Windows server 2012 r2 standard evaluation product key activation free
In addition, if you use the Japanese IME, you can choose to include automatic learning information in conversion error reports. Microsoft uses the information to improve our products and services. After a certain number of conversion errors are stored, the Mis-Conversion Report Tool will ask whether you want to send a conversion error report. You can view the information contained in each report before choosing whether to send it.
You can also turn on automatic sending of conversion error reports in IME Settings. Depending on the IME you use, you might be able to use word registration to report unsupported words words that might not be converted correctly to ideograms from keyboard input. Registration reports can include the information you provide in the Add Word dialog box about the words being reported, and the software version number for an IME.
These reports might include personal information, for example, if you add personal names using word registration.
You have the opportunity to review the data being sent with each report before you choose to send it. Microsoft uses the information to help improve our products and services. You can view the information contained in the report before choosing whether to send it. When you share your Internet connection for the first time, Windows will automatically generate and store a network name and password.
You can change these at any time. Windows also syncs other information to let you remotely start Internet connection sharing from your other trusted devices. This information is used to set up Internet connection sharing.
If you sign in to a device that supports Internet connection sharing with your Microsoft account, and you add the device as a trusted device, the information necessary to remotely start Internet connection sharing will be synced to OneDrive.
You can stop syncing the information by choosing not to sync passwords. For more info, see the “Sync settings” section of this page. When you print using this feature, you must first connect and authenticate yourself to an Internet print server. The information that you’ll need to submit to the print server will vary depending on the level of security that the print server supports for example, you might be asked to provide a user name and password.
The information collected enables you to print using remote printers. If you send information to a third-party print server, use of the information will be subject to the third party’s privacy practices. You can turn Internet printing on or off by opening Programs and Features in Control Panel, and then selecting Turn Windows features on or off.
You can add the languages you prefer to use to your language list in Windows 8. Apps and websites appear in the first language available in that list. When you visit websites and install apps on your PC, your list of preferred languages is sent to the websites you visit and is available to the apps you use so they can provide content in your preferred languages.
Microsoft doesn’t use any language information to identify or contact you. Language information sent or used by third-party websites and apps is subject to the privacy practices of the third-party website or app publisher. Your list of preferred languages is available to the apps you install and websites you visit. You can add or remove languages from this list in Language preferences in Control Panel. Windows location services consist of two components.
Windows Location Provider connects to a Microsoft online service to determine your location. If you let an app use your location, in addition to providing your location while you use the app, Windows Location Platform can tell the app when your PC moves inside or outside of app-defined geographical boundaries.
For example, an app could let you set a reminder to pick up groceries when you leave work. For example, you can install devices such as a GPS receiver that might send location information directly to an app and bypass the platform. Regardless of your Windows Location Platform settings, online services can use your IP address to determine its approximate location—usually the city your PC is in.
If an app sets up geographical boundaries to monitor, those boundaries are stored encrypted on your PC. The information stored about these boundaries includes a name, a location, and whether your PC was inside or outside the boundary the last time its location was determined.
Apps that set up geographical boundaries might transmit or store this information. If you choose to customize settings, you can control the Windows Location Platform by selecting Let Windows and apps request my location from the Windows Location Platform under Share info with Microsoft and other services. Each user can control their own location settings for apps in Privacy in PC settings. In addition, administrators can choose to turn off the location platform for all users in Location Settings in Control Panel.
To prevent apps from being notified when geographic boundaries defined by apps are crossed, an administrative user can turn off the Windows Location Framework Service in Control Panel.
This list of access points is encrypted when stored on disk so that apps can’t directly access it. The GPS information includes observed latitude, longitude, direction, speed, and altitude. The information is used by the Windows Location Provider to give Windows Location Platform the approximate location of your PC when an authorized app requests it. For more info about how to control whether apps can request your PC’s location, see the Windows Location Platform section. If you choose express settings while setting up Windows, you choose to help improve the Microsoft Location Service.
If you choose to customize settings, you can control whether to help improve the Microsoft Location Service by selecting Send some location data to Microsoft when location-aware apps are used under Help improve Microsoft products and services.
Windows lets you connect Windows Store apps to accounts you use for websites. When an app asks for credentials to sign in to a website, you can choose to save those credentials. The credentials are stored encrypted on your PC. For more info about how these and other credentials may be synced to OneDrive, see the “Sync settings” section of this page. Windows only uses the saved credentials to help you sign in to the websites you have selected.
If you save credentials while connecting an app to a website, the saved credentials won’t be used in Internet Explorer or other apps. You can manage saved credentials in Credential Manager in Control Panel. For more information about how these and other credentials may be synced to OneDrive, see the “Sync settings” section of this page.
To provide personalized content, apps can request your name and account picture from Windows. Your name and account picture are displayed under Your account in Accounts in PC settings. If you sign in to Windows with a Microsoft account, Windows will use the name and account picture associated with that account.
If you allow apps to access your name and account picture, Windows will provide that information to all apps that request it. If you sign in to Windows with a domain account, and you choose to allow apps to use your name and account picture, apps that can use your Windows credentials will be allowed to access certain other forms of your domain account information. This information includes, for example, your user principal name like jack contoso.
If you sign in to Windows with a Microsoft account, or if you sign in to Windows with a domain account connected to a Microsoft account, Windows can automatically sync your account picture on your PC with your Microsoft account picture.
If you choose express settings while setting up Windows, Windows will allow apps to access your name and account picture. If you choose to customize settings, you can control access to your name and account picture by selecting Let apps use my name and account picture under Share info with Microsoft and other services.
After setting up Windows, you can turn change this setting in Privacy in PC settings. You can change your account picture in Accounts in PC settings. You can also choose to allow certain apps to change your account picture. If you have a subscription plan for network access for example, via a mobile broadband connection , this feature provides information about your subscription plan to apps and Windows features on your PC.
Windows features and apps can use this information to optimize their behavior. This feature also provides information about your network connection, such as signal strength and whether your PC is connected to the Internet. This feature collects Internet and intranet network connectivity information, such as the Domain Name Service DNS suffix of your PC, network name, and gateway address of the networks that your PC connects to.
This feature also receives subscription plan information such as the amount of data remaining in the plan. Network connectivity profiles can include a history of all networks visited and the date and time of the last connection. This feature can attempt to connect to a Microsoft server to determine whether you’re connected to the Internet.
The only data sent to Microsoft during network connectivity checks is standard PC information. If data is sent to Microsoft, it is only used to provide network connectivity status. Network connectivity status is made available to apps and features on your PC that request network connectivity information. If you use a third-party app, use of the information collected will be subject to the third party’s privacy practices. Network Awareness is on by default. An administrator can turn it off using the Services options in Administrative Tools in Control Panel.
Disabling this feature isn’t recommended because it will prevent some Windows features from functioning properly. Windows Store apps can automatically receive content and display notifications in several ways. They can, for example, receive notifications that are displayed briefly in the corner of the screen or on app tiles if those tiles are pinned to Start. The lock screen can display detailed or brief status for certain apps as well. App publishers can send content to your Windows Store apps through the Windows Push Notification Service running on Microsoft servers, or the apps can download information directly from third-party servers.
Windows Store apps can deliver periodic or real-time information to you that will be displayed briefly as notifications in the corner of the screen. Apps can display text, images, or both in notifications. The contents of notifications can be provided locally by the app for example, an alarm from a clock app. Notifications can also be sent from an app’s online service through the Windows Push Notification Service for example, a social network update. Images displayed in notifications may be downloaded directly from a server specified by the app publisher; when that happens, standard computer information will be sent to that server.
Microsoft only uses notification information to deliver notifications from your apps to you. Some Windows Store apps can display status and notifications on the screen when your PC is locked. Lock screen apps can also perform tasks while the PC is locked, such as syncing email in the background or letting you answer incoming phone calls.
You can also use your PCs camera directly from the lock screen. Lock screen apps could also transmit or process other information unrelated to notifications and updates. Windows uses the status and notification information provided by the lock screen apps to update the lock screen.
After you set up Windows, the Mail, Calendar, and Skype apps are automatically set as lock screen apps. You can also choose one app to persistently display detailed status for example, details for the next appointment on your calendar on the lock screen. Store apps that are pinned to Start can update their tiles with text, images, or both. If tile content is downloaded directly from a server specified by the app publisher, standard computer information will be sent to that server.
Microsoft only uses tile information to deliver tile updates from your apps to you. To clear the current updates displayed on your Start tiles, swipe from the right side or point to the upper right corner of Start, tap or click Settings , and then tap or click Tiles. Tap or click the Clear button under Clear personal info from my tiles. Tile updates delivered after you clear the current updates will continue to appear.
Order Prints enables you to send digital pictures stored on your PC or a network drive to an online photo printing service of your choice. Depending on the service, you can have your pictures printed and then delivered using postal mail or you can pick up the prints at a local store. If you decide to place an order with an online photo printing service, your digital photos are sent over the Internet to the service that you selected. The file path to the digital pictures that you select which might include your user name might be sent to the service in order to allow the service to display and upload the images.
Digital picture files might contain data about the image that was stored with the file by the camera, such as the date and time that the picture was taken or the location where the picture was taken if your camera has GPS capabilities.
The files might also contain personal information such as captions that might have been associated with the file through the use of digital picture management apps and File Explorer. For more information, see the Properties section below. Information you enter on the online photo printing services website is transmitted to the service. The information stored in the digital picture files by the camera might be used by the online photo printing service during the printing process, for example, to adjust the color or sharpness of the image before it is printed.
Information stored by digital picture management apps might be used by the online photo printing service to print as captions on the front or back of the print copy. You can use Order Prints to choose which pictures to send and which service to use to print your pictures.
Some picture management apps might be able to help you remove stored personal information before sending pictures to be printed. You might also be able to edit the properties of the file to remove stored personal information. Windows helps apps and Windows features launch faster by keeping track of when and how frequently those apps and features are used and which system files they load.
When you use an app or Windows feature, Windows saves some information on your PC about the system files used as well as when and how frequently the app or feature was used. Windows uses the information about app and feature usage to help apps and features launch faster. In some cases, apps may be automatically launched in a suspended state. Apps that are automatically launched and suspended appear in Task Manager and can be terminated.
While suspended, those apps cannot access your webcam or microphone until you launch them, even if you have previously enabled that functionality. If an incompatibility problem is found with a desktop app that you try to run, Program Compatibility Assistant will try to help you resolve it. If an incompatibility problem is found with an app you attempt to run, a report is generated that includes information such as the app name, app version, the needed compatibility settings, and your actions with the app so far.
Error reports are used to provide you with responses to problems that you report for your apps. Responses contain links when available to the app publisher’s website so you can learn more about possible solutions. Error reports created due to app failures are used to try to determine which setting to adjust when you encounter compatibility problems for the apps that you’re running on this version of Windows. Information reported through CEIP is used to identify app compatibility problems.
For problems reported through Windows Error Reporting, an error report is created only when you select the option to check online for a solution. Unless you have previously consented to report problems automatically so you can check for solutions, you’re asked if you want to send the error report. For more information, see the Windows Error Reporting section. Properties are file information that allow you to quickly search and organize your files. Some properties are intrinsic to the file for example, the size of the file while others might be specific to an app or device for example, the settings of your camera when you took a photo or the location data recorded by the camera for the photo.
The type of information stored will depend upon the type of file and the apps that use it. Examples of properties include file name, date modified, file size, author, keywords, and comments. Properties are stored in the file, and they move with the file if it is moved or copied to another location, such as a file share, or sent as an email attachment. Properties can help you more quickly search and organize your files. They can also be used by apps to perform app-specific tasks.
You can edit or remove some properties for a file by selecting the file in File Explorer and clicking Properties. For app-specific properties, you can edit or remove them only if the app used to generate the file supports these features. If your PC has near-field communication NFC hardware, you can physically tap it against another device or accessory with NFC hardware to share links, files, and other information.
There are two types of proximity connections: Tap and Do and Tap and Hold. With Tap and Hold, the connection is active only as long as the devices are held next to each other. When you tap proximity enabled devices together, they exchange information to establish a connection with each other. Windows can send files, links, and other information between devices using a proximity connection. Apps that use proximity can send and receive any information they have access to.
This information might be sent through your network or Internet connection, or directly through a device-to-device wireless connection. Network and PC information exchanged over a proximity connection is used to establish a network connection, and to identify the devices connecting to each other.
Data transferred through a proximity connection initiated within an app can be used by that app in any way. Near field proximity service is on by default. An administrator can turn it off using the options provided in Devices and Printers in Control Panel.
Windows Tap and Send makes it easy to share selected information with a friend standing next to you or with another one of your devices such as a mobile phone.
The next device you tap will receive a link to the webpage currently being displayed. This also works with any app that supports sharing information, such as pictures, text, or files. Tap and Send uses the information you’re sharing and the information described in the Near field proximity service section above. This information is only used to create the connection between the two devices. If Near-field proximity service is turned on, Tap and Send is also turned on.
For more information, see the Near-field proximity service section. VPN technologies allow users to connect to a private network, such as a corporate network, over the Internet. A Remote Access connections component, Dial-up Networking, allows you to access the Internet using a dial-up modem or broadband technology such as a cable modem or a digital subscriber line DSL.
The dialer components collect information from your PC such as your user name, password, and domain name. This information is sent to the system that you’re attempting to connect with. To help protect your privacy and the security of your PC, security-related information such as your user name and password are encrypted and stored on your PC. Dialer information is used to help your PC connect to the Internet. A remote access server might keep the user name and IP address information for accounting and compliance purposes, but no information is sent to Microsoft.
For non-command-line dialers, you can choose to save your password by selecting Save this user name and password. You can clear that option at any time to delete the previously saved password from the dialer. Because this option is turned off by default, you might be prompted to provide your password to connect to the Internet or a network. For command-line dialers like rasdial, there is no option to save your password.
RemoteApp and Desktop Connections let you access apps and desktops on remote PCs that have been made available online for remote access. When you enable a connection, configuration files are downloaded to your PC from the remote URL you specify. These configuration files link apps and desktops on remote PCs so that you can run them from your PC.
Your PC will automatically check for and download updates to these configuration files periodically. These apps run on remote PCs, and information you enter into the apps is transmitted across the network to the remote PCs you chose to connect with.
If Microsoft is hosting the PC or app that you’re connecting to, additional information about your connection might be sent to Microsoft for support purposes. Updates to configuration files might include settings changes including providing you with access to new apps; however, new apps will run only if you choose to run them. This feature also sends information to the remote PCs on which the remote apps run. No information is sent to Microsoft unless the remote connection is hosted by Microsoft.
You can choose whether you want to use RemoteApp and Desktop Connections. You can also use your email address to retrieve the Connection URL. You can remove a connection and its connection files by clicking Remove on the connections description dialog box. If you disconnect a connection without closing all open apps, these apps will remain open on the remote PC.
Remote Desktop connection provides a way for you to establish a remote connection with a host PC that is running Remote Desktop Services. These settings include the name of your domain and connection configuration settings, such as remote PC name, user name, display information, local device information, audio information, clipboard, connection settings, remote app names, and session icon or thumbnail.
Credentials for these connections, Remote Desktop Gateway credentials, and a list of trusted Remote Desktop Gateway server names are stored locally on your PC. A list is stored in the registry. This list is stored permanently unless it is deleted by an administrator. Information collected by Remote Desktop connection allows you to connect to host PCs running Remote Desktop Services using your preferred settings.
User name, password, and domain information are collected to allow you to save your connection settings and to enable you to double-click an RDP file or click a favorite to launch a connection without having to re-enter this information. You can choose if you want to use Remote Desktop connection. If you use it, your RDP files and Remote Desktop connection favorites contain information required to connect to a remote PC, including the options and settings that were configured when the connection was automatically saved.
You can customize RDP files and favorites, including files for connecting to the same PC with different settings. A Microsoft account formerly known as Windows Live ID is a single email address and password you can use to sign in to apps, sites, and services from Microsoft and select Microsoft partners. You can sign up for a Microsoft account in Windows or on Microsoft websites that require you to sign in with a Microsoft account.
You can sign in to Windows with a Microsoft account or, on products that support it, choose to connect your local or domain account to a Microsoft account. If you do this, Windows can help make your PCs look and feel the same by automatically syncing settings and info in Windows and Microsoft apps.
If you visit a website where you use a Microsoft account to sign in, Windows will also sign you in to that website automatically. If you already use that email address as a Microsoft account, you can use it and the password for the Microsoft account to sign in to Windows. When you’re signed in to Windows with your Microsoft account or with a domain account connected to your Microsoft account:.
Certain Windows settings will sync between the PCs that you sign in to with your Microsoft account. For more info about what settings are synced and how to control them, see the “Sync settings” section of this page. Microsoft apps that use a Microsoft account for authentication like Mail, Calendar, People, Microsoft Office, and other apps can automatically begin downloading your info for example, the Mail app will automatically download the messages sent to your Outlook.
Web browsers can automatically sign you in to websites that you sign in to with your Microsoft account for example, if you visit Bing. Windows will ask your permission before allowing third-party apps to use profile information or other personal information associated with your Microsoft account. Because domain administrators are able to access any information on your PC, they’ll also be able to access any settings and info you’ve chosen to sync with other PCs through your Microsoft account.
This can include settings such as name, account picture, and browser history. When you create a new Microsoft account in Windows, we use the information you provide to create and help secure the account. To learn more about the privacy impact of having a Microsoft account, read the Microsoft account privacy statement.
For info about how individual Microsoft apps use information associated with your Microsoft account, see the privacy statements for each app. You can find the privacy statement for a Microsoft app by opening Settings from within the app, or in the About dialog.
Standard device information may be used to personalize certain communications to you, such as emails intended to help you get started with your device. When you sign in to Windows with a Microsoft account, some settings are synced automatically. To learn how to change which Windows settings are synced or to stop syncing, see the “Sync settings” section of this page.
To learn more about the data collected by Microsoft apps that use a Microsoft account for authentication, read their privacy statements. On products that support it, you can create a local account or Microsoft account at any time in Accounts in PC settings. If you sign in to Windows with a domain account, you can connect or disconnect your Microsoft account at any time in Accounts in PC settings.
During setup, if you choose to use OneDrive for cloud storage, Windows will automatically send content to Microsoft servers, including:. You may also choose to save content on Microsoft servers, and apps may choose to select Microsoft servers as the default save location for your files. Windows uses this content to provide the cloud storage service. Microsoft doesn’t use your content or information to identify, contact, or target advertising to you.
You can change these settings at any time in the OneDrive section of PC settings. When you sign in to Windows with a Microsoft account, Windows syncs some of your settings and info with Microsoft servers to make it easier to have personalized experiences across multiple PCs.
Settings you choose to sync will automatically update on Microsoft servers and your other PCs as you use them. If you choose to sign in to Windows with a Microsoft account, Windows syncs certain settings with Microsoft servers. These settings include:. Personalization settings such as your account picture, lock screen image, background, and mouse settings. To help protect your privacy, all synced settings are sent encrypted via SSL.
If you sign in to Windows with a domain account connected to a Microsoft account, settings and info you’ve chosen will sync to your domain account. Passwords that you save while signed into Windows with a domain account connected to a Microsoft account will never be synced.
Because domain administrators can access any information on your PC, they’ll also be able to access any settings and info you’ve chosen to sync with other PCs through your Microsoft account.
Windows uses these settings and info to provide the syncing service. Microsoft doesn’t use your synced settings and info to identify, contact, or target advertising to you. When you sign in to Windows with a Microsoft account, your settings sync by default. You can choose to sync your settings, and control what is synced, by going to Sync settings in the OneDrive section of PC settings. If you sign in to Windows with a domain account and you choose to connect that account to a Microsoft account, Windows will ask which settings you want to sync before connecting your Microsoft account.
Teredo Technology Teredo allows PCs and networks to communicate over multiple networking protocols. If you use an app that requires Teredo to use IPv6 connectivity, or if you configure your firewall to always enable IPv6 connectivity, then Teredo will periodically contact the Microsoft Teredo service over the Internet. The only information sent to Microsoft is standard PC information and the name of the service requested for example, teredo.
Once the service is located, information is sent to maintain a connection with the IPv6 service. Using the netsh command line tool, you can change the query that the service sends over the Internet to use non-Microsoft servers instead, or you can turn it off. Limited authorization values are created to perform typical administrative actions and standard user actions and are managed by Windows. The file also contains the PC name, operating system version, creation user, and creation date information to assist you in recognizing the file.
The private portion of the Endorsement Key is never exposed outside of the TPM, and once it has been created, it usually can’t be reset. Windows does provide an interface for third-party apps like antimalware software to use the Endorsement Key for certain TPM scenarios, such as Measured Boot with Attestation.
For antimalware software the endorsement key and the endorsement key certificate also are useful to confirm boot measurements are provided by a TPM from a specific manufacturer. By default, only administrators or apps with administrative rights can use the TPM endorsement key.
You can choose to clear the TPM and reset it to factory defaults. Clearing the TPM removes owner information, and with the exception of the endorsement key, all TPM-based keys or cryptographic information that apps might have created when the TPM was in use. Certificates are used primarily to verify the identity of a person or device, authenticate a service, or encrypt files. Trusted root certification authorities are the organizations that issue certificates.
Update Root Certificates contacts the online Windows Update service to see if Microsoft has added a certification authority to its list of trusted authorities, but only when an app is presented with a certificate issued by a certification authority that isn’t directly trusted a certificate that isn’t stored in a list of trusted certificates on your PC.
If the certification authority has been added to the Microsoft list of trusted authorities, its certificate will automatically be added to the list of trusted certificates on your PC. Update Root Certificates sends a request to the online Windows Update service that asks for the current list of root certification authorities in the Microsoft Root Certificate Program.
If the untrusted certificate is on the list, Update Root Certificates obtains that certificate from Windows Update and places it in the trusted certificate store on your PC. The information transferred includes the names and cryptographic hashes of root certificates. The information is used by Microsoft to update the list of trusted certificates on your PC. Update Root Certificates is turned on by default. Windows Update is a service that provides you with software updates for Windows software and other supporting software, such as drivers supplied by device manufacturers.
Microsoft Update is a service that provides you with software updates for Windows software, as well as other Microsoft software such as Microsoft Office.
The Update Services collect info from your PC that allows Microsoft to operate and improve the services, such as:. The Microsoft software and other supporting software e. This helps us determine which updates are appropriate for you. Plug and Play ID numbers of hardware devices — a code assigned by the device manufacturer that identifies the device e. BIOS name, revision number, vendor, and revision date — info about the set of essential software routines that test your hardware, start the operating system on your PC, and transfer data among hardware devices connected to your PC.
You can use these Update Services by going to Windows Update in Control Panel and checking for updates or changing your settings to allow Windows to automatically install updates as they become available recommended. Within the Windows Update feature, you can choose whether to opt in to Microsoft Update. If the software runs, it will remove the malware listed on the Microsoft Support website.
During a Malware check, a report will be sent to Microsoft with specific info about malware detected, errors, and other info about your PC. The data sent to Microsoft is used to operate and maintain the Update Services. It is also used to generate aggregate statistics that help us analyze trends and improve our products and services, including the Update Services. To generate aggregate statistics, the update services use the GUID collected by the Update Services to track and record the number of individual computers that use the Update Services, and whether the download and installation of specific updates succeeds or fails.
The Update Services record the GUID of the computer that attempted the download and installation, the ID of the item that was requested, whether updates were available, and standard computer information. The MSRT information described above is used to help improve our anti-malware and other security products and services.
No information in the MSRT reports will be used to identify or contact you. If you turn on the Update Services, in order for them to properly function some software components on your system that make up or are directly related to the Update Services will need to be updated from time to time. These updates must be performed before the service can check for, download, or install other updates.
These required updates fix errors, provide ongoing improvements, and maintain compatibility with the Microsoft servers that support the service.
Software updates required to install or update Windows Store apps will be downloaded and installed automatically. These updates must be performed for apps to function properly. A token is similar to a cookie. It stores information in a small file that is placed on your hard disk by the Update Services server, and is used when your computer connects to the Update Services server to maintain a valid connection.
It is stored on your computer only, not on the server. This cookie or token contains information such as last scan time in order to find the most recently available updates. It contains information to manage what content should be downloaded to your computer, when that should happen, as well as a GUID to identify your computer to the server.
Information contained in the contents of the cookie or token is encrypted by the server with the exception of the cookie or token expiration time. This cookie or token is not a browser cookie, so it cannot be controlled with your browser settings. If you choose express settings while setting up Windows, the Windows Update service is turned on and set to install updates automatically. You can also choose whether to check for or automatically install Important and Recommended updates for your computer or Important updates only.
Optional updates are never installed automatically. You might be able to store these credentials on your PC. Administrators can configure specific apps to always route their traffic through the VPN, and to automatically connect to the VPN when those apps are launched. VPN clients use the credentials you provide to authenticate with the remote network, and to route network traffic to and from the remote network.
After a VPN connection has been set up, you can manually connect or disconnect it by selecting the network from the list in Settings. It can also collect information about performance and reliability problems that might occur.
If you choose to participate in Windows CEIP, Windows will send this data to Microsoft, and will also periodically download a file to collect more relevant information about how you use Windows and apps.
CEIP reports are sent to Microsoft to help improve the features our customers use most often, and to create solutions to common problems. Configuration information, including how many processors are in your PC, the number of network connections in use, screen resolutions for display devices, and which version of Windows is on your PC.
Performance and reliability information, including how quickly an app responds when you click a button, how many problems you experience with an app or a device, and how quickly information is sent or received over a network connection. App use information, including information such as how frequently you open apps, how often you use Windows Help and Support, which services you use to sign in to apps, and how many folders you typically create on your desktop.
Because most users decide to participate in CEIP within several days of setting up Windows, Microsoft uses this information to analyze and improve the Windows setup experience. This information is sent to Microsoft when you’re connected to the Internet. Microsoft filters the information contained in CEIP reports to try to remove any individual identifiers that they might contain. The GUID lets us determine which data is sent from a particular computer over time. CEIP might also periodically download a file to collect more relevant information about the way you useWindows and apps.
This file helps Windows collect additional information to help Microsoft create solutions for common problems and better understand usage patterns of Windows and apps. Microsoft uses CEIP information to improve our products and services, as well as third-party software and hardware designed for use with these products and services.
We use the GUID to distinguish how widespread the feedback we receive is and how to prioritize it. For example, the GUID allows Microsoft to distinguish between one customer experiencing a problem one hundred times and one hundred customers experiencing the same problem once. For more info, see CEIP frequently asked questions.
Windows Defender looks for malware and other potentially unwanted software on your PC. MAPS will send information about malware and other potentially unwanted software to Microsoft, and may also send files that could contain malware. MAPS reports include information about potential malware files, such as file names, cryptographic hash, software publisher, size, and date stamps. These URLs might occasionally contain personal information such as search terms or data entered in forms.
Reports might also include the actions you took when Windows Defender notified you that the potentially unwanted software was detected. MAPS includes this information to help Microsoft gauge how effectively Windows Defender can detect and remove malware and potentially unwanted software, and to attempt to identify new malware. Windows Defender detects changes to your PC by software that hasn’t been analyzed for risks yet. Windows Defender takes action on malware upon detection as part of its automatic remediation.
Windows Defender completes a scheduled scan and automatically takes action on software that it detects based on your settings. Basic membership reports contain the information described in this section. Advanced membership reports are more comprehensive and might occasionally contain personal information, for example, file paths and partial memory dumps.
These reports, along with reports from other Windows Defender users who are participating in MAPS, help our researchers discover new threats more rapidly. Malware definitions are then created, and these updated definitions are made available to all users through Windows Update.
The sample report is used for further analysis. If a file is likely to contain personal information, you’ll be prompted before it is sent. If Windows Update hasn’t been able to obtain updated signatures for Windows Defender for a period of time, Windows Defender will attempt to use MAPS to download signatures from an alternate download location.
To help detect and fix certain kinds of malware infections, Windows Defender regularly sends MAPS some information about the security state of your PC. A number that uniquely identifies your PC is also sent. The reports might also be used for statistical, testing, or analytical purposes, and for generating definitions.
In this case, Microsoft uses the contact information in your Microsoft account to contact you with details about the problem and how to fix it. If you choose to customize settings, you can control MAPS by selecting Get better protection from malware by sending info and files to Microsoft Active Protection Service when Windows Defender is turned on under Share info with Microsoft and other services.
The History feature provides a list of all apps on your PC that Windows Defender detects and the actions that were taken when the apps were detected. You can also view apps that Windows Defender prevents from running until you choose to remove them or allow them to run again these are called quarantined items.
The list of software that Windows Defender detects, the actions that you and other users take, and the actions that Windows Defender takes automatically are stored on your PC. All users can view the history in Windows Defender to see malware and other potentially unwanted software that has attempted to install itself or run on the PC, or that has been allowed to run by another user.
For example, if you learn about a new malware threat, you can check the History to see if Windows Defender has prevented it from infecting your PC.
Windows Error Reporting helps Microsoft and Microsoft partners diagnose problems in the software you use and provide solutions. To help prevent problems and make software more reliable, some solutions are also included in service packs and future versions of the software.
Many software products are designed to work with Windows Error Reporting. If a problem occurs in one of these products, you might be asked if you want to report it.
Windows Error Reporting collects information that is useful for diagnosing and solving a problem that has occurred, such as where the problem happened in the software or hardware, the type or severity of the problem, files that help describe the problem, basic software and hardware information, or possible software performance and compatibility problems. If you use Windows to host virtual machines, error reports sent to Microsoft might include information about virtual machines.
Windows Error Reporting also collects information about apps, drivers, and devices to help Microsoft understand and improve app and device compatibility. Information about the company that published an app or driver might be collected. If you choose to turn on automatic reporting while setting up Windows, the reporting service will automatically send basic information about where problems occur. In some cases, the reporting service will automatically send additional information to help diagnose the problem, such as a partial snapshot of PC memory.
Some error reports might unintentionally contain personal information. For example, a report that contains a snapshot of PC memory might include your name, part of a document you were working on, or data that you recently submitted to a website.
To help diagnose certain types of problems, Windows Error Reporting might create a report containing extra information, such as log files. After you send a report, the reporting service might ask you for more info about the problem that occurred. If you choose to provide your phone number or email address in this information, your error report will be personally identifiable.
Microsoft might contact you to request additional information to help solve the problem you reported. Windows Error Reporting randomly generates a number called a globally unique identifier GUID that is sent to Microsoft with every error report. Microsoft uses information about errors and problems reported by Windows users to improve Microsoft products and services, as well as third-party software and hardware designed for use with these products and services.
We use the GUID to determine how widespread the feedback we receive is and how to prioritize it. However, if you choose to provide contact information as described above, we may use this information to contact you. If you choose express settings while setting up Windows, Windows Error Reporting will automatically send basic reports to check for solutions to problems online. If you choose to customize settings, you can control Windows Error Reporting by selecting Use Windows Error Reporting to check online for solutions to problems under Check online for solutions.
For more info, see the Microsoft Error Reporting Service privacy statement. Windows File Association helps users associate file types with specific apps. Apps that are typically associated with the file name extension are displayed.
If you choose to use Windows File Association, the file name extension for example, docx or pdf and your PC display language are sent to Microsoft. When a file association is made with a particular app, a unique identifier for the app is sent to identify the default app for each file type. When you submit a file name extension, the service returns a list of the apps that Microsoft is aware of that can open files of that extension.
Unless you choose to download and install an app, no file type associations will change. When you try to open a file type without an associated app, you can choose whether to use Windows File Association. No file association information is sent to Microsoft unless you decide to use the service. Windows Online Help and Support, when turned on, allows you to get the most up-to-date help and support content available when you’re connected to the Internet. When you use Windows Online Help and Support, your help search queries are sent to Microsoft, as well as your requests for help content when a link is clicked.
Windows Online Help and Support also uses standard web technologies like cookies. Microsoft uses the information to return help topics in response to your search queries, to return the most relevant results, to develop new content, and to improve existing content.
We use cookies and other web technologies to make it easier to navigate help content and to help us better understand how users use Windows Online Help. Online Help and Support is turned on by default. To change this setting, tap or click the Settings icon at the top of the Help and Support window, and then select or clear Get online Help.
To clear the cookies used by Windows Help, open Internet Options in Control Panel, click or tap the Delete button under Browsing history , select Cookies and website data , and click or tap Delete.
HEIP sends Microsoft information about the version of Windows that your PC is running and about how you use Windows Help and Support, including queries you enter when you search Windows Help and Support and any ratings or feedback on the Help topics presented to you.
When you search, browse, or provide any ratings or feedback on the Help topics presented to you, this information will be sent to Microsoft. The data collected is used to identify trends and usage patterns so that Microsoft can improve the quality of content we provide and the relevance of our search results. We use the GUID to determine how widespread the issues we receive are and how to prioritize them. For example, the GUID allows Microsoft to distinguish between one customer experiencing an issue one hundred times and one hundred customers experiencing the same issue once.
The Help Experience Improvement Program doesn’t intentionally collect any information that could be used to personally identify you. If you choose express settings while setting up Windows, you join the Help Experience Improvement Program. If you choose to customize settings, you can control Help Experience Improvement Program settings by selecting Send Microsoft info about how I use Help, as part of the Help Experience Improvement Program under Help improve Microsoft products and services.
After setting up Windows, you can change this setting in Windows Help and Support. You can use Remote Assistance to invite someone to connect to your PC and help you with a PC problem, even if that person isn’t nearby. After connecting, the other person can view your PC. With your permission, the other person can use his or her mouse and keyboard to control your PC and show you how to fix a problem. Remote Assistance creates an encrypted connection between the two PCs over the Internet or the local network.
When someone uses Remote Assistance to connect to your PC, that person can see your desktop and any open documents, including any visible private information. In addition, if you allow the other person to control your PC with his or her mouse and keyboard, that person can do things like delete files or change settings. After a connection is made, Remote Assistance will exchange contact information including user name, PC name, and account picture.
A session log file maintains a record of all Remote Assistance connections. The information is used to establish an encrypted connection and to provide the other person access to your desktop. Before you allow someone to connect to your PC, close any open apps or documents that you don’t want the other person to see.
If at any time you feel uncomfortable about what that person is seeing or doing on your PC, press the Esc key to end the session. You can turn off session logging and contact information exchange by clearing these options in Remote Assistance settings.
Windows Search lets you search your device and the Internet from one place. Please note that there are other, separate search features on your device provided by Microsoft, such as search in the Windows Store, Internet Explorer, and other Microsoft products. If you choose to get web search results, Windows sends what you type in Windows Search to Microsoft.
To help improve search results, Windows Search also sends information to Microsoft about how you interact with the feature. Windows Search also sends an identifier to provide personalized search results based on your interactions with Bing and other Microsoft products and services.
If you sign in to Windows with a Microsoft account, the identifier will be associated with your Microsoft account. You can choose not to get personalized results in Windows Search, in which case this identifier won’t be sent.
If you allow Windows Search to use your location, the physical location of your device as provided by the Windows Location Platform will be sent to Microsoft as a part of each search request. Alternatively, we may attempt to derive your approximate physical location based on your IP address.
If you choose to use Windows Search to get web search results, we use the search term you’ve provided, your local and online search history, information associated with your Microsoft account, and the location of your device to provide relevant search suggestions, personalized search results, and personalized experiences in other Microsoft products and services.
To learn more about how your data is used, read the Bing privacy statement. When you use Windows Search to search within a third-party app, use of the information collected will be subject to the third party’s privacy practices. If you search within a Microsoft app, the app’s privacy practices will be explained in its privacy statement.
If you choose express settings when setting up Windows, you allow Windows Search to get search suggestions and web results, and you allow Microsoft to use data from Windows Search including location to personalize Windows Search and other Microsoft experiences. If you choose to customize settings, you can decide whether to change these settings for Windows Search.
After setting up Windows, you can change these settings in Search in PC settings. Clearing your search history instructs Microsoft not to use any previously collected search history to personalize search suggestions or order search results.
It doesn’t clear advertising or other personalization info including information derived from your search history , nor does it delete information that is used by Microsoft in aggregate to improve search results and other Microsoft experiences.
That information is retained and anonymized, as described in the Bing privacy statement. You can manage Microsoft advertising and other personalization info online.
The following table summarizes new features for AD DS in Windows Server R2, with a link to more detailed information where it is available. For a more detailed explanation of some features, including their requirements, see What’s New in Active Directory in Windows Server R2. The following table summarizes the new features for AD DS in Windows Server , with a link to more detailed information where it is available. To help ensure consistent and predictable restart behavior for all devices and computers in your enterprise, including those that run Windows 8 and Windows Server , you can configure the following Group Policy settings:.
The following table lists some examples of how to configure these settings to provide desired restart behavior. Error conditions can be corrected to eliminate concerns from a partially complete upgrade.
The wizard also exports a Windows PowerShell script that contains all the options that were specified during the graphical installation.
Taken together, the AD DS installation changes simplify the DC role installation process and reduce the likelihood of administrative errors, especially when you are deploying multiple domain controllers across global regions and domains. For administrators that want to control the introduction of schema changes in an Active Directory forest independent of the installation of Windows Server DCs in an existing forest, Adprep.
Beginning with Windows Server , domain controllers also have the following secure default settings, compared to domain controllers that run Windows Server or Windows For more information about system requirements and pre-installation information, see Installing Windows Server There are no additional system requirements to install a new Active Directory forest, but you should add sufficient memory to cache the contents of Active Directory database in order to improve performance for domain controllers, LDAP client requests, and Active Directory-enabled applications.
If you are upgrading an existing domain controller or adding a new domain controller to an existing forest, review the next section to ensure the server meets disk space requirements.
This section covers disk space requirements only for upgrading domain controllers from Windows Server or Windows Server R2. For more information about disk space requirements for upgrading domain controllers to earlier versions of Windows Server, see Disk space requirements for upgrading to Windows Server or Disk space requirements for upgrading to Windows Server R2. Size the disk that hosts the Active Directory database and log files in order to accommodate the custom and application-driven schema extensions, application and administrator-initiated indexes, plus space for the objects and attributes that you will be added to the directory over deployment life of the domain controller typically 5 to 8 years.
Right sizing at deployment time is typically a good investment compared to greater touch costs required to expand disk storage after deployment. On domain controllers that you plan to upgrade, make sure that the drive that hosts the Active Directory database NTDS. DIT file before you begin the operating system upgrade. If there is insufficient free disk space on the volume, the upgrade can fail and the upgrade compatibility report returns an error indicating insufficient free disk space:.
In this case, you can try an offline defragmentation of the Active Directory database to recapture additional space, and then retry the upgrade. In previous releases, Windows Server editions differed in their support of server roles, processor counts and large memory support. The Standard and Datacenter editions of Windows Server support all features and underlying hardware but vary in their virtualization rights – two virtual instances are allowed for Standard edition and unlimited virtual instances are allowed for Datacenter edition.
The following Windows client and Windows Server operating systems are supported for domain member computers with domain controllers that run Windows Server or later:. You cannot upgrade domain controllers that run Windows Server or bit versions of Windows Server To replace them, install domain controllers that run a later version of Windows Server in the domain, and then remove the domain controllers that Windows Server Note that you cannot convert a domain controller that runs an evaluation version of Windows Server directly to a retail version.
Instead, install an additional domain controller on a server that runs a retail version and remove AD DS from the domain controller that runs on the evaluation version. Due to a known issue, you cannot upgrade a domain controller that runs a Server Core installation of Windows Server R2 to a Server Core installation of Windows Server The upgrade will hang on a solid black screen late in the upgrade process. Rebooting such DCs exposes an option in boot.
An additional reboot triggers the automatic rollback to the previous operating system version. Until a solution is available, it is recommended that you install a new domain controller running a Server Core installation of Windows Server instead of in-place upgrading an existing domain controller that runs a Server Core installation of Windows Server R2. For more information, see KB article Windows Server requires a Windows Server forest functional level.
That is, before you can add a domain controller that runs Windows Server to an existing Active Directory forest, the forest functional level must be Windows Server or higher. This means that domain controllers that run Windows Server R2, Windows Server , or Windows Server can operate in the same forest, but domain controllers that run Windows Server are not supported and will block installation of a domain controller that runs Windows Server If the forest contains domain controllers running Windows Server or later but the forest functional level is still Windows , the installation is also blocked.
Windows domain controllers must be removed prior to adding Windows Server domain controllers to your forest. In this case, consider the following workflow:. The new Windows Server domain functional level enables one new feature: the KDC support for claims, compound authentication, and Kerberos armoring KDC administrative template policy has two settings Always provide claims and Fail unarmored authentication requests that require Windows Server domain functional level.
The Windows Server forest functional level does not provide any new features, but it ensures that any new domain created in the forest will automatically operate at the Windows Server domain functional level. The Windows Server domain functional level does not provide other new features beyond KDC support for claims, compound authentication, and Kerberos armoring. But it ensures that any domain controller in the domain runs Windows Server After you set the forest functional level to a certain value, you cannot roll back or lower the forest functional level, with the following exceptions: after you raise the forest functional level to Windows Server , you can lower it to Windows Server R2.
If the forest functional level is set to Windows Server R2 , it cannot be rolled back, for example, to Windows Server After you set the domain functional level to a certain value, you cannot roll back or lower the domain functional level, with the following exceptions: when you raise the domain functional level to Windows Server R2 or Windows Server , and if the forest functional level is Windows Server or lower, you have the option of rolling the domain functional level back to Windows Server or Windows Server R2.
If the domain functional level is set to Windows Server R2 , it cannot be rolled back, for example, to Windows Server Beyond functional levels, a domain controller that runs Windows Server provides additional features that are not available on a domain controller that runs an earlier version of Windows Server.
For example, a domain controller that runs Windows Server can be used for virtual domain controller cloning, whereas a domain controller that runs an earlier version of Windows Server cannot. But virtual domain controller cloning and virtual domain controller safeguards in Windows Server do not have any functional level requirements.
Microsoft Exchange Server requires a forest functional level of Windows server or higher. AD DS cannot be installed on a server that also runs the following server roles or role services:. Though they are not operations master roles, another change in AD DS installation is that DNS server role and the global catalog are installed by default on all domain controllers that run Windows Server Improvements in AD DS beginning in Windows Server enable safer virtualization of domain controllers and the ability to clone domain controllers.
Cloning domain controllers in turn enables rapid deployment of additional domain controllers in a new domain and other benefits. The following table covers common Active Directory-integrated Microsoft applications. The table covers what versions of Windows Server that the applications can be installed on and whether the introduction of Windows Server DCs affects application compatibility. Configuration Manager Configuration Manager Service Pack 1: Microsoft will add the following operating systems to our client support matrix with the release of Service Pack 1: – Windows 8 Pro – Windows 8 Enterprise – Windows Server Standard – Windows Server Datacenter All site server roles – including site servers, SMS providers, and management points – can be deployed to servers with the following operating system editions: – Windows Server Standard – Windows Server Datacenter Microsoft Endpoint Configuration Manager current branch Supported operating systems for Configuration Manager site system servers.
It cannot be run on a Server Core installation. It can be run on virtual servers. Lync Server Lync Server can be installed on a new not upgraded installation Windows Server if October cumulative updates for Lync Server are installed. Upgrading the operating system to Windows Server for an existing installation of Lync Server is not supported. Windows Server Update Services 3. Exchange Windows Server Standard and Datacenter are supported for the following roles: schema master, global catalog server, domain controller, mailbox and client access server role Forest Functional Level: Windows Server or higher Source: Exchange System Requirements Exchange Source: Exchange Service Pack 3 Exchange with Service Pack 3 can be installed on Windows Server member servers.
Exchange System Requirements lists the latest supported schema master, global catalog and domain controller as Windows Server R2. Skip to main content. This browser is no longer supported. Download Microsoft Edge More info. Table of contents Exit focus mode. Table of contents. Note Microsoft Exchange Server requires a forest functional level of Windows server or higher. Note Though they are not operations master roles, another change in AD DS installation is that DNS server role and the global catalog are installed by default on all domain controllers that run Windows Server Submit and view feedback for This product This page.
View all page feedback. In this article. Workplace Join.
Here you can also learn about the latest tools we provide to access and control your data and how to contact us if you have a privacy inquiry. Uses of information. These highlights of the full Windows 8. They focus on online features and aren’t intended to be an exhaustive description. They don’t apply to other online or offline Microsoft sites, products, or services. Statement , which is the full Windows 8. Features supplement , which describes the features that have privacy impact in Windows 8.
Apps supplement , which describes the apps that have privacy impact in Windows 8. Server supplement , which describes the additional features that have privacy impact in Windows Server R2. For more information on how to help protect your PC, your personal information, and your family online, visit our Safety and Security Center. Certain Windows features may ask you for permission to collect or use information from your PC, including personal information.
Windows uses this information as outlined in the full Windows 8. Windows requires activation to reduce software piracy and help ensure that our customers receive the software quality they expect. Activation sends some information about your PC to Microsoft. If you choose to sign in to Windows with a Microsoft account, Windows will sync your settings across devices and automatically sign you in to some apps and websites. Windows does not require you to sign in with a Microsoft account to access third-party email or social network services, but if that third party offers an app through the Store, you must sign in to the Store with a Microsoft account to install the app.
Additional details. Windows offers you a variety of ways to control how Windows features transfer information over the Internet. More information about how to control these features is in the Features Supplement , Apps Supplement and the Server Supplement. To help improve your experience, some features that use the Internet are turned on by default.
We use the information collected to enable the features you’re using or provide the services you request. We also use it to improve our products and services. In order to help provide our services, we occasionally provide information to other companies that work on our behalf.
Only companies who have a business need to use the information are provided access to them. These companies are required to keep this information confidential and are prohibited from using it for any other purpose. For more information about our privacy practices, go to the full Windows 8. Or, you can write to us using our web form. Collection and use of your information. Collection and use of information about your computer. Security of your information. Changes to this privacy statement.
For more information. Internet Explorer Microsoft Error Reporting Service. Microsoft Online. Windows Media Center.
Windows Media Player. Windows 7. Windows Server Essentials. This statement covers Windows 8. Certain Windows components have their own privacy statements, which are also listed on this page. Privacy statements for software and services related to Windows and for prior releases are also listed there. For information about specific features, please refer to the Features supplement , the Apps supplement , and the Server supplement. This is a statement that focuses on features that communicate with the Internet and isn’t intended to be an exhaustive list.
The personal information we collect from you will be used by Microsoft and its controlled subsidiaries and affiliates to enable the features you use and provide the services or carry out the transactions you have requested or authorized. The information may also be used to analyze and improve Microsoft products and services.
Except as described in this statement, personal information you provide won’t be transferred to third parties without your consent. We occasionally hire other companies to provide limited services on our behalf, such as for performing statistical analysis of our services.
We will only provide those companies the personal information they need to deliver the service, and they are prohibited from using that information for any other purpose. Microsoft may access or disclose information about you, including the content of your communications, in order to: a comply with the law or respond to lawful requests or legal process; b protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the software; or c act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public.
Information collected by or sent to Microsoft by Windows 8. Microsoft abides by the safe harbor framework as set forth by the U. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland.
When you use software with Internet enabled features, information about your computer “standard computer information” is sent to the websites you visit and online services you use. Standard computer information typically includes information such as your IP address, operating system version, browser version, and regional and language settings. In some cases, it may also include a hardware ID, which indicates the device manufacturer, device name, and version.
If a particular feature or service sends information to Microsoft, standard computer information will be sent as well. The privacy details for each Windows feature in the Features Supplement, the Apps Supplement, and the Server Supplement, and the features listed elsewhere on this page, describe what additional information is collected and how it is used.
Administrators can use Group Policy to modify many of the settings for the features described here. For more information, see this white paper for administrators. Microsoft is committed to helping protect the security of your information. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use, or disclosure.
For example, we store the information you provide on computer systems with limited access, which are located in controlled facilities. When we transmit highly confidential information such as a credit card number or password over the Internet, we protect it through the use of encryption, such as the Secure Socket Layer SSL protocol. We will occasionally update this privacy statement to reflect changes in our products, services, and customer feedback.
When we post changes, we will revise the “last updated” date at the top of this statement. If there are material changes to this statement or in how Microsoft will use your personal information, we will notify you either by posting a notice of such changes prior to implementing the change or by directly sending you a notification. We encourage you to periodically review this statement to be informed of how Microsoft is protecting your information. Microsoft welcomes your comments regarding this privacy statement.
If you have questions about this statement, or believe that we haven’t adhered to it, you can write to us using our web form. BitLocker Drive Encryption. Device discovery and setup. Ease of Access Center. Handwriting personalization—automatic learning. Internet connection sharing. Language preferences. Manage your credentials. Name and account picture. Notifications, lock screen apps, and tile updates. Prefetching and Prelaunching.
Program Compatibility Assistant. Remote Access connections. RemoteApp and Desktop Connections. Remote Desktop connection. Sign in with a Microsoft account.
OneDrive cloud storage. Update Root Certificates. Virtual Private Networking. Windows Defender. Windows Error Reporting. Windows File Association. Windows Help. Remote Assistance. Windows Search. Windows Setup. Windows Share. Windows SmartScreen. Windows Speech Recognition. Windows Store.
