From 18a836504c1eb7e817fb78df1d7c59e6d700d3f4 Mon Sep 17 00:00:00 2001
From: Justin Hall <Justinha@microsoft.com>
Date: Thu, 25 May 2017 16:59:11 -0700
Subject: [PATCH] revised reg info

---
 ...ccess-restrict-clients-allowed-to-make-remote-sam-calls.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/device-security/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md b/windows/device-security/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
index 616901b8c3..11165f07b9 100644
--- a/windows/device-security/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
+++ b/windows/device-security/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
@@ -97,8 +97,8 @@ Audit only mode configures the SAMRPC protocol to do the access check against th
 
 |Registry|Details|
 |---|---|
-|Path|HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa|
-|Setting|RestrictRemoteSamAuditOnlyMode|
+|Path|`HKEY_LOCAL_MACHINE|SYSTEM|CurrentControlSet|Control|Lsa`|
+|Setting|`RestrictRemoteSamAuditOnlyMode`|
 |Data Type|REG_DWORD|
 |Value|1|
 |Notes|This setting cannot be added or removed by using predefined Group Policy settings. <br> Administrators may create a custom policy to set the registry value if needed. <br>                               SAM responds dynamically to changes in this registry value without a reboot. <br> You can use the [Events 16962 - 16969 Reader](https://gallery.technet.microsoft.com/Events-16962-16969-Reader-2eae5f1d) script to parse the event logs, as explained in the next section.|