1)  Installing GPO ADMX Templates for Google Chrome  http://woshub.com/how-to-configure-google-chrome-via-group-policies/  2)  Deep dive ingesting third-party ADMX-files  https://www.petervanderwoude.nl/post/deep-dive-ingesting-third-party-admx-files/     3)  https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider  ADMX files that have been installed by using ConfigOperations/ADMXInstall can later be deleted by using the URI delete operation.  Deleting an ADMX file will delete the ADMX file from disk, remove the metadata from the ADMXdefault registry hive,   and delete all the policies that were set from the file.   The MDM server can also delete all ADMX policies that are tied   to a particular app by calling delete on the URI, ./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/{AppName}.     4)  Set Chrome Browser policies on managed PCs  https://support.google.com/chrome/a/answer/9102677?hl=en      ./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~Startup/ShowHomeButton  check chrome policy     chrome://policy/     ./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Chrome/Policy/ChromeADMX  ./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome/SitePerProcess  ./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~Startup/ShowHomeButton  新しいタブ ページ  Chrome – ADMX – HomepageIsNewTabPage  ./Device/Vendor/MSFT/Policy/Config/Chrome~Policy~googlechrome~Startup/HomepageIsNewTabPage  <disabled/>  5) MMAT tool  6) ADMX Backed Policies — Quick(ish) Reference Guide https://medium.com/365uc/admx-backed-policies-quick-ish-reference-guide-69ddb3ee39b2 7) Policy Tree https://gpsearch.azurewebsites.net/  

https://www.isunshare.com/windows-10/change-network-from-public-to-private-in-windows-10.html

リスト⇒リスト設定⇒詳細設定⇒リストの表示⇒クラシック表示

eventvwr.msc Application and Services Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider

https://www.petervanderwoude.nl/post/deep-dive-configuring-windows-10-admx-backed-policies/ https://www.petervanderwoude.nl/post/allow-users-to-connect-remotely-to-this-computer-via-windows-10-mdm-admx-style/

1) Azure Portal https://portal.azure.com/ 2) Azure DeviceManagement https://devicemanagement.microsoft.com 3) O365 Admin https://admin.microsoft.com/ 4) GoogleEn https://www.google.com/?hl=en 5) GoogleCn https://www.google.com/?hl=zh 6) GoogleJp https://www.google.co.jp 7)defender ATP https://securitycenter.windows.com/ 8)MCAS Microsoft cloud app security https://XXXXX.portal.cloudappsecurity.com/ 9)exchange admin https://outlook.office365.com/ecp/ 10)businessstore https://businessstore.microsoft.com/ja-jp/store?signin= https://www.windows-noob.com/forums/topic/15670-how-can-i-integrate-microsoft-store-for-business-with-intune-in-azure/ 11)AIP ADD Label  https://docs.microsoft.com/en-us/azure/information-protection/quickstart-label-specificusers 12)Microsoft 365 コンプライアンス https://compliance.microsoft.com/homepage 13)How to modify the reports and create custom queries Central reporting for Azure Information Protection https://docs.microsoft.com/en-us/azure/information-protection/reports-aip 14)the difference between Data Loss Prevention (DLP), Azure Information Protection, Information Rights Permission (IMP), and Azure Rights Management (Azure RMS)  https://social.technet.microsoft.com/Forums/en-US/2410f357-8c85-4253-b526-f8d78aa2f680/need-help-understanding-the-difference-between-data-loss-prevention-dlp-azure-information?forum=onlineservicessharepoint Data Loss Prevention (DLP) can be used to create Policies that identify sensitive information, like Social Security Numbers, credit card numbers, etc, included in documents stored in SharePoint online or sent as text in Exchange.  The Policies can also be setup to notify the user that the content is there and potentially block access to the file or decline to send the email. Azure Information Protection (AIP) can be used to create Tags that are embedded into documents specifying the sensitivity of the information in the document.  Tags can be applied manually or automatically.  Embedded Tags can then be queried by other systems to control how documents are retained, stored, or shared.

1) Use PowerShell scripts on Windows 10 devices in Intune https://docs.microsoft.com/en-us/intune/apps/intune-management-extension 2) System Center 2012 R2 Configuration Manager Toolkit https://www.microsoft.com/en-us/download/details.aspx?id=50012 3) intune logs  C:\ProgramData\Microsoft\IntuneManagementExtension\Logs tool -> CMTrace System Center 2012 R2 Configuration Manager Toolkit https://www.microsoft.com/en-us/download/details.aspx?id=50012 4) change auth tel no azureportal -> ad user management -> 認証方法 ->  「他の認証の連絡先情報を管理します アクセス パネル プロファイル」-> 追加のセキュリティ確認 5) Excel「データを貼り付けできません。」の原因5つと解決策【最新版】 https://it-purasu.info/excel/data_haritukedekimasen.html 原因④：オブジェクトの表示設定 Excelでは、オブジェクトの「表示/非表示」の設定が可能。 しかも、それが「Ctrl」 + 「6」でも出来てしまうため、誤って「非表示」にしてしまう方も多いです。 まず[挿入] タブを開き、以下のとおりグレーアウトしていることを確認して下さい。 6)WIX NOTE https://wix-tutorial-ja.github.io/ch04/01-checking-for-oldies.html 7) Use Intune Policy CSP manage Windows 10 settings – Internet Explorer Site to Zone Assignment List http://thesccm.com/use-intune-policy-csp-manage-windows-10-settings-internet-explorer-site-to-zone-assignment-list/ 8) When looking to the Local Group Policy Editor the settings can be found in the following locations:   OS settings: Computer Configuration/Administrative Templates   Application settings: User Configuration/Administrative Templates With this functionality, you can use the shipped ADMX policy files  located at %SystemRoot%\policydefinitions or you can ingest ADMX files through the Policy CSP.  https://www.vroege.biz/?p=3124 9) Policy CSP  -> The Policy configuration service provider https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider Policy scope is the level at which a policy can be configured. Some policies can only be configured at the device level, meaning the policy will take effect independent of who is logged into the device. Other policies can be configured at the user level, meaning the policy will only take effect for that user. The allowed scope of a specific policy is represented below its table of supported Windows editions. To configure a policy under a specific scope (user vs. device), please use the following paths: User scope: ./User/Vendor/MSFT/Policy/Config/AreaName/PolicyName to configure the policy. ./User/Vendor/MSFT/Policy/Result/AreaName/PolicyName to get the result. Device scope: ./Device/Vendor/MSFT/Policy/Config/AreaName/PolicyName to configure the policy. ./Device/Vendor/MSFT/Policy/Result/AreaName/PolicyName to get the result.…

从下面的网页中安装3205084补丁 https://support.microsoft.com/en-us/help/3142345/microsoft-dynamics-365-onpremise-cumulative-updates

参考：1、https://community.dynamics.com/crm/b/crmviking/archive/2016/02/03/backup-and-restore-strategies-for-crm-2016 　　　２、https://www.cnblogs.com/fengwenit/p/3991686.html 1、如何备份原有系统的 LicenseKey： 在 MSCRM_CONFIG 数据库中查询： SELECT NVarCharColumn FROM [MSCRM_CONFIG].[dbo].[ConfigSettingsProperties] WHERE ColumnName = 'LicenseKeyV8RTM' 参考：https://crmbusiness.wordpress.com/2012/05/30/crm-2011-getting-the-crm-license-from-the-database/ 2、SQL Server 2017 不再支持在域控制器上安装 Reporting Service，请分离安装，或更换为更低版本（SQL Server 2014 可安装）。

　　本文介绍怎样用Windows Installer数据库表编辑器Orca自由定制MSI安装文件，以突破MSI文件中对系统版本的限制。 　　很多时候，某些常见的应用程序并不能安装在服务器版本的操作系统下，而是必须使用相应的版本才行。此时一些有经验的朋友就会对安装文件进行修改，使它能够安装在多种版本的系统下。对于EXE格式的文件，可以使用eXeScope、ResHacker等资源编辑工具进行修改，但是该如何处理MSI格式的文件呢？这时可以利用微软官方提供的Windows Installer数据库表编辑器Orca来帮忙解决问题。 　　Orca安装之后即可使用。例如这里使用Orca打开Windows Live Messenger 9.0的安装程序MsnMsgs.msi(图1)，“LaunchCondition”表限制了对操作系统的版本要求，选中“LaunchCondition”表，然后在右侧窗格中右击选择“删除行”即可将其删除，或者也可以手工更改“Condition”列的版本号。 　　图1 　　如果你懒得在安装程序时手工输入序列号，也可以直接集成至安装文件中，仍然使用Orca打开相应的MSI格式安装文件，定位至“Control”表，在右侧窗格中选择“Control”列(图2)，找到“SerialNumber”或“ProductKey”项，然后单击其对应的“Text”值，将原来的字符更换为对应的安装密钥，以后安装时就不再需要输入序列号了。 　　图2 　　其实，很多EXE格式的安装程序，也会在安装过程中自动抽取出MSI格式的文件，我们可以在系统临时文件夹中找到，感兴趣的朋友不妨一试。 　　小知识：什么是MSI文件 　　MSI 文件实际上是一个数据库，包含安装一种软件所需要的信息和在很多安装情形下安装(和卸载)程序所需的指令和数据。MSI文件将程序的组成文件与功能关联起来。此外，它还包含有关安装过程本身的信息:如安装序列、目标文件夹路径、系统依赖项、安装选项和控制安装过程的属性。