish for your pilot project and set the success criteria.
+Running a pilot helps you effectively determine the benefit of adopting Microsoft 365 Defender. Before enabling Microsoft 365 Defender in your production environment and starting your use cases, it's best to plan to determine the tasks to accomplish for your pilot project and set the success criteria.
## How to use this pilot playbook
security Microsoft Secure Score https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-secure-score.md
With read and write access, you can make changes and directly interact with Secu
* Security administrator * Exchange administrator * SharePoint administrator
-* Account administrator
### Read-only roles
With read-only access, you aren't able to edit status or notes for an improvemen
* Helpdesk administrator * User administrator
-* Service administrator
+* Service support administrator
* Security reader * Security operator * Global reader
If you have any issues, let us know by posting in the [Security, Privacy & Compl
- [Assess your security posture](microsoft-secure-score-improvement-actions.md) - [Track your Microsoft Secure Score history and meet goals](microsoft-secure-score-history-metrics-trends.md) - [What's coming](microsoft-secure-score-whats-coming.md)-- [What's new](microsoft-secure-score-whats-new.md)
+- [What's new](microsoft-secure-score-whats-new.md)
security Streaming Api Event Hub https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/streaming-api-event-hub.md
ms.technology: mde
3. Create an Event Hub Namespace, go to **Event Hub > Add** and select the pricing tier, throughput units and Auto-Inflate appropriate for expected load. For more information, see [Pricing - Event Hub | Microsoft Azure](https://azure.microsoft.com/en-us/pricing/details/event-hubs/). ### Add contributor permissions
-Once the Event Hub namespace is created you will need to add the App Registration Service Principal as Reader, Azure Event Hub Data Receiver, and the user who will be logging into Microsoft 365 Defender as Contributor (this can also be done at Resource Group or Subscription level).
+Once the Event Hub namespace is created you will need to:
+1. Define the user who will be logging into Microsoft 365 Defender as Contributor.
-Go to **Event hubs namespace > Access control (IAM) > Add** and verify under **Role assignments**.
+2. If you are connecting to an application, add the App Registration Service Principal as Reader, Azure Event Hub Data Receiver (this can also be done at Resource Group or Subscription level).
+
+ Go to **Event hubs namespace > Access control (IAM) > Add** and verify under **Role assignments**.
## Enable raw data streaming
Go to **Event hubs namespace > Access control (IAM) > Add** and verify under **R
## The schema of the events in Azure Event Hub
-```
+```JSON
{ "records": [ {
To get the data types for event properties do the following:
2. Run the following query to get the data types mapping for each event:
- ```
+ ```kusto
{EventType} | getschema | project ColumnName, ColumnType
security Address Compromised Users Quickly https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/address-compromised-users-quickly.md
search.appverid:
- MET150 - MOE150 Previously updated : 02/25/2020 Last updated : 06/10/2021 description: Learn how to speed up the process of detecting and addressing compromised user accounts with automated investigation and response capabilities in Microsoft Defender for Office 365 Plan 2. ms.technology: mdo ms.prod: m365-security
ms.prod: m365-security
# Address compromised user accounts with automated investigation and response - **Applies to** - [Exchange Online Protection](exchange-online-protection-overview.md) - [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)
When a user account is compromised, alerts are triggered. And in some cases, tha
You have a few options for navigating to a list of restricted users. For example, in the Security & Compliance Center, you can go to **Threat management** \> **Review** \> **Restricted Users**. The following procedure describes navigation using the **Alerts** dashboard, which is a good way to see various kinds of alerts that might have been triggered.
-1. Go to <https://protection.office.com> and sign in.
+1. Go to [https://protection.office.com](https://protection.office.com) and sign in.
2. In the navigation pane, choose **Alerts** \> **Dashboard**.
security Defender For Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/defender-for-office-365.md
Microsoft Defender for Office 365 is included in certain subscriptions, such as
New features are added to Microsoft Defender for Office 365 continually. To learn more, see the following resources: -- [Microsoft 365 Roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=advanced%2Cthreat%2Cprotection) provides a list of new features in development and rolling out.
+- [Microsoft 365 Roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=Microsoft%2CDefender%2Cfor%2COffice%2C365) provides a list of new features in development and rolling out.
- [Microsoft Defender for Office 365 Service Description](/office365/servicedescriptions/office-365-advanced-threat-protection-service-description#whats-new-in-office-365-advanced-threat-protection-atp) describes features and availability across Defender for Office 365 plans.
security Integrate Office 365 Ti With Mde https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/integrate-office-365-ti-with-mde.md
keywords: integrate, Microsoft Defender, Microsoft Defender for Endpoint
Previously updated : 01/21/2021 Last updated : 06/10/2021 audience: ITPro localization_priority: Normal
The following image depicts what the **Devices** tab looks like when you have Mi
![When Microsoft Defender for Endpoint is enabled, you can see a list of devices with alerts.](../../media/fec928ea-8f0c-44d7-80b9-a2e0a8cd4e89.PNG)
-In this example, you can see that the recipients of the detected email message have four devices and one has an alert. Clicking the link for a device opens its page in the Microsoft Defender Security Center (<https://securitycenter.windows.com>).
+In this example, you can see that the recipients of the detected email message have four devices and one has an alert. Clicking the link for a device opens its page in [Microsoft 365 Defender](../defender-endpoint/microsoft-defender-security-center.md) (formerly the Microsoft Defender Security Center).
> [!TIP]
-> **[Learn more about the Microsoft Defender Security Center](/windows/security/threat-protection/microsoft-defender-atp/use)** (also referred to as the Microsoft Defender for Endpoint portal.)
+> The Microsoft 365 Defender portal replaces the Microsoft Defender Security Center. See [Microsoft Defender for Endpoint in Microsoft 365 Defender](../defender/microsoft-365-security-center-mde.md).
## Requirements - Your organization must have Microsoft Defender for Office 365 (or Office 365 E5) and Microsoft Defender for Endpoint. -- You must be a global administrator or have a security administrator role (such as Security Administrator) assigned in the [Security & Compliance Center](https://protection.office.com). (See [Permissions in the Security & Compliance Center](permissions-in-the-security-and-compliance-center.md))
+- You must be a global administrator or have a security administrator role (such as Security Administrator) assigned in Microsoft 365. (See [Permissions in the Security & Compliance Center](permissions-in-the-security-and-compliance-center.md))
-- You must have access to both [Explorer (or real-time detections)](threat-explorer.md) in the Security & Compliance Center and the Microsoft Defender Security Center.
+- You must have access to [Explorer (or real-time detections)](threat-explorer.md).
## To integrate Microsoft Defender for Office 365 with Microsoft Defender for Endpoint
-Integrating Microsoft Defender for Office 365 with Microsoft Defender for Endpoint is set up by using both the Security & Compliance Center AND the Microsoft Defender Security Center.
+Integrating Microsoft Defender for Office 365 with Microsoft Defender for Endpoint is set up in both Defender for Endpoint and Defender for Office 365.
-1. As a global administrator or a security administrator, go to <https://protection.office.com> and sign in. (This takes you to the Office 365 Security & Compliance Center.)
+1. As a global administrator or a security administrator, go to [https://protection.office.com](https://protection.office.com) and sign in. (This takes you to the Office 365 Security & Compliance Center.)
2. In the navigation pane, choose **Threat management** \> **Explorer**.
Integrating Microsoft Defender for Office 365 with Microsoft Defender for Endpoi
![Microsoft Defender for Endpoint connection](../../media/Explorer-WDATPConnection-dialog.png)
-5. Go to the Microsoft Defender Security Center (<https://securitycenter.windows.com>).
+5. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com).
6. In the navigation bar, choose **Settings**. Then, under **General**, choose **Advanced features**.
security User Tags https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/user-tags.md
If your organization has Defender for Office 365 Plan 2 (included in your subscr
After you apply system tags or custom tags to users, you can use those tags as filters in alerts, reports, and investigations: - [Alerts](alerts.md)-- [Custom alert policies](alert-policies.md#viewing-alerts)
+- [Custom alert policies](../../compliance/alert-policies.md#viewing-alerts)
- [Threat Explorer and real-time detections](threat-explorer.md) - [Email entity page](mdo-email-entity-page.md#other-innovations) - [Threat protection status report](view-email-security-reports.md#threat-protection-status-report)
solutions Cloud Architecture Models https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/cloud-architecture-models.md
This series of topics illustrates several architecture approaches for mergers, a
|**Item**|**Description**| |:--|:--|
-|[![Thumb image for Microsoft cloud tenant-to-tenant migrations](../media/solutions-architecture-center/msft-tenant-to-tenant-migration-thumb.png)](https://download.microsoft.com/download/b/a/1/ba19dfe7-96e2-4983-8783-4dcff9cebe7b/microsoft-365-tenant-to-tenant-migration.pdf) <br/> [PDF](https://download.microsoft.com/download/b/a/1/ba19dfe7-96e2-4983-8783-4dcff9cebe7b/microsoft-365-tenant-to-tenant-migration.pdf) \| [Visio](https://github.com/MicrosoftDocs/microsoft-365-docs/raw/public/microsoft-365/downloads/Microsoft-365-tenant-to-tenant-migration.vsdx) <br>Updated February 2021 |This model contains: <ul><li>A mapping of business scenarios to architecture approaches</li><li>Design considerations</li><li>Single event migration flow example</li><li>Phased migration flow example</li><li>Tenant move or split flow example</li></ul>|
+|[![Thumb image for Microsoft cloud tenant-to-tenant migrations](../media/solutions-architecture-center/msft-tenant-to-tenant-migration-thumb.png)](https://download.microsoft.com/download/b/a/1/ba19dfe7-96e2-4983-8783-4dcff9cebe7b/microsoft-365-tenant-to-tenant-migration.pdf) <br/> [PDF](https://download.microsoft.com/download/b/a/1/ba19dfe7-96e2-4983-8783-4dcff9cebe7b/microsoft-365-tenant-to-tenant-migration.pdf) \| Updated February 2021 |This model contains: <ul><li>A mapping of business scenarios to architecture approaches</li><li>Design considerations</li><li>Single event migration flow example</li><li>Phased migration flow example</li><li>Tenant move or split flow example</li></ul>|
<a name="attacks"></a> ### Common attacks and Microsoft capabilities that protect your organization